Salesforce Spoke OAuth 1.0 – Access and Refresh Tokens Tied to Different Users?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
a week ago - last edited a week ago
I’m looking for confirmation on how Salesforce Spoke OAuth 1.0 credentials are stored and associated in ServiceNow.
Observation / statement to validate:
For Salesforce Spoke OAuth 1.0, the Access Token and Refresh Token exist as separate records and may be associated to different user values, so no single user record contains the full token pair.
What I’m seeing:
For the same credential name (Salesforce Spoke OAuth.1), there are two OAuth-related records:
One Refresh Token tied to one user
One Access Token tied to a different user
Both records:
Share the same credential name
Are current and recently updated
Differ only by token type and user association
(Screenshot attached for reference.)
Questions:
Is this an expected design for the Salesforce Spoke OAuth 1.0 implementation?
Is the user field here more of an execution/context marker (e.g., MID Server or system user) rather than true token ownership?
At runtime, does ServiceNow internally resolve these into a valid token pair even though they are stored under different users?
I want to confirm whether this is normal platform behavior or something that warrants further investigation.
Thanks for any insight.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
a week ago
Hi @lonesoac01 ,
In our system , I observed the same . Not for all Saleforce profile but for 2 sales force profile.
Mid server one created by Discovery user.
Till your connection is working , Do not worry on that.
