We're sometimes receiving a 'Failed to validate token.' error
Monday, November 13, 2023 at 11:00amWe're using OneSpanSDK to generate e-signatures for clients, we're maybe generating ~800 per day. Every now and again a client will receive an
Unauthorized Access
Failed to validate token.
Error message. They seem to be random, and not very frequent, but due to the use-case, we need these to work straight away due to clients being in walk-in-centers and not always having emails we can email out a new link to.
Any suggestions why this may happen?
Thank you in advance.
Reply to: We're sometimes receiving a 'Failed to validate token.' error
Monday, November 13, 2023 at 12:48pmHi Cameron,
Thanks for your post! Could you also fill in a support ticket ([email protected]) for your issue?
From your description, it sounds like your application is generating an signer authentication token, and building the signing ceremony link like below:
https://sandbox.esignlive.com/access?sessionToken={signerAuthToken}
The error occurred when signer accessed the link?
There's actually another type of signing URL: https://community.onespan.com/documentation/onespan-sign/guides/feature-guides/developer/creating-signing-session
The key difference between the two links are: signer authentication token expires in 15 minutes and the signing URL won't expire.
Duo
Duo Liang OneSpan Evangelism and Partner Integrations Developer
Reply to: We're sometimes receiving a 'Failed to validate token.' error
Tuesday, November 14, 2023 at 09:27amHi,
We are using the getSigningUrl(packageId, role.Id) to provide the sign URLs. What else could be causing this issue?
Reply to: We're sometimes receiving a 'Failed to validate token.' error
Tuesday, November 14, 2023 at 09:43amHi Cameron,
In this case, are you generating a new signing URL every time or did you store the old link? Updating recipient info could be a reason which invalidates the signing URL.
Duo
Duo Liang OneSpan Evangelism and Partner Integrations Developer
Reply to: We're sometimes receiving a 'Failed to validate token.' error
Tuesday, November 14, 2023 at 09:45amHi Duo,
We generate a new signing URL for each package & recipient information will not be updated after this.
As soon as the package has been created and the URL is returned, the client instantly goes in to sign their document.
Thanks,
Cameron
Reply to: We're sometimes receiving a 'Failed to validate token.' error
Tuesday, November 14, 2023 at 09:47amHi Cameron,
In this case, I would suggest to fill in a support ticket and our support agents will help you check the logs and narrow down the cause of issue.
Duo
Duo Liang OneSpan Evangelism and Partner Integrations Developer
Reply to: We're sometimes receiving a 'Failed to validate token.' error
Monday, November 27, 2023 at 12:43pmCameron,
Let us know what you find out. We have a similar implementation and I have been chasing this one for a long time and have not been able to establish a root cause. Support did not have an answer for me at the time. We see it on a very small percentage of transaction. I thought at one point it has something to do with the reserved apex keyword "_X" appearing in the token but I could not prove it.
Peter
Reply to: We're sometimes receiving a 'Failed to validate token.' error
Monday, November 27, 2023 at 04:06pmHi Cameron,
Peter refers to a previous post he made here:
https://community.onespan.com/forum/x-getting-removed-package-id
So I might get the same question to you: how you are generating the signing URL? I doubt the ootb APEX sdk has this function, were you creating your own function like the shared code I created in this guide? Or did you modified based on an existing SDK function?
Duo
Duo Liang OneSpan Evangelism and Partner Integrations Developer