question

grant-botma avatar image
grant-botma asked Phong Vu commented

Why am I getting 'OAU-213: Token Not Found' when refresh token has not expired?

We built an application that syncs with clients' CRMs and sends automated text messages from their sales campaigns. New clients are asked to log in and obtain an OAuth Token via Authorization Code Flow. We have a scheduled task that sends an automated text message for any user whose refresh token will expire within two days in order to ensure that users don't have to log in once a week and obtain a new token. This works most of the time, but every so often one of the tokens that we have cached and encrypted fails to refresh when we send the automated text that is supposed to obtain a new token. The error we've been getting for these instances has been an 'OAU-213: Token Not Found'.


Can you provide any insight as to why this might be happening? The most recent instance of this occurred this evening (Thursday) for a user whose refresh token isn't set to expire until Saturday.

authentication
1 |3000

Up to 8 attachments (including images) can be used with a maximum of 1.0 MiB each and 10.0 MiB total.

Tyler Liu avatar image
Tyler Liu answered
We have a scheduled task that sends an automated text message for any user whose refresh token will expire within two days in order to ensure that users don't have to log in once a week and obtain a new token.
Could you please elaborate?  Which programming language are you using? Which API endpoint are you invoking in order to refresh the token?  I feel confused by "sends an automated text message  ... to obtain a new token"
1 |3000

Up to 8 attachments (including images) can be used with a maximum of 1.0 MiB each and 10.0 MiB total.

grant-botma avatar image
grant-botma answered
Which programming language are you using?
Ruby, RoR app using the unofficial Ring Central Ruby SDK:  https://github.com/ringcentral-ruby/ringcentral-sdk-ruby

Which API endpoint are you invoking in order to refresh the token?
SMS message endpoint. From what I can tell, the Ruby SDK doesn't have a method that explicitly performs a token refresh. The Faraday client that the Ruby SDK uses automatically refreshes the token when a message is sent, so we have a rake task scheduled that sends out an automated text message when a user's refresh token is about to expire in order to obtain a new token. 

The user for whom the 'OAU-213: Token Not Found' error occurred when this automated text was being sent out. I pulled the data for his OAuth 2 token, and the refresh token is not set to expire until Saturday, so I'm confused as to why we're getting this error. Does this make sense?

1 |3000

Up to 8 attachments (including images) can be used with a maximum of 1.0 MiB each and 10.0 MiB total.

Tyler Liu avatar image
Tyler Liu answered Phong Vu commented

OK, there are 3 possible reasons:

1. Each user could have no more than 5 active tokens. If a user login 6 times in different processes, the first login token will be invalidated.

2. Token could be saved into the database and shared among processes. A token was refreshed somewhere (maybe in another process) but you forgot to save the new token. Old token was expired immediately after the refresh.

3. There is a bug on the RingCentral API Server side.

If you believe #3 is the root cause, please send the exception together with timestamp and stacktrace to the developer support team on a support ticket.

5 comments
1 |3000

Up to 8 attachments (including images) can be used with a maximum of 1.0 MiB each and 10.0 MiB total.

John Wang avatar image John Wang ♦♦ commented ·
Another reason this can happen is if you use a token against a different environment from which is was created, e.g. if you create the token on production and use it in sandbox:


0 Likes 0 ·
Adithya PK avatar image Adithya PK John Wang ♦♦ commented ·

In my case, I am pretty sure 1 and 2 are not the case.

I have tested with POSTMAN and there are no specific steps to reproduce this error. It is occurring very sporadically. It is definitely a bug on RingCentral API Server side.


In 2, you said "Old token was expired immediately after the refresh". It is not the case. It is still valid. After spending more than 3 hours I couldn't find when exactly this error could happen and it is not documented clearly anywhere :(


@Tyler Liu Sometimes, using freshly fetched refresh token is also giving this error.

0 Likes 0 ·
Philip Manavopoulos avatar image Philip Manavopoulos commented ·

Sorry to dig up an old thread, but is there any way of getting a notification/alert/webhook if the 1st scenario happens?

I'm having a similar experience as described, and I'm positive it's not #2, since it's all taken care of well with locks/mutex.

But since it's customers connecting their RingCentral account to my service, I have no way of knowing or controlling how many active tokens they may or may not have for other services.

For some extra context, I've been looking at my logs, and it just seems completely random that the tokens vanished. The tokens hadn't just been refreshed (chance of a race condition or having been updated), the access token started failing, and the refreshing is also failing now.

Thanks!

0 Likes 0 ·
Philip Manavopoulos avatar image Philip Manavopoulos Philip Manavopoulos commented ·

I've just had this happen on the 3rd account in the last 15 hours, after it not happening in a long time.

0 Likes 0 ·
Phong Vu avatar image Phong Vu ♦♦ Philip Manavopoulos commented ·

This is less common and could be because of your way of handling access token or just a particular case on an extension/account. I recommend you for such a scenario, open a support ticket and give more details about the background, app info and the account info so they can help to track it down.

0 Likes 0 ·
alex-mcritchie7074 avatar image
alex-mcritchie7074 answered
Thank you Tyler.  Reason 1 was exactly the issue we were having.
1 |3000

Up to 8 attachments (including images) can be used with a maximum of 1.0 MiB each and 10.0 MiB total.

Anirban avatar image
Anirban answered

Another condition I like to add is when a valid token is revoked using revoke API (reference) it shows the error message token not found. Since the token is already revoked, it will generate that message

1 |3000

Up to 8 attachments (including images) can be used with a maximum of 1.0 MiB each and 10.0 MiB total.

Developer sandbox tools

Using the RingCentral Phone for Desktop, you can dial or receive test calls, send and receive test SMS or Fax messages in your sandbox environment.

Download RingCentral Phone for Desktop:

Tip: switch to the "sandbox mode" before logging in the app:

  • On MacOS: press "fn + command + f2" keys
  • On Windows: press "Ctrl + F2" keys