Anyone free to help troubleshoot this specific authentication failure pattern during a recent load test execution.
Context:
Environment is US1. Using JMeter 5.6 with Genesys Cloud SDK 2.3.0. The test scenario simulates 500 concurrent agents logging in and refreshing tokens via the /api/v2/oauth/token endpoint. The goal is to validate auth service stability under peak load.
At approximately 120 concurrent requests per second, the system starts returning HTTP 401 Unauthorized errors instead of the expected 200 OK with a new access token. The error message indicates “invalid_grant” or “token expired” even though the refresh tokens were generated less than 10 seconds prior. This happens intermittently, affecting roughly 15% of the requests during the spike. Standard rate limits for OAuth endpoints seem to be much higher, so this feels like a different constraint or a race condition in the token validation logic.
Question:
Is there a known limit on concurrent token refresh operations per client ID or per organization? The documentation mentions general API rate limits but is vague about auth-specific throttling. Could this be a WebSocket connection limit issue masking as an OAuth error? Any guidance on how to structure the token refresh strategy in JMeter to avoid these collisions would be appreciated. I am currently using a simple constant throughput timer, but maybe a more sophisticated pacing is required.