Unauthorized Access: Failed to validate token.

Hi Peter,

Thanks for your post! Are you generating signing URL, or a link built with Signer Authentication token? If the former, please make sure you generated the signing URL every time (instead of storing the signing URL locally). If the latter, because the signer authentication token can only be valid for 30 minutes, the token has to be consumed within half an hour before it expires.

Duo

Thank you for your response. I should have clarified we are generating a new "signing URL" every time via OneSpanSDK.getSigningUrl() and then immediately sending it to the signer. What are the most likely causes of "Failed to validate token"? 

I had another one of these reported this morning.  It was sent on 8/26.  The link that was sent was: 

https://apps.esignlive.com/authentication?target=https%3A%2F%2Fapps.esignlive.com%2Ftransaction%2F3qxaN4YTSNbkoTWAEDY5QfViv2I%3D%2Fsign&loginToken=R3h3ZnkvNVRyWm9zVzA4ZS94c2ovYnRDQ3kwNEducUlqdmliS0MrQW9GRFkvTFZETHduUFFkYnhtaVpiYnorMlhxdDlrdlp2ZW9ISmxoMUVpNEh6RUd1ZGMrWHdHQ0h2Y0hGdk90eCs4Mk9WdmdQcFhzYzVBOGREM2hHUW5NdXBUazlWWjJ0RGFUbFNNazgyYjNKcGNEW_XnZkRnBFUzBaYVkwVmFaR0ZLVTNOaVNtb3pZMEV5TWxKQmFFdHdaVmhXYW5CM1IwRTJhbFJNVUVSbGIyeGhZVzh1TXMwWGpCTjFLMlRKTHNjekJESmpQRXRLM2taUnFSL3pUZlA3WlluRw%3D%3D

Hi Peter,

Thanks for your information! Few questions from my perspective:

(1)If you re-generated another Signing URL, is the "loginToken" be the same as the one you supplied above? Is the "Fail to validate token" error consistent?
(2)Have you by any chance filled in a support ticket for this issue?

Duo

Yes, I did re-generate another signing URL and the logintoken is different.  For one of our cases, the regeneration allowed the end user to successfully login and sign.

I'll send a support case.  

Thank you!