Running into a clock skew issue with the Genesys Cloud Android SDK. The AccessToken refresh succeeds locally, but subsequent calls to /api/v2/ return 401 Unauthorized. The server time is ahead of the device clock by 3 seconds, causing the exp claim to look invalid on the backend. Is there a way to inject a time offset into the AuthenticationProvider in Kotlin, or do I need to handle this via a custom HTTP interceptor?
The 3-second skew is a known edge case with OAuth JWT validation. The server rejects the token because the exp claim falls in the past relative to its clock, even if your local refresh worked. You don’t need a custom interceptor. Just adjust the system clock on the device or emulator.
In we usually handle this by adding a that checks the token expiry and forces a re-auth if the remaining time is less than 10 seconds. For the Android SDK, you can implement a similar check using the platformClient authentication provider.
val authProvider = PlatformClient.getAuthenticationProvider()
val token = authProvider.getAccessToken()
if (token != null) {
val exp = token.expiry // Unix timestamp
val now = System.currentTimeMillis() / 1000
if (exp - now < 10) {
authProvider.refreshAccessToken()
}
}
This forces a refresh before the server clock catches up. If the device clock can’t be fixed, you’ll need to handle the 401 in a retry loop. The SDK doesn’t expose a time offset injection point. It relies on standard JWT validation rules.