Reputation: 479
Can you force a refresh token to expire in Salesforce?
I have an application that uses Salesforce services using a Remote Access Application. This is working fine so far.
However, my understanding is that even a refresh token will eventually expire, and I believe will return the following as part of a 404 (?):
"error_description":"expired access/refresh token"
My question is this: What is the best practice to test this scenario? I obviously know that the normal refresh token flow is working fine, but how do I appropriately test the negative result?
Upvotes: 3
Views: 3335
Answers (2)
Reputation: 1743
Go To the Setup and search for the apps ->Go to the connected apps under the managed apps ->select your app, there you can see the edit policies ->click on edit policies -> check for the refresh token policies under OAuth policies
Upvotes: 0
Reputation: 19040
You can login to the web interface and goto setup -> my personal information. one of the related lists on this page is called remote access, here you can see what refresh tokens have been issues, and revoke any of them.
Upvotes: 3
Related Questions
- Lifetime of access and refresh tokens
- How to specify refresh tokens lifespan in Keycloak
- How can you force expire a salesforce access token?
- Salesforce Refresh Token OAuth
- How to update expiry time of refresh-token without generating new refresh token in spring security?
- Can I expire access token in OAuth2.0 in 30 mins?
- Does OAuth 2.0 refresh token expires at all?
- Implementing OAuth Refresh Tokens that never expire
- Oauth 2.0 refresh token expiration
- how to refresh or revoke OAuth2.0 access/refresh_token, when no refresh token available?