1. Reltio Support
  2. Knowledge Base
  3. Auth

Resolving "Invalid Refresh Token" and "Invalid Access Token" Errors During Daily Load Operations

denorgil.dixson
Updated

Problem

When performing daily load operations, users may encounter the following errors:

  • "Invalid refresh token" error in Postman when attempting to refresh the access token using the same refresh token.
  • "Invalid access token" error, which may occur instead of the refresh token error.

Both errors prevent the successful completion of daily loads, leading to interruptions in automated processes.

 

Root Cause

The most common cause for these errors is the use of the same refresh token and access token across different IP addresses. This can happen when requests are routed through different locations, and requesters typically don’t have control over this routing mechanism.

 

Solution

To resolve the "Invalid refresh token" or "Invalid access token" error, follow these steps:

  1. Revoke the Refresh Token:
    • Use the Revoke API to revoke the refresh token before its 28-day expiration window closes. This ensures that the refresh token is invalidated, allowing the system to generate a new one if needed.
  2. Understand Token Expiration:
    • Access tokens typically last at least 450 seconds. If an access token expires before this period, it will not use the refresh token to get a new one, leading to expiration errors.
    • If the access token's lifespan is shorter than expected, you may need to address the root cause of the token expiration issue. In most cases, ensure your system’s token expiration policy is set correctly.

Steps to Revoke the Refresh Token:

  1. Access the API Endpoint:
    • Make sure you have the correct API endpoint for revoking the refresh token. Typically, this will be an HTTP request to your authorization server’s revoke endpoint.
  2. Execute the Revoke Command:
    • Use the Revoke API by sending a request to the endpoint, specifying the refresh token you want to revoke.
    • Example:                             
POST https://your-auth-server.com/revoke Content-Type: application/x-www-form-urlencoded token=YOUR_REFRESH_TOKEN 

 

  1. Verify Token Expiry:

    After revoking the refresh token, confirm that the access token expires correctly and that any subsequent requests using the refresh token will prompt the system to generate a new one.

  2. Test the Daily Load Operation:

    Perform a test by rerunning your daily load operation to ensure that the error no longer occurs, and the refresh token is successfully used.

Important Notes:

  • Access Token Expiry: As mentioned earlier, if an access token is shorter than 450 seconds, it will not use the refresh token to generate a new access token. Make sure that your access token settings are aligned with your system’s requirements.
  • IP Address Consideration: If your requests are routed through multiple IP addresses, check your load balancer or network settings to ensure that tokens are consistently sent from the same location to avoid issues.

Product Version Compatibility:

  • This solution applies to versions 1.2 and above of the [Your Product Name]. Ensure your version is up to date for compatibility.
Was this article helpful?
0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.

Articles in this section

See more