[SalesForce] How to determine the correct ‘audience’ and ‘uri’ when using OAuth 2.0 JSON Web Token (JWT) Bearer Token Flow

I have correctly been able to use "OAuth 2.0 Web Server Authentication Flow" and now I'd like to switch to "OAuth 2.0 JWT Bearer Token Flow".

I wrote a test application in Node.js with the values two values:

audience: 'https://instance.salesforce.com'

and

uri: 'https://instance.salesforce.com/services/oauth2/token'

The response that is coming back is stating:

null
400
{"error":"invalid_grant","error_description":"audience is invalid"}

Also, when I look at the Salesforce Dashboard Login History, I can see "Failed: Audience Invalid".

The question I have is, how do I determine the correct 'audience' and 'uri' value. At the moment, I am using the sandbox.

Best Answer

You only need audience for the oauth 2.0 JWT bearer token flow and for the salesforce sandbox the value is always https://test.salesforce.com .

You don't need uri for this flow .The below document is a great resource for this

https://help.salesforce.com/articleView?id=remoteaccess_oauth_jwt_flow.htm&type=5

Related Topic