Riva Insight Server: Authentication Error When Using Login With Salesforce

  • Updated

Applies to Riva Insight On-Premise Server when using Login with Salesforce.

Issue

Upon loading Riva Insight in Outlook, any of the following error messages may appear:
 

HTTP_STATUS_BAD_REQUEST 

400 Bad Request

Unable to connect to Riva Insight

kb 2227.png

Potential Causes

  1. When using Login with Salesforce, there may be incorrect Client ID, Client Secret, or callback URL values defined. 
     
  2. When using a sandbox, or a custom domain, there may be an incorrect value for CustomDomainAuthUrl in the \Insight\webConnectionStrings file. 

Solution

To verify the app's callback URL:

  1. In Salesforce, as an admin, navigate to Setup. In the Quick Find box, search for App Manager. Locate the app used to connect Insight, then select View from the drop-down list on the right. This will bring you to Manage Connected Apps.

  2. Select the Manage Consumer Details button, which will open a new window. Enter your Salesforce administrator account credentials if required.

  3. Copy the Consumer Key (Client ID) and Consumer Secret (Client Secret) into a secure location.

  4. Under API (Enable OAuth Settings), check the Callback URL. Ensure that it is present and spelled correctly, with lowercase letters only.

  5. If necessary, click Edit to enter the correct Callback URL.

    Example: https://{servername}/{insightappname}/salesforce-oauth
                     https://insight.mycorp.com/insight/salesforce-oauth

  6. On the Riva Insight Server, check that the \Insight\webConnectionStrings.config file has the correct credentials in the following format:

     

    <add name="Insight.Auth.Salesforce.Oauth" connectionString="Key=YOUR-KEY-HERE;Secret=YOUR-SECRET-HERE;CallBackUrl=#InsightURL#/salesforce-oauth;CustomDomainAuthUrl=https://login.salesforce.com"/>



    Compare the Key and Secret values here to those copied from Manage Consumer Details in Salesforce, and update them if necessary.

    Note: There is no need to change #InsightURL#, because it is dynamically set.

  • If you are using a sandbox, update CustomDomainAuthUrl to https://test.salesforce.com;
  • If you are using a custom domain, update CustomDomainAuthUrl to the correct URL for that domain.
If using a custom domain, ensure the URL you were provided and will be adding is in the form: 
 https://{mydomainname}.my.salesforce.com or
 https://{mydomainname}.my.site.com/{communitysite}/login

 

To ensure you have the correct login url:

  1. Add ".well-known/auth-configuration" to the end of your Salesforce url. For example: 
    • https://{mydomainname}.my.salesforce.com.well-known/auth-configuration or
    • https://{mydomainname}.my.site.com/{mycommunitysite}/.well-known/auth-configuration
  2. Find "LoginPageUrl" on the page that is displayed, and update your "CustomDomainAuthUrl" with the value exactly as provided.
  3. Refer to Salesforce Auth Configuration Endpoint for more information

Was this article helpful?

/