OAuth2 Token Invalid
search cancel

OAuth2 Token Invalid


Article ID: 131492


Updated On:


CA API Gateway


The access token was retrieved at 23-04-2019 22:07:57 and used at 23-04-2019 22:10:46. However, an error was received stating the following 2019-04-23T22:10:47.566+0800 INFO 962 com.l7tech.server.policy.assertion.ServerAuditDetailAssertion: -4: error: invalid_request, error_description: Access token does not exist (expired, revoked, replaced, unknown, ...).
This issue occurred intermittently at an average of once per day.


There are 2 gateway nodes in the cluster and the otk jdbc connection url is set as,


When there are 2 nodes, and each node connect to local otk database, and there will be delay even replication is running fine, and the oauth flow has multiple steps, the whole session might call the oauth endpoint on different node, therefore, the access token generated at one node, might not be found in the otk database on another node, and then it fails with error "Access token does not exist" 


specify hostname instead of localhost in otk jdbc connection

If want to configure failover, the jdbc url can be,
jdbc:mysql://<DB host 1>:3306,<DB host 2>:3306/otk_db?failOverReadOnly=false&autoReconnect=true&connectTimeout=100