For a deeper look into our Elektron API, look into:
Overview | Quickstart | Documentation | Downloads | Tutorials | Articles
We received this message twice over the weekend: {"error":"access_denied" ,"error_description":"iPlanet session has been expired." } while re-authenticating. It fixed itself after authenticating again.
Curious what it means as we generally try to keep our session alive 24/7.
Hi @vikas.khurana,
Does this happen only when you refresh your token? Does your token refresh properly? You mentioned it fixes itself - I’m not sure what that means.
Also, I assume your are connecting to ERT in Cloud?
Thanks.
Yea it happens upon trying to refresh the token. By "fixes itself" I mean we are able generate a new token then recreate the websocket session and are up and running again.
The error seems to cause by the expired refresh token (18 hours) The workaround is to perform authorization with user/pass instead.
See also at : https://community.developers.refinitiv.com/questions/41556/electron-gets-disconnected.html
The development team also look into this for permanent fix.
Hi @vikas.khurana,
The error indicates your token has expired. I believe this is occurring due to a timing issue. Are you using the exact time provided in the "expires_in": 300 field to request for a new token? Initially, I found that most times I was able to refresh my token using this exact value (300 seconds), but periodically the timers don't fire in sync. I found that if I give a 10 second leeway, i.e. 290 seconds, it seems to consistently work. Give that a try.
i actually do it in half the expire time, so if comes back at 300 seconds I refresh it every 150 seconds. Whats interesting is the expire time was not always 300 seconds when the error happened. Here is a log of what happened up to the iPlanet error.
[LogTime: 05:33:25.166] Successfully Re-Authenticated. Token expires in: 300 seconds.
[LogTime: 05:35:55.594] Successfully Re-Authenticated. Token expires in: 300 seconds.
[LogTime: 05:38:26.204] Successfully Re-Authenticated. Token expires in: 300 seconds.
[LogTime: 05:40:56.670] Successfully Re-Authenticated. Token expires in: 138 seconds.
[LogTime: 05:42:06.294] Successfully Re-Authenticated. Token expires in: 289 seconds.
[LogTime: 05:44:31.209] Unable to authenticate, received 401 Unauthorized. HttpEntity.Strict(application/json,{"error":"access_denied" ,"error_description":"iPlanet session has been expired." } )
There may be reasons why the expire time coming back is different. Have you tried many different retry times? Picking half the time seems overly aggressive and I'm not sure what the effect will be if you get expire times like 138 seconds and picking half of that. Can you try a much less retry time, say only 10 seconds less?
thanks.
Hi @vikas.khurana,
Can you provide logs showing the details? You didn’t clarify but are you setting the leeway by 10 seconds, that is 290 secs?
Yep that is correct.
Here is the relevant part of the log (there are a bunch of ping/pong messages sent about every 20 seconds in between):
[AkkaTime: 19:48:14.089UTC] Successfully Re-Authenticated. Token expires in: 300 seconds.
[AkkaTime: 19:53:04.521UTC] Failed. Code: 401 Unauthorized, Entity: HttpEntity.Strict(application/json,{"error":"access_denied" ,"error_description":"iPlanet session has been expired." } )
Hi @vikas.khurana,
The best course of action is to open a support ticket on the https://my.refinitiv.com/ site. Given this will likely require troubleshooting on the server side, you will likely need to provide your Machine ID as part of your question. To open a ticket, click on the above link and do the following:
