Bi-directional synchronization issue: Authorization header

Problem

After installation, you cannot get Salesforce to update any data in Salesforce for any objects or if you are seeing the following issue:

Failed getting a request token. HTTP Code = 400. Message: Bad Request. Response Body: oauth_problem=parameter_absent&oauth_parameters_absent=oauth_consumer_key

Pre-Condition

You've confirmed the following

When updating a record in Salesforce, it is successfully added to the Magento Queue
Magento Queue is automatically being processed and you can see status of records being changed
All records have "Success" message before they are removed from the Queue
You see the following error in salesforce logs sf-trace-0.0.log file

2015-10-22T19:18:08+00:00 DEBUG (7): ========== Sync from Salesforce Start ==========
2015-10-22T19:18:08+00:00 DEBUG (7): ERROR: Authentication failed!
2015-10-22T19:18:08+00:00 DEBUG (7): ERROR: Authorization invalid, possible attack!

Solution

You server might be stripping out "Authorization" header from the request. You need to make sure Authorization header is not stripped out from the HTTPS request

Apache Configuration File (Example)

....

# For ELB SSL offloading

SetEnvIf X-Forwarded-Proto https HTTPS=on

SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1

ProxyPassMatch ....

Make sure the "Authorization" line is above the ProxyPassMatch for fcgi

Integration with Salesforce

Bi-directional synchronization issue: Authorization header

Problem

Pre-Condition

Solution

Related articles

Related content