Notice - Intermittent OAuth Authorization Code Issues

  • 1
  • Problem
  • Updated 2 years ago
  • (Edited)
Overview

We have identified an intermittent issue with OAuth authorization code grant where exchanging an authorization code for an access token may temporarily fail due to a synchronization issue. This is being resolved by our engineering team and we will provide an update here when it is available.

Temporary Workaround

A temporary workaround is to retry the authorization code exchange within your application. This needs to be done before the authorization code expires with a recommended delay of 3 seconds.
Photo of John Wang

John Wang, Official Rep

  • 5,496 Points 5k badge 2x thumb

Posted 2 years ago

  • 1
Photo of TextUs Services

TextUs Services

  • 60 Points
What did you do if the authorization code is already expired? Thanks John!
Photo of Benjamin Dean

Benjamin Dean, Alum

  • 8,642 Points 5k badge 2x thumb
As part of this workaround, provided the authorization code trade request for a token is executed within three seconds, hopefully the authorization code is still valid.

If it is expired, I would recommend shortening the retry-delay to 2 seconds and see if that resolves the issue.

If that does not work, the appropriate authorization flow would be to consider the authentication attempt as failed, and to re-initialize the process for the end user (you could notify the user "we had a problem processing your authentication, please try again").
Photo of Benjamin Dean

Benjamin Dean, Alum

  • 8,642 Points 5k badge 2x thumb
Quick update for developers, we have began rolling out the fix to this solution in specific environments, and will continue until this rollout is scheduled to be completed on November 7th.

If your application begins experiencing any issues related to this topic during this phased rollout, please post those issues here with as much detail as possible (making sure to remove any sensitive information such as API keys, API secrets, etc...).