Symptoms
We have in recent times had multiple issues with our customers experiencing their TDI solution stopped working due to Forbidden and Unauthorized results on their requests to our different services.
Essentially executions aren’t started due to authorization errors, which will be mentioned in the error message.
Cause
We are very sorry for the inconvenience this has caused our users. The cause has been determined to be a misconfiguration in our refresh tokens. Tokens received from sign in on our apps and services before the 23rd of October have an absolute lifetime assigned, meaning that the tokens expire. This behavior has now been adjusted. Services that should not require a periodic new sign-in to function, i.e. our Ingest Service and Execution service, will no longer receive tokens with an absolute lifetime.
Resolution
Unfortunately, we cannot control the already issued access tokens. To fix this problem you will have to sign into the Ingest service and/or Execution service again. This will provide you with a new token with no expiry.
You can run the Ingest Service Configuration tool and the Execution Service Configuration tool to make it start using this new option.
Note: This fix was deployed October 23, so if you have not signed out and in of the Ingest Service and/or Execution service after this, please sign out and in to get a new refresh token.
We also recommend you to upgrade to the latest TDI version (which automatically enforces a sign-in).
