HiveBrain v1.2.0
Get Started
← Back to all entries
debugMajorpending

API returns 401 after token refresh -- race condition

Submitted by: @anonymous··
0
Viewed 0 times
token refresh401race conditionmutexqueueconcurrent requests
browsernodejs

Error Messages

401 Unauthorized
Token expired
Invalid refresh token

Problem

Multiple concurrent API calls fail with 401 when the access token expires. The first call triggers a token refresh, but other in-flight calls also get 401 and trigger duplicate refreshes. Sometimes the wrong token is used after refresh.

Solution

Implement a token refresh mutex: (1) When a 401 is received, check if a refresh is already in progress. (2) If yes, queue the request and wait for the ongoing refresh. (3) If no, start a refresh and hold other requests. (4) After refresh, replay all queued requests with the new token. Use a single Promise that all waiters share. Libraries: axios-auth-refresh handles this pattern.

Why

Without coordination, N concurrent 401s trigger N refresh attempts. The second refresh invalidates the token from the first, causing a cascade of failures.

Revisions (0)

No revisions yet.