DSS REST API: Sometimes the create token API returns an invalid token
Hi,
We are having an issue with one of our applications. Sometimes the DSS REST Api creates a token, without errors but when we try to use it (e.g. to retireve the fields available for a template) we get the following error (with a 401 response code):
{"error":{"message":"Authentication request failed because of invalid token"}}
Even retrying the RequestToken call doesn't help.
@Giovanni.Condello, is this issue solved or is it still occurring ? If it is still occurring, is there anyway you can capture the full request you are making to the API?
Does the problem still occur in your environment ? If so, is there anyway you can capture the full request you are making to the API?
Hi Wasin,
the issue was actually on the application side due a concurrency-related bug. Many thanks for all the help though!
Is it possible to get the Request Correlation Id for the call that failed with the 401?
See https://hosted.datascopeapi.reuters.com/RestApi.Help/Home/Diagnostics for more information on them.
As it turns out, we have lost some of our internal diagnostic logging and I do not have the token we received, I just see the same message you would have received:
Authentication request failed because of invalid token
If you happen to have the token you used, I would be happy to tell you why it failed when presented.
Note: Tokens are only good for 24 hours - is there any chance this token was older than that?
sorry for the late reply. Tokens are refresh at least every 6 hours so I'd say that's not the issue. Here are more details about other failed requests:
2018-02-15 08:50:54 Token is _hXpXG2Urx-7cAR2Bs7yqMUx12nSr4F1WngfGGsL-P99pGW1YJqJLg9AWm8Wacc-5pb7HKzq8iSgE2JOjFGTD8RrDxhyQGgk50Qkg1dkE2m7CpquqSP3fCTPIiGlncUsRGuSLVAAMu4cIldYPStQZL5QA0-1VcYd8Cp3hUS86OS-X408GeOOuVHeyQWYJK6A8Nt8IOC28VYHS1To6dg8PQiTnqjsBXsjQw2-nKTjp-sGGIZjmNdEPt6B9vEo2C9FYz2fRE8uu0RjxY69Ld1iNXibsZeEYhrLUdfeGQ5nvN7k
2018-02-15 12:29:53 HTTP status: 401 (Unauthorized). Authentication token is invalid or has expired. Response body: {"error":{"message":"Authentication request failed because of invalid token"}}. CorrelationId: 9eb20a09-c283-4c96-8a84-114b3d807957
2018-02-15 12:29:54 Token is _rgr1rSjBjTwWfXfB_1HuD6e0twQLJ9g0xkbf0Ohp2spXS7QfIrH1qopHEhPqCqrwFtQVhvHJxQVVBrwyGoTuio4JGDl-vCYfxG7-saYt6fNx4U659Q6fuV1NVZ7ejx2R5y6JfHFPmf35tka6QmJNXnrfFmYGgoum7q0C06zpfyiJRrFR4KrjE9uGJDY6g6ULX60MvUnW0nStRoumL_XPe2xNLh5zjhu5yM99N7o1V23z33TvjFEh4LI5YOlTfKNKDti6QGSA_hPSK7JHBOaBygbH-FLlaq4LEcY7D8c2B-c
