I have callouts that use a
Named Credentialand a
Custom Oauth2 Auth Providerfail with this error response:
Invalid parameter value “[hidden]” for parameter “Decryption
A similar error is sometimes shown when I resave the Named Credential
Unable to Access Page The value of the “Decryption Exception”
parameter contains a character that is not allowed or the value
exceeds the maximum allowed length. Remove the character from the
parameter value or reduce the value length and resubmit. If the error
still persists, report it to our Customer Support team. Provide the
URL of the page you were requesting as well as any other related
When I simulate the Oauth Flow and Callout in Postman it always works. I’m quite sure this is a Platform bug.
The root cause was that the
Access Token returned by our own Keycloak AuthServer returned was too complex, lengthy. Salesforce is currently not able to handle it. This was assessed and confirmed by Salesforce.com. They just used https://jwt.io/ to decyper one of our acccess tokens an saw a lot of useless stuff in there.
By reducing access_token size (remove useless waste) we could fix the problem.
Besides that, the team at Salesforce responsible for Named Credentials will try to allow longer access tokens from Spring ’20 on. #SafeHarbor