Print this page

Removing prefix from access token will not result in an error but Removing last characters from access token will result in Invalid_Session ID Error

Knowledge Article Number 000233275
Description If you are trying to modify the Access token, you would be able to login by removing some characters of access token from prefix(characters of organization id).
Login will fail with error: 'Invalid_Session ID'  when you try to remove some characters from the end part.

Example:
00D2XXXXXXXXXX!AQIAQAj7n9VZvR.KUl4sw89Y7jNGfeVDofGv6fAlVJ1oyK3vtolLilQ0hiPY58rABkaXXXXXXXXXXXXXXXXXXXXTKp6xP
If we remove characters from prefix "00D" from access token, the call is still successful.
If we remove characters from  suffix "TKp6xP" the call fails.
Resolution Access token contains 2 types of information:
1. The information present before exclamation point which is a routing hint. It can be removed and we can successfully login without that information.
2. The information after the exclamation point in Access token is the actual token and we have to use that information as is with out modifying anything in it.





promote demote