Question

Why am I getting 'OAU-213: Token Not Found' when refresh token has not expired?

  • 21 April 2017
  • 6 replies
  • 4576 views

We built an application that syncs with clients' CRMs and sends automated text messages from their sales campaigns. New clients are asked to log in and obtain an OAuth Token via Authorization Code Flow. We have a scheduled task that sends an automated text message for any user whose refresh token will expire within two days in order to ensure that users don't have to log in once a week and obtain a new token. This works most of the time, but every so often one of the tokens that we have cached and encrypted fails to refresh when we send the automated text that is supposed to obtain a new token. The error we've been getting for these instances has been an 'OAU-213: Token Not Found'.


Can you provide any insight as to why this might be happening? The most recent instance of this occurred this evening (Thursday) for a user whose refresh token isn't set to expire until Saturday.


6 replies

We have a scheduled task that sends an automated text message for any user whose refresh token will expire within two days in order to ensure that users don't have to log in once a week and obtain a new token.
Could you please elaborate?  Which programming language are you using? Which API endpoint are you invoking in order to refresh the token?  I feel confused by "sends an automated text message  ... to obtain a new token"
Which programming language are you using?
Ruby, RoR app using the unofficial Ring Central Ruby SDK: https://github.com/ringcentral-ruby/ringcentral-sdk-ruby

Which API endpoint are you invoking in order to refresh the token?
SMS message endpoint. From what I can tell, the Ruby SDK doesn't have a method that explicitly performs a token refresh. The Faraday client that the Ruby SDK uses automatically refreshes the token when a message is sent, so we have a rake task scheduled that sends out an automated text message when a user's refresh token is about to expire in order to obtain a new token. 

The user for whom the 'OAU-213: Token Not Found' error occurred when this automated text was being sent out. I pulled the data for his OAuth 2 token, and the refresh token is not set to expire until Saturday, so I'm confused as to why we're getting this error. Does this make sense?

OK, there are 3 possible reasons:

1. Each user could have no more than 5 active tokens. If a user login 6 times in different processes, the first login token will be invalidated.

2. Token could be saved into the database and shared among processes. A token was refreshed somewhere (maybe in another process) but you forgot to save the new token. Old token was expired immediately after the refresh.

3. There is a bug on the RingCentral API Server side.

If you believe #3 is the root cause, please send the exception together with timestamp and stacktrace to the developer support team on a support ticket.

Thank you Tyler.  Reason 1 was exactly the issue we were having.

Another condition I like to add is when a valid token is revoked using revoke API (reference) it shows the error message token not found. Since the token is already revoked, it will generate that message

Sorry to dig up an old thread, but is there any way of getting a notification/alert/webhook if the 1st scenario happens?

I'm having a similar experience as described, and I'm positive it's not #2, since it's all taken care of well with locks/mutex.

But since it's customers connecting their RingCentral account to my service, I have no way of knowing or controlling how many active tokens they may or may not have for other services.

For some extra context, I've been looking at my logs, and it just seems completely random that the tokens vanished. The tokens hadn't just been refreshed (chance of a race condition or having been updated), the access token started failing, and the refreshing is also failing now.

Thanks!

Reply