I'm using this:
https://login.salesforce.com/services/oauth2/authorize?response_type=token&client_id=3MVG99qusVZJwhsnpw0Ov62MLLZLjNIZatabRXwIxuPnXlOwwS2tHJuZ_D1LcGuOpo5ZfFn6POz_re1f2iUQU&redirect_uri=https://login.salesforce.com/services/oauth2/success
Which gets redirected to (upon success):
https://login.salesforce.com/services/oauth2/success#access_token=ACTUALTOKENREMOVED&instance_url=https%3A%2F%2Findeni.my.salesforce.com&id=https%3A%2F%2Flogin.salesforce.com%2Fid%2F00Db0000000IC0yEAG%2F005b0000000hBMsAAM&issued_at=1433271628862&signature=1Il90AbUNRIy4%2Bfewvb5f7A%2Fahe0PSDJ%2BhS%2B8g53XqI%3D&scope=api&token_type=Bearer
As you can see, the redirected URL doesn't contain the refresh_token specified here:
https://developer.salesforce.com/docs/atlas.en-us.api_rest.meta/api_rest/intro_understanding_web_server_oauth_flow.htm
What am I missing?
Best Answer
I think you need to specify the scope, like this:
Specifically, this:
(This is what I use, and it works)