cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3330
Views
11
Helpful
8
Replies

The token limit has been reached - JWT issue

tomer.berger
Level 1
Level 1

Hi. While trying to validate or use a freshly generated JWT in a guest issuer application, we receive the following error in console browser: uncaught (in promise) r: The token limit has been reached. Please try again later.

Is there any limitation for the amount of tokens which can be generated or use in a period of time? Is there any way to clear / delete existing used / unused JWT sessions?
Thanks in advance.

8 Replies 8

sandiban
Cisco Employee
Cisco Employee

Hello @Mykhailo
Thanks for sharing the details here! 
First of all, I think the initial URL - https://idbroker.webex.com/idb/oauth2/v1/tokens/me?authtoken=true, as sent by Rudrakshi should be working fine here.
I didn't try with cURL command though this time, tried in POSTMAN and it works fine!
Screenshot 2023-01-12 at 10.34.31 AM.png
May I ask you to directly run it POSTMAN once and see how it works. 
In POSTMAN, Select the Request as Delete from dropdown, put the URL, in the Request Body section - make the required adjustments as shared in the screen shot, in Authorizations tab - put the Guest Issuer Token which you want to delete and Send the Request.
As shared in the screen shot above, in the Response section you can find the status, it should be a "204 - No Content" since you're Deleting something.
I'm not saying the other EU cluster URL wouldn't work at all, it's possible that sometimes the URL as I mentioned will not work due to busy cluster, that time you might try with the other one as well i.e., https://idbroker-eu.webex.com/idb/oauth2/v1/tokens/me?authtoken=true and either should work.

Let us know if you're able to solve the problem this time.
Regards,
Sandip

Hello @sandiban 

My webex subscription is located on the EU cluster. Between the time of creating a guest token and its removal, it takes me 5-30 minutes, during this time the token does not have time to appear on the American cluster, so I use Idbroker-eu.webex.com

Hi @Mykhailo MS
Thanks for the background!
I think we need further verification on this and need the latest trackingId as well.
Could you kindly share the details over devsupport@webex.com and it'd raise a case in our queue. We can take this further from there.
Please share one of your sample Token in the mail and also kindly share the latest trackingId.
And for the reference, keep this Community Forum discussion link - https://community.cisco.com/t5/webex-for-developers/the-token-limit-has-been-reached-jwt-issue/m-p/4748841 in your mail as well so that easily we can track it.
Thanks!
Sandip

Rudrakshi
Cisco Employee
Cisco Employee
As per the error, looks like the user you're trying to generate the new access token for, has reached the limit of 750 active access tokens. It is a system-wide limitation for all user accounts.
As a workaround you should be able to revoke/delete access_token that was generated for a Guest user using below cURL command:
curl --request DELETE --header "Authorization: Bearer {access_token_granted_to_guest} " https://idbroker.webex.com/idb/oauth2/v1/tokens/me?authtoken=true


Best regards,
Rudrakshi Srivastava

I deleted my latest access token, but is there a way to delete all my access tokens ?

sandiban
Cisco Employee
Cisco Employee

Hi @Gati

No, there is no way to force delete the old Access Token/s. I'm using the word "force" because anyway when a fresh Access Token is generated then the old Access Token is expired.
So, you can't gather those old access token and deleting them, it doesn't make any sense either.

BTW, if you want to delete the complete Integration which actually provides the credentials for generating Token, by any chance if you meant that, then you could follow this API documentation - https://developer.webex.com/docs/api/v1/authorizations
This should help!

Please let us know for any further assistance.
Regards!
Sandip

Hi Rudrakshi,

curl --request DELETE --header "Authorization: Bearer {guest issuer access token}" -i "https://idbroker.webex.com/idb/oauth2/v1/tokens/me?authtoken=true"

replies that the token is not valid, but it is not

Server:

{
"error":{
"key":"400",
"code":"400309",
"message":{"error_description":"Invalid token ID(s)"},
"trackingId":"NA_XXXXXXXXX"
}
}

API changed?