Multi-server Architecture for S2S OAuth solution and token_index

With the impending deadline for the discontinuation of JWT authentication I am struggling to come up with a good architecture that will allow me to use the S2S OAuth solution. At issue here is the whole “token index” problem. We have two different applications (a legacy .net framework 4.8 solution and a new .net 6 solution in progress) that require use of the OAuth token. They may be running a dozen or more different servers and because we only have a max token_index of 2 we’re required to come up with some complex distributed locking solution to synchronize all the different threads on use of one of the two possible tokens.

Restricting to a single OAuth token is not in the OAuth spec (if it is I’d like to know where). It seems that, based on the other threads on this topic, I am not alone in struggling with this problem.

What is the reference architecture here?

I think this may be my saving grace:
Multi Access tokens launched for S2S apps - Announcements - Zoom Developer Forum

Somehow I missed this announcement

1 Like

I was in the same boat as you and had started designing a solution that would allow multiple instances of an app to share a single Oauth token without one instance invalidating the token for the other instances (you can see the now abandoned effort here). But, like you, I noticed the announcement and realized that I no longer need to worry about this problem.