Oauth Refresh Token invalidated on password change
Hi,
When a user changes their password and chooses to "Terminate all active web and mobile application sessions." this appears to invalidate the refresh token however the App is still listed in Connected Apps. As a developer how can I get a new refresh token without requiring the CRM user to re-authenticate with our v2 app as it is already showing as connected in Connected Apps?
The process is:
- User authenticates with V2 API app.
- V2 app is working fine with the refresh token retrieved
- User changes password and checks "Terminate all active web and mobile application sessions."
- V2 app starts getting errors that the refresh token is invalid however the v2 app is still listed under Connected Apps.
Thanks.
Topic Participants
squirrel_m
Affan Mohammed
Sticky Posts
Deprecation of SMS-based multi-factor authentication (MFA) mode
Overview of SMS-based OTP MFA mode The SMS-based OTP MFA method involves the delivery of a one-time password to a user's mobile phone via SMS. The user receives the OTP on their mobile phone and enters it to sign into their account. SMS-based OTPs offer