OAuth 2.0 JWT Bearer Token Flow

I’m trying to perform the OAuth 2.0 JWT Bearer Token Flow: https://help.salesforce.com/HTViewHelpDoc?id=remoteaccess_oauth_jwt_flow.htm&language=en_US

But I’m having this issue:

{"error_description":"user hasn't approved this consumer","error":"invalid_grant"}

This is the code I’m using:

var request = require('request');
var jwt = require('jsonwebtoken');

var key = require('fs').readFileSync('./privateKey.key', 'utf8');

var options = {
    issuer: '3MVG9A2kN3Bn17hvVNDOE5GX8c_l4BSYiFZIf01ha45mFeHA7C.sZB1W6mg2jFTBVrgfCVUwfrqKrlsuQIoCa',
    audience: 'https://login.salesforce.com',
    expiresInMinutes: 3,
    algorithm:'RS256'
}

var token = jwt.sign({ prn: 'user@email.com'}, key, options)

var post = {
    uri: 'https://login.salesforce.com/services/oauth2/token',
    form: {
        'grant_type': 'urn:ietf:params:oauth:grant-type:jwt-bearer',
        'assertion':  token
    },
    method: 'post'
}

console.log(post);

request(post, function(err, res, body) {
    console.log(err);
    console.log(res.statusCode);
    console.log(body);
});

Answer

You need to authorize the application for once with the “authorize url”. You don’t have to make the redirect_uri work.

Authorize url:

https://login.salesforce.com/services/oauth2/authorize?client_id=[client_id]&redirect_uri=[redirect_url]&response_type=code

Attribution
Source : Link , Question Author : Leandro A. Boffi , Answer Author : hoozecn

Leave a Comment