For a deeper look into our Elektron API, look into:

Overview |  Quickstart |  Documentation |  Downloads |  Tutorials |  Articles

question

Upvotes
Accepted
1 0 0 0

Authentication Refresh Failures

I have a 64-bit C# application running on Windows 10/11 that is making a successul initial request for the Authentication access_token. The URL for this request (and subsequent refresh) is https://api.refinitiv.com:443/auth/oauth2/v1/token. This access_token is successfully used in the WebSocket LogIn. After a prescribed interval (less than the "expires_in" seconds), the s/w requests a refresh of the access_token. The response sometimes is "OK", but unfortunately, many times the response is HTTP Status BadRequest RECEIVED: { "error": "invalid_grant"}. With this failure, the WebSocket disconnects. There can be upto six (6) successfult sequential "OK" refresh cycles, but out of the blue, there is arrives a failure.

Can anyone suggest the cause of the Authentication access_token refresh failure?

#technologyauthenticationrefresh
icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

1 Answer

Upvotes
Accepted
55.8k 144 45 65

@tony10

Sorry about the issue that you are facing.

According to the Limitations and Guidelines for the RDP Authentication Service article, typically, each account has only one active session (refresh token). A refresh token will be invalidated if other users use the same account with the password grant to get a new refresh and access token.

If you use the invalidated refresh token with the refresh grant to get a new access token, you will get the following error.

{
    "error": "invalid_grant"
}

In conclusion, the same account may be used by multiple users at the same time.

I hope that this information is of help

icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Hi, thank you for replying. That article of your's did help.


It would cetainaly be useful to have more information in the "error" than "invalid_grant". Maybe put the reason for the rejection?


However, my issue is complicated by the unreliable LogIn responses from the RCC. I do not know if you are the address for this.

@dave.1

To get the exact reason for the rejection, you can directly contact the product support team directly via MyRefinitiv. The product team may verify the server log to find the reason for the rejection.