InControl API Authentication Issues

When authorizing using a client token, if I send 1 request a second for 5 seconds, maybe 1 will correctly authorize and 2 will says 401 unauthorized.

This is causing intermittent timeout issues for syncing with current peplink data. It would be nice to have a long lived API token or API key based access to the api.

We see you also raised a ticket on the issue. We are following up with you.

It is likely that your application is multi-threaded. When a thread finds an access token is invalid, the thread will refresh the access token by itself. However, only one access token can be valid at a time. If every thread also refreshes the access token by itself, one thread will invalidate another thread’s access token. So no thread could use its access token for a prolonged time. That’s why you see the unauthorized so often.

In this case, i also hard coded the token and it still intermittently fails for 401. I’m using a backoff strategy for 401 unauthorized errors and usually it’ll pass the first time, fail a few times, then pass again. This is with a 1-5s delay between each request.