Can you force a refresh token to expire in Salesforce?

Question

I have an application that uses Salesforce services using a Remote Access Application. This is working fine so far.

However, my understanding is that even a refresh token will eventually expire, and I believe will return the following as part of a 404 (?):

"error_description":"expired access/refresh token"

My question is this: What is the best practice to test this scenario? I obviously know that the normal refresh token flow is working fine, but how do I appropriately test the negative result?

Answer 1

You can log in to the web interface and goto setup -> my personal information. one of the related lists on this page is called remote access, here you can see what refresh tokens have been issued, and revoke any of them.

To learn in-depth about Workflow in Salesforce, sign up for an industry based Salesforce administrator certification.