Access Token Expiring Early for Client Credentials Grant Type

I am obtaining a Client Credentials access token to call the Query for Conversation Details API. I have set the token expiration to 24 hours, and the token is issued with a 24-hour expiration. However, the token occasionally expires early, sometimes after only 10 hours.

Here is an example:

  • "expiryDate": "2024-11-27T17:30:36.9621875Z"
  • "UtilizedDate": "Wed, 27 Nov 2024 07:21:22 GMT"

This is the error message returned...

{
"message": "Invalid login credentials.",
"code": "bad.credentials",
"status": 401,
"contextId": "f81ce0c8-61da-4955-b808-fcc72a7207f6",
"details": [],
"errors": []
}

A well-formed application must be able to handle expired tokens and should automatically get a new token when this happens. If you require an investigation for this, please open a case with Care.

Regarding this

A well-formed application must be able to handle expired tokens and should automatically get a new token when this happens

Are you referring to Verify user token before utilizing the token.

No, I'm referring to this:

Your app should handle this 401 and get a new token at that time, then retry the request with the new token. Making an additional API request to check the status of the token is redundant and will cut your rate limit in half. You'll get the same 401 from any API endpoint whenever your token is invalid.

It would be ok to have a timer in your app that proactively gets a new token a few minutes before the expected expiration, but otherwise doing anything proactive to validate the token isn't necessary and your app should simply be responsive to handling failure conditions.

@tim.smith @Eos_Rios
Is the issue due to HIPAA Enabled in the org

@Dileepkaranki We don't have access to your org's data via the forum. Please open a case with Care for further investigation.

Probably a long-shot, but have you checked what value is returned by GET /api/v2/tokens/timeout ?

FYI @tim.smith
Case is raised and we understand the issue. The bottleneck is in our .net method to get token which is causing the issue. Previously it was not asynchronous and when we changed to asynchronous the issue is triggered and when the load is high on the application.

This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.