from time to time it happens that a created S2S OAuth token becomes invalid and cannot be used anymore for API consumption before the 3600 seconds of validity are over.
Unfortunately I could not reproduce the problem yet when I was trying to in order to restrict it to a certain behavior of our API clients . But from a gut feeling it happens after this token has been used for creating/deleting users and/or creating/deleting meetings.
Does anyone have an idea what could be the problem, or even similar experiences?
Do you have multiple instances of your application running at the same time (e.g. in a clustered environment)? You might be running into the undocumented “feature” where the previous OAuth token is invalidated when you request a new one.
At the moment kind of, yes. But the problem in fact is, that it is apparently not documented anywhere. When it is documented, you can take it into consideration.
Then I see two options:
You create a new token every time you want to call any API. This is surely not how it should be done because the token is valid for one hour, and it would decrease performance of your app.
You save the token somewhere in your DB together with a valid-to timestamp. Then you can reuse it every time you need it, and create a new one when the valid-to moment has been reached.
FWIW, we did option #2 as well, only we didn’t store it in the DB, we used AWS Secrets Manager. We also wrote a scheduled Lambda that would rotate the token every 50 minutes