In AgilePoint NX if you want to connect your process diagram or form to Salesforce, you are required to create an access token for Salesforce where you would specify the Client ID and Client Secret which is obtained from a Connected App created in Salesforce.
Please refer to the following URL for details on how to create access token for Salesforce
Salesforce Access Token – Configuration
However if you see a symptom that after running for few hrs the access token stops working, you might want to check the AgilePoint server error log at the following location “C:\Program Files\AgilePoint\AgilePointServerInstance\log\error”
Note: If you installed AgilePoint in a different drive or different location, please select the log file under corresponding installation folder. Check if you see following error in the log file
StartRenewableEntry(), exception caught. System.InvalidOperationException: <AgilePointServerException>Exception Response Body {“error”:”invalid_grant”,”error_description”:”expired access/refresh token”}
Header Name:Strict-Transport-Security, Value :max-age=31536000; includeSubDomains
Header Name:Pragma, Value :no-cache
Header Name:Transfer-Encoding, Value :chunked
Header Name:Cache-Control, Value :no-cache, no-store
Header Name:Content-Type, Value :application/json;charset=UTF-8
Header Name:Date, Value :Wed, 25 Jan 2017 03:23:00 GMT
Header Name:Expires, Value :Thu, 01 Jan 1970 00:00:00 GMT
Header Name:Set-Cookie, Value :BrowserId=TRn1TnLuTzWBdWtQrgWO0g;Path=/;Domain=.salesforce.com;Expires=Sun, 26-Mar-2017 03:23:00 GMT</AgilePointServerException> —> System.Exception: Exception Response Body {“error”:”invalid_grant”,”error_description”:”expired access/refresh token”}
Header Name:Strict-Transport-Security, Value :max-age=31536000; includeSubDomains
Header Name:Pragma, Value :no-cache
Header Name:Transfer-Encoding, Value :chunked
Header Name:Cache-Control, Value :no-cache, no-store
Header Name:Content-Type, Value :application/json;charset=UTF-8
Header Name:Date, Value :Wed, 25 Jan 2017 03:23:00 GMT
Header Name:Expires, Value :Thu, 01 Jan 1970 00:00:00 GMT
Header Name:Set-Cookie, Value :BrowserId=TRn1TnLuTzWBdWtQrgWO0g;Path=/;Domain=.salesforce.com;Expires=Sun, 26-Mar-2017 03:23:00 GMT
at Ascentn.Workflow.Base.ChatterAccessTokenSDT.GetRefreshAccessToken()
at cu.w(String A_0)
at ak.RenewAppSettingEntry(String entryID)
— End of inner exception stack trace —
at ak.a(Exception A_0)
at ak.RenewAppSettingEntry(String entryID)
at e.a(IWFAPI A_0, String A_1, Int32 A_2)
If you see the above error, this is due to missing OAuth2 scope in the Salesforce Connected App. It is a common misconception that just giving “Full Control” scope would give you all other permissions as well. However that is not the case. It does not give you permission to obtain refresh token which will help you keep connection alive by auto renewing it.
Following permissions are required to be given to connected app in Salesforce before it is used in access token in AgilePoint NX
- Full Control
- Perform request on your behalf at anytime (refresh_token, offline_access)
If the second permission is missing, it will result in no refresh token being issued alongwith OAuth2 access token and hence it will expire after a fixed time hence resulting in the error.
Here is a screenshot of OAuth2 scopes to be assigned while creating access token