Salesforce Scope

Hey there, wanted a raise a query regarding salesforce authentication. While connecting salesforce account through Salesforce OAuth2Api, the scopes getting passed show up as ‘full+refresh token’ while in the documentation only refresh token and offline access is needed.

Below is the auth endpoint which is hit by n8n to authenticate the salesforce account.

“data”: “https://login.salesforce.com/services/oauth2/authorize?client_id=“clientId”&redirect_uri=“callback”&response_type=code&state=“state”&scope=full+refresh_token

And, kudos on making such an amazing tool :slight_smile:

Hey @Yash_Khatri,

Salesforce require the full scope if you want your application to have access to all the data accessible by the logged in user and it includes all other scopes. This scope does not include a refresh token so you need to include refresh_token as well. The offline_access scope whill allow the app to interact with the users data while the user is “offline” whatever that actually means :slight_smile:

The docs we follow are here: Help And Training Community

Did you find an issue with the full scope or is there a concern around using it?

3 Likes

Hey @Jon. There are no issues as of now regarding the full scope as it works perfectly with it. I was just concerned as it wasn’t mentioned in the documentation. But if n8n requires full then it surely makes sense. Thank you for your reply!

2 Likes

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.