This is a follow up of the question:
Does SFDX jwt authorization work for scratch orgs as well?
We need to obtain a jsForce connection towards the Scratch Org. After we have created, we select the AuthCode from ScratchOrgInfo and we build the loginUrl from the ActiveScratchOrg as so https://${SignupInstance}.salesforce.com
return new jsforce.Connection({
instanceUrl: loginUrl,
clientId: : clientId,
clientSecret : clientSecret,
redirectUri: "http://localhost:1717/OauthRedirect",
accessToken: AuthCode,
version: '40.0',
})
using the same clientId we use to perform the jwt auth grant on the DevHub, and the matching clientSecret taken from the DevHub Org. We verified that:
- our ScratchOrgInfo field ConnectedAppConsumerKey matches the clientId
- the ConnectedAppCallbackUrl matches the redirectUri in the login
Still, we get
invalid_grant: authentication failure
What are we missing to get the authentication succeed? Also, if the organization has been created some time ago, we notice that we would instead get
invalid_grant: expired authorization code.
One additional strategy we tried was to use the sfdx-cli node package to get the result of force:org:list --json --verbose and pass the accessToken, and now the error is different:
invalid_grant: expired access/refresh token
