Fixing Authorization Errors

Sometimes when connecting a salesforce organization for the first time, a couple of settings need to be tweaked such that Blue Canvas can function properly. Below you'll find a handful of things to check to get your branch up and running.

Connected Apps OAuth Settings

1. From setup, enter "oauth" in the quick find box and then click "Connected Apps Oauth Usage"
2. On the right, under "bluecanvas.io" click "Install". If it's already installed, click "Manage App Policies".
3. Click "Edit Policies" and you should see a screen like this.

• Ensure under "Permitted Users" you have "All users may self-authorize" selected.
• Ensure under "IP Relaxation" you have "Relax IP Restrictions".
• Then click "Save"

OAuth User-Agent Flows

1. From setup, enter "oauth" in the quick find box and then click "OAuth and OpenID Connect Settings"
2. Make sure "Allow OAuth User-Agent Flows" is "On"

Ensure Connected Profile Has Correct Permissions

1. From the quick find box enter "profiles" and then click on "Profiles".
2. Select the profile of the user you're trying to connect with. It's highly recommended you use a user with "System Administrator" privileges.
3. Click "Edit".
4. Ensure "Modify All Data" and "Modify Metadata Through Metadata API Functions" are both checked.

Session Settings

1. From the quick find box enter "Session Settings" and then click on "Session Settings"
2. Ensure the "Timeout Value" is 2 hours or longer
3. Ensure "Lock sessions to the IP address from which they originated" is unchecked
4. Ensure "Lock sessions to the domain in which they were first used" is unchecked
5. Ensure "Enforce login IP ranges on every request" is unchecked
6. Finally, be sure to click "Save" at the very bottom of the page