Loading

Prevent Lightning Sync Oauth 2.0 authentication errors

Data pubblicazione: Oct 13, 2022
Descrizione

Symptoms

  • Occasionally when configuring Lightning Sync to authenticate using Oauth 2.0 for Exchange existing cookies can cause problems.
  • You could see a 400 error or similar after selecting the "Accept" prompt when logged into Office 365.
  • If you check the browser address bar when the error occurs you may see a URL similar to 'https://mydomainname.my.salesforce.com/services/activedirectory/oauth_admin_consent_callback.'  
  • This may be because your browser is having problems passing the needed authentication call across domains.

Notes: 

  • When attempting to authenticate Lightning Sync via the Oauth method, if the Single Sign-on flow is using https://domain.my.salesforce.com/?login, the Oauth redirect will fail.
  • This failure occurs after authorizing Salesforce access to Exchange or Office 365.
  • A 400 bad request Http error will be presented to the User upon this failure.
  • Single Sign-on flow must use the following URL for Lightning Sync Oauth to complete successfully: https://domain.my.salesforce.com/


 

Risoluzione


Best practices for cookie and security issues

 

1. Logout out of all Salesforce organizations and Office 365 before attempting authentication.
2. Clear all cookies in the browser or set the browser to 'Private Browsing,' 'Incognito mode,' or any setting that doesn't check existing cookies. Then try to authenticate again.
3. Adjust browser trusted sites or exception settings to contain 'login.salesforce.com.'
4. If above steps do not help, then try lowering security settings in your browser temporarily before authentication. You can then return your security settings to their defaults after the Oauth 2.0 authentication has completed.

Numero articolo Knowledge

000383056

 
Caricamento
Salesforce Help | Article