Question

How does one troubleshoot OAuth token refresh issues on FME Server?

  • 31 July 2017
  • 3 replies
  • 24 views

We have a service published on FME Server that uses an OAuth Web Connection (to Salesforce). The Web Connection is published to FME Server, and has been "authorized for use" from the FME Server Admin UI.

Our service works fine for a few hours - presumably the lifetime of the authorization token. But then it starts failing with "unauthorized" errors, which are immediately resolved if someone logs into the FME Server Web interface and again Authorizes the web connection.

It's as though the token refresh process never runs.

Is there any way to troubleshoot this on FME Server (e.g. some sort of debug/verbose logging on the fmeoauth service)?


3 replies

Badge +11
I'm not familiar with how the OAuth Web Connections are logged, but I'm going to setup an FME Server 2017.1 environment to see if it can be determined.

 

 

There are a few questions that may help anyone else looking at this too..

 

  • What version and build of FME Server are you using?
  • How often does the workspace run?
  • Is it invoked via Schedule, REST API endpoints, or within the Web UI?
  • Is Salesforce the only Web Connection you have created? Does this occur with any other web service?
Badge +2
Hi @neilhellas

 

 

Can you confirm from your salesforce account that the timeouts from FME Server are the same as the timeouts specified from your Salesforce account?

 

There is an fmeoauth.log file that you could possibly see if that contained any information. This is under logs > service > current in the FME Server resources.
Userlevel 3
Badge +13

After August 5, Salesforce no longer supports TLS 1.0. Not sure if this has any bearing. We also noted that the Connected App "FME Salesforce" needed to be authorized on the Salesforce side, with the refresh token policy appropriately set. We can set this to "Refresh token is valid until access revoked", but the more proper way to do this would be to set a timeout interval, and have the web connection request request a new refresh token when needed.

@RylanAtSafe @jlutherthomas @neilhellasIf we attempt to authenticate a web connection to Salesforce.com now we get a 400 error indicating invalid grant type.

T

Reply