Available in: Axsy Mobile for Salesforce, Autumn '24 edition and later


Problem

If you see, while attempting to publish a new Axsy sync config (with the default option to generate metadata enabled), either a INVALID_SESSION_ID or a 401 error, as shown in the examples below, this may be due to one or more Salesforce configuration settings that that block API calls made by the IP address of the Axsy Mobile app that are different to that of your logged in user.




You may be able to resolve the above issue with simple Salesforce configuration changes or you may need to configure a new connected app, auth provider and named credentials.


Note: When publishing Axsy sync configs with the default Create Metadata? option enabled your user must have access to the Salesforce Tooling API, via the View Setup & Configuration permission in Salesforce. See our related article details. 



Resolutions

Resolution 1: Salesforce Org Session Settings

  • Navigate to SetupSession Settings and uncheck Lock sessions to the IP address from which they originated.



Resolution 2: User Profile Session Setting

If you are still unable to publish your config this may be due to a further Salesforce configuration setting associated with multi-factor authentication (MFA) and login security levels.

  • Navigate to SetupProfiles ➔ Select the relevant profile, e.g., System Administrator Session Settings and set Session Security Level Required at Login to None. Previously the setting would have been High Assurance which blocks the publication of the Axsy sync config.


Resolution 3: Connected App / Auth Provider / Named Credentials


Note: This resolution is supported in Axsy Autumn '24 and later editions.


Resolution 3 will allow publication of your Axsy sync config if either resolutions 1 and / or 2 above do not solve your problem or you do not want to use these resolutions (even temporarily) due to security reasons.


Note: Resolution 3 does not downgrade your org security and If you implement Resolution 3 you do not need to also apply Resolutions 1 and / or 2.



Step 1 – Create a Connected App

In this step we will create a connected app that will make API calls to a component in the Axsy Mobile for Salesforce managed package.

  • Navigate to Setup  Apps App Manager and click the New Connected App button
  • Click Create a Connected App and click Continue as shown below:


  • Provide the following configuration details:


SettingConfiguration
Connected App NameAxsyApexAPI
API NameAxsyApexAPI
Contact EmailYour email address
Enable OAuth SettingsChecked
Callback URLAny temporary URL (we will change this later)
Selected OAuth ScopesFull access (full) and
Perform requests at any time (refresh_token, offline_access)
All Other SettingsLeave default values unchanged


  • Your configuration will look like the example below:


    Save your changes and click Continue on the advisory screen that follows, see example below:



  • Navigate to Setup ➔ Apps App Manager ➔ Click View on AxsyApexAPI from the list of apps
  • Click on the Manage Consumer Details button and copy the Consumer Key and the Consumer Secret.


Step 2 – Create an Auth Provider

In this step we will create an Auth. Provider. This authentication provider will be used later to facilitate authentication in your org.

  • Navigate to Setup ➔ Identity  Auth. Providers
  • Click the New button
  • Provide the following configuration details:

SettingConfiguration
Provider TypeSalesforce
NameAxsyApexAPI
URL SuffixAxsyApexAPI
Consumer KeyYour consumer key from Step 1
Consumer SecretYour consumer secret from Step 1
Default Scopesfull refresh_token offline_access
All Other SettingsLeave default values unchanged


  • Your configuration will look like the example below:


  • Click Save.
  • For your newly created Auth. Provider, open it from the list of Auth. Providers and copy the Callback URL as shown below:


  • Navigate via Setup Apps ➔ App Manager click on Edit for AxsyApexAPI from the list and update the Callback URL copied above as shown below:


  • Click Save and Continue on the following screen.

Step 3 - Create a Named Credential

  • From Setup Security Named Credentials  Click New Legacy (via the drop down arrow next to the New button)
  • Provide the following configuration details:

Setting

Configuration
LabelAxsyApexAPI
NameAxsyApexAPI
URLYour org instance URL
Identity TypeNamed Principal
Authentication ProtocolOAuth 2.0
Authentication ProviderAxsyApexAPI
Scopefull refresh_token offline_access
Allow Merge Fields in HTTP BodyChecked


  • Your configuration will look like the example below:


  • Click Save.
  • Log back into your org
  • Accept the Allow Access screen, similar to the example below:



  • Confirm via Setup  Security  Named Credentials that your user is setup as a Named Credential user similar to the example below:


You may now publish your Axsy sync config.