Salesforce Credentials - "Bug" with code challenge

Describe the problem/error/question

While creating Salesforce OAuth2 credentials - the pop up screen states an error.

image945×235 7.67 KB

What is the error message (if any)?

Error: Insufficient parameters for OAuth2 callback.
More details
Received following query parameters: {"error":"invalid_request","error_description":"missing required code challenge"}
Failed to connect. The window can be closed now.

Please share your workflow

Not necessary - since it is about credentials.

Solution

It looks like Salesforce switched to an additional parameter.

Not working Call

https://test.salesforce.com/services/oauth2/authorize?
client_id=[clientID]&
redirect_uri=https://test.salesforce.com/services/oauth2/success&
response_type=code

Working Call

https://test.salesforce.com/services/oauth2/authorize?
client_id=[clientID]&
redirect_uri=https://test.salesforce.com/services/oauth2/success&
response_type=code&code_challenge=[base64url encoded clientSecret]

Information on your n8n setup

• **n8n version: 1.11.1
• **Database (default: SQLite):SQLite
• **n8n EXECUTIONS_PROCESS setting (default: own, main): default
• **Running n8n via (Docker, npm, n8n cloud, desktop app): docker
• **Operating system: linux

Investigating the PKCE option for the connected app in Salesforce. Maybe its default was “off” and it is now “on” by default. In any case - I think its best practice to use it.

Yep - I can confirm the theory. The PKCE is turned on - you can turn it off and the “default process” is working again.

image717×423 12.1 KB

Hey @Manuel,

That is a good spot, I have created NODE-873 as our internal ticket to add PKCE to the credential. For now as a temporary solution I might add this to our documentation until we have updated the credential and made sure it doesn’t break anything.

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.