- Genesys Cloud Environment: US01, Production
- SDK Version: @genesys/cloud-messenger-sdk v2.1.0
- AppFoundry App Type: Premium, Multi-Org Enabled
- Authentication Flow: Client Credentials with PKCE
- Last Successful Sync: 2023-10-24 14:30 PST
Could someone explain the intermittent 401 Unauthorized responses occurring during token refresh cycles for our multi-tenant integration? The application successfully authenticates using the initial client credentials grant, but subsequent refresh attempts fail consistently when the token expiration approaches the 3600-second mark. The error payload indicates invalid_grant despite the refresh token being valid and properly stored in secure session storage. This behavior is isolated to specific organizations within our deployment, suggesting a potential discrepancy in how the OAuth server handles concurrent refresh requests from multiple user sessions originating from the same app instance. Rate limiting does not appear to be the cause, as the request volume remains well below the documented thresholds for the platform API. The issue disrupts real-time data synchronization for contact center supervisors, forcing manual re-authentication. Has this pattern been observed in other premium app deployments, and is there a recommended retry strategy or token caching mechanism that mitigates this race condition?