Salesforce Authentication Failing

Question

I am trying to use OAuth authentication to get the Salesforce Authentication Token, so I referred wiki docs, but after getting an authorization code, when I make a Post request with 5 required parameters, I'm getting the following exception

{"error":"invalid_grant","error_description":"authentication failure"} CODE 400

JSON = {"error":"invalid_grant","error_description":"authentication failure"}

which is I guess a bad request.

PostMethod post = new PostMethod("https://login.salesforce.com/services/oauth2/token");

post.addParameter("code",##############);

post.addParameter("grant_type","authorization_code");

post.addParameter("redirect_uri","#################");  

post.addParameter("client_id",this.client_id);

post.addParameter("client_secret",this.client_secret);

httpclient.executeMethod(post);

String responseBody = post.getResponseBodyAsString();

System.out.println(responseBody+" CODE "+post.getStatusCode());

Kindly reply, if exception is known?

Answer 1

Hey, even I had the same issue. 

Check your Connected App settings which are under Selected OAuth Scopes, you may require to change the selected permissions. My app originally uses Chatter, so I had to add both of these:

• Access and manage your Chatter feed (chatter_api)
• Perform requests on your behalf at any time (refresh_token).

Again, your mileage may differ but try various combinations of permissions based on what your Application does/needs.

Additionally, the actual invalid_grant the error seems to occur due to IP restrictions. Assure that the server's IP address that is operating the OAuth authentication code is allowed. I figured out that if the SFDC environment has IP restriction setting Enforce IP restrictions set (Setup -> Administer -> Manage Apps -> Connected Apps), then each User Profile needs to have an allowed IP addresses as well.