OAuth error oauth_problem=token_rejected


When accessing content provided by the other application via an application link, you are prompted to authenticate, even though you have already authenticated in the past.

The following appears in the application log:




  • Two applications are connected together using Application Links
  • The authentication method used is OAuth
  • One of the application is using OAuth 2LO with "Execute As" via Incoming authentication.


The user has established an OAuth authentication token before, however on the remote the token is missing. This can be because of:

  1. The user has manually revoked the OAuth token at the other end
  2. The Application Link OAuth configuration was changed at the other end, triggering all OAuth tokens to be removed

After this warning appears once, the token will be discarded and the user will be prompted to re-authenticate, so besides the inconvenience, this should not cause any further problems. 

  • If you use 2-Legged OAuth (2LO) with an "Execute As" user, you are encountering the bug -  APL-1310 - Getting issue details... STATUS
  • If you use 2-Legged OAuth (2LO) with an Impersonation, you shouldn't get the warning message.


  • Re-authenticate to get a new token. This should happen the next time an application requires user authorization.

Last modified on Jul 11, 2016

Was this helpful?

Provide feedback about this article
Powered by Confluence and Scroll Viewport.