Loading

Prevent Lightning Sync Oauth 2.0 authentication errors

Дата публикации: Oct 13, 2022
Описание

Symptoms

  • Occasionally when configuring Lightning Sync to authenticate using Oauth 2.0 for Exchange existing cookies can cause problems.
  • You could see a 400 error or similar after selecting the "Accept" prompt when logged into Office 365.
  • If you check the browser address bar when the error occurs you may see a URL similar to 'https://mydomainname.my.salesforce.com/services/activedirectory/oauth_admin_consent_callback.'  
  • This may be because your browser is having problems passing the needed authentication call across domains.

Notes: 

  • When attempting to authenticate Lightning Sync via the Oauth method, if the Single Sign-on flow is using https://domain.my.salesforce.com/?login, the Oauth redirect will fail.
  • This failure occurs after authorizing Salesforce access to Exchange or Office 365.
  • A 400 bad request Http error will be presented to the User upon this failure.
  • Single Sign-on flow must use the following URL for Lightning Sync Oauth to complete successfully: https://domain.my.salesforce.com/


 

Решение


Best practices for cookie and security issues

 

1. Logout out of all Salesforce organizations and Office 365 before attempting authentication.
2. Clear all cookies in the browser or set the browser to 'Private Browsing,' 'Incognito mode,' or any setting that doesn't check existing cookies. Then try to authenticate again.
3. Adjust browser trusted sites or exception settings to contain 'login.salesforce.com.'
4. If above steps do not help, then try lowering security settings in your browser temporarily before authentication. You can then return your security settings to their defaults after the Oauth 2.0 authentication has completed.

Номер статьи базы знаний

000383056

 
Загрузка
Salesforce Help | Article