<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeKnowledge Base
Salesforce API OAuth Error "Could not verify Salesforce administrator credentials" in Okta
Apr 15, 2026
Okta Integration Network
Okta Classic Engine
Okta Identity Engine
Overview

After re-authenticating the OAuth Consumer Key and OAuth Consumer Secret in the Provisioning tab of the Salesforce integration, an error appears in the Okta dashboard:

Could not verify the Salesforce administrator credentials

General error 

 

Provisioning tab

Applies To
  • Salesforce
  • Provisioning
  • OAuth Consumer Key
  • OAuth Consumer Secret
  • Okta Classic Engine
  • Okta Identity Engine (OIE)
Cause

This error can be caused by:

  • OAuth Consumer Key and/or OAuth Consumer Secret values are incorrect.
    • OAuth Consumer Key and Secret may have trailing spaces for the values.
  • The account that created the OAuth Consumer Key and/or OAuth Consumer Secret no longer has the correct permissions.
  • The account that created the OAuth Consumer Key and/or OAuth Consumer Secret is no longer active.
  • The OAuth app created in Salesforce is not configured correctly.
    • Require Secret for Refresh Token Flow needs to be enabled
    • All users who may self-authorize need to be selected from Setup > Manage Apps > Connected Apps > {{Connected App Name}} > OAuth Policies > Permitted Users.
  • The following correct OAuth scopes are not selected:
    • Manage user data via APIs (api)
    • Perform requests at any time (refresh_token, offline_access)
  • Specific Salesforce editions require the API feature to be purchased (Professional Edition; this information is subject to change and needs to be verified with Salesforce). 
  • The Single Sign-On (SSO) portion of the Integration is not configured correctly.
  • The Require Proof Key for Code Exchange (PKCE) Extension for Supported Authorization Flows option is enabled within the Salesforce Connected App OAuth settings.

Session Settings

  • The Lock sessions to the IP address from which they originated option is enabled within the Salesforce Session Settings.
Solution

Please follow the video or the steps below:

 

  1. Generate new OAuth Consumer Key/OAuth Consumer Secret values.
  2. The OAuth app created in Salesforce must use the proper OAuth scopes and Profile type.
  3. Open an Incognito tab and redo the OAuth authentication flow for the Salesforce app in Okta. Use the same Salesforce account that created the connected OAuth app and generated the OAuth Consumer Key/OAuth Consumer Secret values to reauthenticate the Provisioning connector in Okta. 

NOTE: Ensure that copying and pasting do not have any trailing spaces.

 

Manage Connected Apps

Profiles

 

Related References

Recommended content

Still looking for help?
Loading
Salesforce API OAuth Error "Could not verify Salesforce administrator credentials" in Okta