不支持的赠款类型Salesforce OAUTH2 [英] Unsupported Grant Type Salesforce OAUTH2

问题描述

我正在使用VBA在Salesforce中获得授权，然后最终希望运行Salesforce报表并将结果转储到Excel中.我已经编写了以下文件来处理授权，但是却收到unsupported_grant_type错误.到目前为止，我拥有的代码:

I am using VBA to get authorization in Salesforce and then ultimately want to run a Salesforce report and dump the results in Excel. I have written the following to handle the authorization, but I am getting an unsupported_grant_type error. The code I have so far:

Dim XMLHTTP As New MSXML2.XMLHTTP60
Dim username As String
Dim password As String
Dim PasswordnUsername As String
Dim argumentString As String

username = "myUsername"
password = "myPassword"

PasswordnUsername = password & ":" & username

argumentString = "?grant_type=password&" & _ 
                "client_id=abc123&" & _
                "client_secret=123abc&" & _
                "username=" & username & "&password=" & password
MsgBox (argumentString)

Set XMLHTTP = CreateObject("MSXML2.XMLHTTP.6.0")
XMLHTTP.Open "POST", "https://mysalesforce.com/services/oauth2/token", False

XMLHTTP.setRequestHeader "content-type", "application/x-www-form-urlencoded"
XMLHTTP.setRequestHeader "Authorization", "basic " + Base64Encode(PasswordnUsername)

XMLHTTP.send (argumentString)

MsgBox (XMLHTTP.responseText)

当我打印XMLHTTP.responseText时，这是报告unsupported_grant_type的地方.

When I print XMLHTTP.responseText, this is where the unsupported_grant_type is reported.

任何帮助将不胜感激.预先感谢.

Any help would be appreciated. Thanks in advance.

T

推荐答案

您正在使用用户名密码流" . URL中的所有参数，而不显示弹出窗口，让用户直接向SF输入其凭据(理想情况下，如果存在用户交互而不是后端系统互相交谈，则应使用

You're using "Username-password flow". All params in the URL, without displaying a popup letting user type his credentials straight to SF (ideally if there's user interaction rather than backend systems talking to each other you're supposed to use another OAuth flow so your app doesn't handle passwords, can't leak them).

故障排除:

1. 确保您的请求中的username已编码.至少要放%40而不是@.如果您的尝试甚至没有出现在用户的登录历史记录中-用户名错误/编码错误.
2. 您可能还需要将安全令牌也静默地附加到密码上(再次查看用户的登录历史，也许有失败:需要API安全令牌").
3. 如果使用设置->我的域功能，请检查是否允许从通用login.salesforce.com登录.也许您的组织禁用了它，仅允许品牌登录域(也将影响API访问).也许您的管理员只允许从某些IP登录...
4. 您也无需添加Authorization: Basic +用户名&传递此调用，将其传递到POST的有效负载中就足够了.

1. Make sure username in your request is encoded. At very least put %40 instead of @. If your attempt doesn't even show up in user's login history - wrong / incorrectly encoded username.
2. You might need the security token also silently appended to the password (again, look into user's login history, maybe there's "Failed: API security token required").
3. If you use Setup -> My Domain feature, check whether you're allowed to log in from generic login.salesforce.com. Maybe your organisation disabled it and allows only the branded login domain (will impact API access too). Or maybe your admins allow logging in only from certain IPs...
4. Also you don't need to add Authorization: Basic + username & pass in this call, you pass it in POST's payload and that's enough.

如果您有邮递员，curl，SoapUI或类似的客户端-在直接跳到VBA之前可能会有所帮助?

If you have Postman, curl, SoapUI or any client like that - might help before jumping straight to VBA?

这对我有用(带有Content-Type: application/x-www-form-urlencoded标头)

This works for me (with Content-Type: application/x-www-form-urlencoded header)

这篇关于不支持的赠款类型Salesforce OAUTH2的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！