Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Microsoft Graph API intermittent error "Token not found: token is either invalid or expired" resolves itself after retry

I am making requests to the Microsoft Graph REST api (beta), specifically to the sign-in event endpoint: https://graph.microsoft.com/beta/auditLogs/signIns

I am making batch requests that retrieve sign-ins for a particular user in batches of 1000. Starting around the 25th of september, these requests would fail after roughly 10-50 batches, with the following response, with a 400 (Invalid Request) HTTP error code:

"error": {
  "code": "",
  "message": "Token not found: token is either invalid or expired",
  "innerError": {
    "request-id": "[request-id-redacted]",
    "date": "2019-09-30T22:27:36"
  }
}

However, if I retry the requests after waiting ~1s, with the very same JWT web token, the requests succeed and I'm able to complete all the batch requests for the job I'm running. The access token I receive when initially authenticating expires in 1 hour, but this error crops up ~1-15 minutes after I receive the token (I've confirmed the unix timestamp expiry date I get w/ the token).

I'm wondering what could be the cause of this error, and how I could avoid it, other than hard-coding the specific response message and retrying. I was unable to find any matches on google for the error message, either. Has anyone seen this error before from the Microsoft Graph API?

like image 793
GoogieK Avatar asked Oct 01 '19 00:10

GoogieK


People also ask

How long are Graph API tokens valid for?

Refreshed tokens are valid for 60 days from the date at which they are refreshed. Tokens that have not been refreshed in 60 days will expire and can no longer be refreshed.


1 Answers

"I was unable to find any matches on google for the error message, either. Has anyone seen this error before from the Microsoft Graph API?"

Yes. I'm querying the https://graph.microsoft.com/beta/reports/credentialUserRegistrationDetails MS Graph endpoint, and I'm seeing exactly the same thing you are. Intermittent responses with status code 400 and this error message: "Token not found: token is either invalid or expired", only a minute after requesting an access token.

I'm using the @odata.nextLink value to page through the results, however it's proven to be very unreliable due to this issue. Sometimes I will get the entire set of results, other times I will only get a portion of it. Even when I sleep for 5 seconds between each nextLink request, the error still appears.

This started happening for me this week. Before I was getting consistent results.

Your approach to perform a retry might be the best one for now:

if response.status_code == 400:
  retry_request()
like image 110
Miguel Alex Cantu Avatar answered Oct 30 '22 03:10

Miguel Alex Cantu