OAuth Token Refresh Fails with 401 During High Concurrency Load Test

Could someone explain why our service account tokens expire rapidly during peak load? We are running JMeter with 500 concurrent threads hitting the /api/v2/oauth/token endpoint. After about 200 requests, we start receiving 401 Unauthorized errors instead of fresh access tokens. The client credentials are correct, and this works fine at low concurrency.

Is there a specific rate limit on the token refresh endpoint that we are hitting? We need to maintain stable WebSocket connections for our simulation. Any advice on configuring token caching in JMeter or adjusting the request interval would be appreciated.

You might want to check at the OAuth scope configuration for that service account, as high-concurrency token refreshes often hit implicit rate limits if the scope includes admin-level permissions that trigger stricter security throttling. The documentation suggests breaking down the scopes to only what is strictly necessary for the webhook payload generation, which usually bypasses the 401 errors during load testing.