Loading

Prevent Lightning Sync Oauth 2.0 authentication errors

Veröffentlichungsdatum: May 28, 2026
Beschreibung

Note: Lightning Sync has been replaced by Einstein Activity Capture (EAC) Sync. If you are setting up a new sync configuration, refer to the Einstein Activity Capture documentation. This article applies to orgs still using the legacy Lightning Sync feature.

Symptoms

Occasionally, when configuring Lightning Sync to authenticate using OAuth 2.0 for Microsoft Exchange, existing browser cookies can cause problems. You may experience:

  • A 400 HTTP error or similar error after selecting the "Accept" prompt when logged into Office 365.
  • A browser address bar URL similar to: `<REDACTED>
  • These errors may occur because the browser is having problems passing the needed authentication call across domains.

Important Notes on Single Sign-On (SSO) URL Requirements

When authenticating Lightning Sync via the OAuth method, the Single Sign-On (SSO) flow URL matters:

  • Incorrect URL (will fail): ` — The OAuth redirect will fail after authorizing Salesforce access to Exchange or Office 365, and a 400 Bad Request HTTP error is presented.
  • Correct URL (required): ` — The SSO flow must use this URL for Lightning Sync OAuth authentication to complete successfully.
Lösung

The following best practices help resolve OAuth 2.0 authentication errors in Lightning Sync caused by existing browser cookies or security settings conflicting with the cross-domain authentication redirect.

Best Practices for Cookie and Security Issues

  1. Log out of all Salesforce organizations and Office 365 before attempting authentication.
  2. Clear all cookies in the browser, or use Private Browsing / Incognito mode to prevent existing cookies from interfering. Then attempt authentication again.
  3. Adjust browser trusted sites or exception settings to include login.salesforce.com.
  4. If the above steps do not resolve the issue, temporarily lower the browser's security settings before authenticating. Return the security settings to their defaults after OAuth 2.0 authentication has completed successfully.
Nummer des Knowledge-Artikels

000383056

 
Laden
Salesforce Help | Article