2018-02-15 12:29:54 HTTP status: 401 (Unauthorized). Authentication token is invalid or has expired. Response body: {"error":{"message":"Authentication request failed because of invalid token"}}. CorrelationId: 9eb20a09-c283-4c96-8a84-114b3d807957
2018-02-15 12:29:56 Token is _TybakKm1sr9Jt--w9GISfHYr_qS2kGXz6S2NWyJiOCOIUVcqlKhRCGn3-Tm8N84l1Y3BwG9yfC8ozvZ7OnUnusQFn59oMi9cwV7_I4foxmlX7Q_-NPrFQakQrXbwV1Z5tFY9afTVWB-xBxBCtbFnVsVPkHGaxUExROW2OmT8Z4xua2fHYM5lFgkw4vZBMd1Jh_te-oDmErSE3TyGSM6uOyzoqd3DagO6CNDc7ZiKhsYtGXn94cMqoIklrfPigjxFZBSkDKf3lyQmKCsxbx1IIB9vWdGceKfCsbPknmuwaZI
2018-02-15 12:29:56 HTTP status: 401 (Unauthorized). Authentication token is invalid or has expired. Response body: {"error":{"message":"Authentication request failed because of invalid token"}}. CorrelationId: 9eb20a09-c283-4c96-8a84-114b3d807957
2018-02-15 12:29:58 Token is _9eksyxWFYQGg3jpSoqr8fK7hNUrZoNBXmLDD7w8Ntgf7izB1HlKtjWlIBzO0ri_dTE0jNNDh4GHheIBIagBT36_8BGxbPijQKX4Kqakc_MHRVxe2or0sXrNs9_O0hd48lHS-F3R4jpY6R-Gp_frD12WxtoqDFT4iAUt3CbstunRlZTuocN6jTjPRryCjnj0v7ezP8U4QSjzqnHjVWPqT4KQ-vPNjb--g0x3f9Ndeo6Zad-z8AoXN91MN9Sa3KBEcDXGV9RsXMbr9ztU3_HsFE2Dmf-o12f8XRmqt0dDt6Sw
2018-02-15 12:30:39 HTTP status: 401 (Unauthorized). Authentication token is invalid or has expired. Response body: {"error":{"message":"Authentication request failed because of invalid token"}}. CorrelationId: 9eb20a09-c283-4c96-8a84-114b3d807957
2018-02-15 12:30:39 Token is _AdnQOKyOOIP2DFyPFECJJFoOXB7Y0UBa3n-pop39zGp2NBXbc08J6CSces8PAYRoZl6FxQFODfuUA5RjUy2ntLyIWzS-tb74P2xAQWj5JQz1LTcc7YdvNVlOfRunlh_tWk8C5V-Lk7EZgA8WestPKvhkJGe2ztymWQa2STOxdkIWbZdzdljLYzh6Dl8G1_Vr1IIHNsSHvtXqpxVR_HyT9OWr0b28QWwPzONclOoje35lWSnC9rmXYgiWGRI4-3P4Bv39yhY96Ib55QSVa6imVMkTxR56PJQ3H7Y137t0bZ8
2018-02-15 12:30:39 HTTP status: 401 (Unauthorized). Authentication token is invalid or has expired. Response body: {"error":{"message":"Authentication request failed because of invalid token"}}. CorrelationId: 9eb20a09-c283-4c96-8a84-114b3d807957
2018-02-15 12:30:40 Token is _yb96fMJGGbBUwZCHLHsF8eiJu2Obk1mIZQmjsQG39TamWph2__ANij_hDOAiguoG5iz_ZQdiwlMM3Didl4dky6ucevIN39YypPp_rwu-7FEWQiqfNd0Qf4kNq1FxVqDycTw8gFEVKzAHWA-oVo-Pu02t1BKQ1fpggP-ih3RPXDdjzDKHnFHEWB6VX1kOrhXEax1ZG6kqqa6X_bUHDZ4YY_fQiMFGTLRX_U6oXmOdyvfrM76Xlu9qiSchZoWZMsKZ1vB5N-rFwwIoEoIsg_OAT14NQm-jfvN5gknoTzgJQvE
2018-02-15 12:30:40 HTTP status: 401 (Unauthorized). Authentication token is invalid or has expired. Response body: {"error":{"message":"Authentication request failed because of invalid token"}}. CorrelationId: 9eb20a09-c283-4c96-8a84-114b3d807957
2018-02-15 12:30:40 Token is _pqb9P3CviyyeUGdGe7czOvjTqL2Lp4dRWzWIV6UQGkgTWFEnmzHIWhxOU99Rnohp9uA23Kktqc9TuJ_Y0UBEl7I-fV_SPpRcykj3QmRBh7cUihFaxWPXvIcmcA1B5OBDsqrDsCLwX5NQg7_uYdheg_bBFaRpZFI6Srfw_Em9AeqT515A4hiq2WoFflPRMb46TZFi5XMKITxg3nRyrztHqjS-QBSgVnoSGqPRYwUBw5EwtQWxi4H0bp7dJBfJ7UNKp04EnK6bzHwFYtreEDuWb7jBRzJF2gHEWD8C71tL2qo
