question

grant-botma avatar image
grant-botma asked ·

'OAU-213: Token Not Found' when refresh token has not expired.

We built an application that syncs with clients' CRMs and sends automated text messages from their sales campaigns. New clients are asked to log in and obtain an OAuth Token via Authorization Code Flow. We have a scheduled task that sends an automated text message for any user whose refresh token will expire within two days in order to ensure that users don't have to log in once a week and obtain a new token. This works most of the time, but every so often one of the tokens that we have cached and encrypted fails to refresh when we send the automated text that is supposed to obtain a new token. The error we've been getting for these instances has been an 'OAU-213: Token Not Found'.

Can you provide any insight as to why this might be happening? The most recent instance of this occurred this evening (Thursday) for a user whose refresh token isn't set to expire until Saturday.
topic-default
1 |1000 characters needed characters left characters exceeded

Up to 8 attachments (including images) can be used with a maximum of 1.0 MiB each and 10.0 MiB total.

Tyler Liu avatar image
Tyler Liu answered ·
We have a scheduled task that sends an automated text message for any user whose refresh token will expire within two days in order to ensure that users don't have to log in once a week and obtain a new token.
Could you please elaborate?  Which programming language are you using? Which API endpoint are you invoking in order to refresh the token?  I feel confused by "sends an automated text message  ... to obtain a new token"
Share
1 |1000 characters needed characters left characters exceeded

Up to 8 attachments (including images) can be used with a maximum of 1.0 MiB each and 10.0 MiB total.

grant-botma avatar image
grant-botma answered ·
Which programming language are you using?
Ruby, RoR app using the unofficial Ring Central Ruby SDK:  https://github.com/ringcentral-ruby/ringcentral-sdk-ruby

Which API endpoint are you invoking in order to refresh the token?
SMS message endpoint. From what I can tell, the Ruby SDK doesn't have a method that explicitly performs a token refresh. The Faraday client that the Ruby SDK uses automatically refreshes the token when a message is sent, so we have a rake task scheduled that sends out an automated text message when a user's refresh token is about to expire in order to obtain a new token. 

The user for whom the 'OAU-213: Token Not Found' error occurred when this automated text was being sent out. I pulled the data for his OAuth 2 token, and the refresh token is not set to expire until Saturday, so I'm confused as to why we're getting this error. Does this make sense?

Share
1 |1000 characters needed characters left characters exceeded

Up to 8 attachments (including images) can be used with a maximum of 1.0 MiB each and 10.0 MiB total.

Tyler Liu avatar image
Tyler Liu answered ·
OK, there are 3 possible reasons:

1. Each user could have no more than 5 active tokens. If a user login 6 times in different processes, the first login token will be invalidated.

2. Token could be saved into database and shared among processes. A token was refreshed somewhere (maybe in another process) but you forgot to save the new token. Old token was expired immediately after the refresh.

3. There is bug on RingCentral API Server side.

If you believe #3 is the root cause, please send the exception together with timestamp and stacktrace to devsupport@ringcentral.com
2 comments Share
1 |1000 characters needed characters left characters exceeded

Up to 8 attachments (including images) can be used with a maximum of 1.0 MiB each and 10.0 MiB total.

Another reason this can happen is if you use a token against a different environment from which is was created, e.g. if you create the token on production and use it in sandbox:


0 Likes 0 · ·
Adithya PK avatar image Adithya PK John Wang ♦♦ ·

In my case, I am pretty sure 1 and 2 are not the case.

I have tested with POSTMAN and there are no specific steps to reproduce this error. It is occurring very sporadically. It is definitely a bug on RingCentral API Server side.


In 2, you said "Old token was expired immediately after the refresh". It is not the case. It is still valid. After spending more than 3 hours I couldn't find when exactly this error could happen and it is not documented clearly anywhere :(


@Tyler Liu Sometimes, using freshly fetched refresh token is also giving this error.

0 Likes 0 · ·
alex-mcritchie7074 avatar image
alex-mcritchie7074 answered ·
Thank you Tyler.  Reason 1 was exactly the issue we were having.
Share
1 |1000 characters needed characters left characters exceeded

Up to 8 attachments (including images) can be used with a maximum of 1.0 MiB each and 10.0 MiB total.

Anirban Sen Chowdhary avatar image
Anirban Sen Chowdhary answered ·

Another condition I like to add is when a valid token is revoked using revoke API (reference) it shows the error message token not found. Since the token is already revoked, it will generate that message

Share
1 |1000 characters needed characters left characters exceeded

Up to 8 attachments (including images) can be used with a maximum of 1.0 MiB each and 10.0 MiB total.

Write an Answer

Hint: Notify or tag a user in this post by typing @username.

Up to 10 attachments (including images) can be used with a maximum of 1.0 MiB each and 10.0 MiB total.