Issue with using OAuth token in REST API

I implemented the OAuth integration with my external app. Created a Remote Access(Connected App) configuration with a callback url (https://mysite.com/oauthcallback). Here I received the call back with a “code=xyz…”. I made a http post with the following params to https:/login.salesforce.com/services/oauth2/token

"code":code
"grant_type", "authorization_code"
"client_id", "XYZ..."
"client_secret", "123..."
"redirect_uri", "https:/mysite.com/oauthcallback"

for which I received the following response from sfdc

"issued_at": "1375365820732",
 "scope": "refresh_token",
 "access_token": "00Dabc..!ABC...",
 "refresh_token": "abc...",
 "signature": "XYZ..."

I use the refresh token and fetch the access token or for time being use the access_token I get here for the following REST API
https:/naxx.salesforce.com/services/data/v28.0/sobjects/Account/accountId
and set the header as
Authorization: Bearer

This returns me invalid session ID.
Also tried the following options
Authorization: OAuth
X_SFDC_Session:

The Remote access(Connected App) has the access for “Refresh_Token”, “API”, Full Access” 🙂
I end up with the same error. Can someone help me on this.

Answer

http://help.salesforce.com/apex/HTViewHelpDoc?id=connected_app_create.htm&language=en_US

reading this awesome article from sfdc its very clearly mentioned that ” full does not return a refresh token. You must explicitly request the refresh_token scope to get a refresh token“.

hence a refresh_token access is also needed .

Attribution
Source : Link , Question Author : Sundar , Answer Author : Mohith Shrivastava

Leave a Comment