Gen-python-sdk auto-refresh token behavior vs manual refresh_token grant

General Discussion
1

Does the gen-python-sdk actually handle token refresh automatically if I just initialize it with ClientSecretAuthenticator?

I’ve been manually managing the token lifecycle using the refresh_token grant type because our tokens have a short TTL. It’s working fine, but I want to simplify the codebase. The docs for ClientSecretAuthenticator say:

“This authenticator will automatically refresh the token when it expires.”

So I swapped my custom refresh loop for the built-in authenticator. Here’s the setup:

from genesyscloud.auth import ClientSecretAuthenticator
from genesyscloud.platformsdkclient import PlatformSDKClient

auth = ClientSecretAuthenticator(
 client_id=CONFIG['client_id'],
 client_secret=CONFIG['client_secret'],
 oauth_server_url=CONFIG['oauth_server_url']
)

client = PlatformSDKClient(auth)

I ran a long-running job that hits /api/v2/conversations/conversations every few seconds. After the initial 3600s token expired, I expected the SDK to fetch a new one in the background. Instead, I got a 401 Unauthorized on the next request.

I added some debug logging to authenticator.py and it looks like the refresh_token method isn’t being called. It’s just retrying the failed request with the old token, failing again, and raising an exception.

Here’s what I’ve checked:

  • Python version 3.9.18
  • genesys-cloud package version 1.12.5
  • Scopes are correct (admin:all, conversation:all)
  • No custom interceptors are blocking the refresh

The code works perfectly if I manually call auth.get_token() before each request, but that defeats the purpose of the “automatic” refresh. Am I missing a configuration flag to enable the background thread? Or is this a known issue with the current SDK version?

I don’t see any enable_auto_refresh parameter in the constructor. Feels like I’m doing something wrong, but the docs are pretty clear about this behavior. Maybe the thread isn’t starting?

Here’s the error trace snippet:

genesyscloud.platformsdkclient.exceptions.ApiException: (401)
Reason: Unauthorized
HTTP response headers: HTTPHeaderDict({'WWW-Authenticate': 'Bearer realm="Genesys Cloud"'})

Any ideas why the auto-refresh isn’t triggering?