2018-02-15 12:38:36 HTTP status: 401 (Unauthorized). Authentication token is invalid or has expired. Response body: {"error":{"message":"Authentication request failed because of invalid token"}}. CorrelationId: 9eb20a09-c283-4c96-8a84-114b3d807957
2018-02-15 12:38:36 Token is _3csW9doB4wx0QsPjww8nxAsT4WQkQZG0NXCTYKHA6y5Ew4CDtSRGSdgrx3o7s4Tkrj-mQmaETmcsHbLEPR6NPZRfk1YQBZAO66ymOMv0R6MHrmBbKBN7Pp4Ipk1QvKXwXnflfmOpGL6ZRhQseWWC9irOe767Tbr7q8WcH7qx2cRUlFAGZcAxpqlhtdvA97S-i4l-vFW6BSzk3EE_EUF0CDoVvHYZLH7glGsN7-sAvXufNpxTBYt_1wuFLL89xrO7D9fNdo-XKGkdBJkij-Rk8emHo3_XUJUuz07h5WtB2ag
2018-02-15 12:38:36 HTTP status: 401 (Unauthorized). Authentication token is invalid or has expired. Response body: {"error":{"message":"Authentication request failed because of invalid token"}}. CorrelationId: 9eb20a09-c283-4c96-8a84-114b3d807957
2018-02-15 12:38:36 Token is _tMxL5Wce78ldJhy1mlQeSezZi822zeeTEvJCf4jBgMuLaoMuvd69DeT5OJKgaPfWE9vyVdX_rgQ9jdIwjiluvu1urFssGeTeTYOcYOsxw8xipKpmaua4l49NGqJhqZiZ6eI7L9L4NAsWzy0S20UYU5ziPN5ZXnePOH4hvzkyPLjmOtHWwicG_HwT5fuMRbfyMXi3qSy5TFk7FGTTEv4OSXCthKaJi-BlWwdoTMFL5BNF8QRb1YtcatR_Dh5cK-ebNQLgN6Bfy4IIpqKHVN7zWKCG8QTc5ME7NuaVXUPPDXg
2018-02-15 12:38:36 HTTP status: 401 (Unauthorized). Authentication token is invalid or has expired. Response body: {"error":{"message":"Authentication request failed because of invalid token"}}. CorrelationId: 9eb20a09-c283-4c96-8a84-114b3d807957
2018-02-15 12:38:36 Token is _uBWvCPE3b87ZRyK4KVk6nHHWlu5bDAsUEM2cqpor5Wx3OkpPoqOzL77aXJf1QD5HM6n_4cH0V-X5Nt0v7CMihU5h2PMuK9ock9Rj-w3f7xAJd5pu4ntw5ivZ5jgmdkaCrizJKK-SQfrl2Phxk9ndF8xhUaOJPQNL40kJ0aQ7KeRbtpQrxNAbLQhnEeB4lNeyn8Ifo6Id61lxejF5N00EfbHALlGvBPWlFpl5Yk_7in6JTCs-PFGGY2BdOi6szDbpaSSPB6C8p8GcMx_rHGBG0IoUmL2GrogZ-SxyKDXTGAQ
I am not sure what happened to the reply I attempted to post here a few weeks ago... but it is definitely missing.
I was not able to determine anything from all that diagnostic data. Is there anyway you can capture the full request you are making to the API?
I have confirmed that our local logs will have the necessary diagnostic data in them to show me the exact token that was submitted to all 401 returned requests, but until then, I cannot find anything that helps me understand why you are seeing this.
I can say that this is the only report of anyone not able to use their tokens for the full 24 hours and so I am curious to know that we have confirmed that we're sure your systems are not attempting to use a token past 24 hours?