How does the Data Action outbound step actually handle OAuth token refresh when hitting the WFM schedule API?
Problem
Porting the old Five9 supervisor routing logic, and the Data Action keeps bombing out after the first execution. The initial request grabs the bearer token fine, but the second parallel branch hits a 401. GC platform is running 2024.11 with Data Action runtime v2.1. The flow just needs to check if a tier-two agent is actually logged in before queuing the call.
{
"method": "GET",
"url": "https://myorg.mygenesiscs.com/api/v2/wfm/schedules/availability",
"headers": {
"Authorization": "Bearer {{session.accessToken}}"
}
}
Error
The console spits out {"code":"invalid_token","message":"Access token expired or revoked"}. The token lifecycle in Data Actions doesn’t auto-renew like the standard Architect HTTP step does. You’d think it’d pull from the session cache, but it just drops. The whole prod queue is sitting there doing jack all while the IVR loops.
tried routing the refresh through our vault proxy and forcing a new grant on branch split. still hitting 401s on the second leg. it’s definitely caching the initial token. does the runtime actually honor the override or just stick to the default cache?
{
"token_strategy": "per_branch_refresh",
"scopes": ["schedule:write"]
}
calling /api/v2/wfm/schedules directly shows the same 401 when the grant expires mid-flow.
The per_branch_refresh strategy looks solid, but the runtime v2 cache is notoriously sticky on parallel splits. Forcing a new grant via the vault proxy usually hits the rate limit before the token actually expires. That approach doesn’t really help. The second leg is likely reusing the same auth header object from the first branch instead of spinning up a fresh session.
Try injecting a dummy HTTP step right before the WFM call to flush the context. Does the error log show a specific expiration timestamp mismatch, or just a generic unauthorized error? Setting reset_session_on_split: true in the data action definition usually forces the runtime to drop the cached headers.
{
"reset_session_on_split": true,
"auth": {
"force_reauth": true
}
}