OAuth Token Revocation Failure in Multi-Org AppFoundry Deployment

sip_nerd · February 10, 2026, 7:15pm

Why is this setting causing intermittent 401 errors during token refresh for our multi-tenant integration? We are deploying a Premium App across three distinct orgs using the standard AppFoundry OAuth flow. The issue arises specifically when the user context switches between organizations without a full session logout.

Environment details:

Genesys Cloud API v2
SDK Version: 10.2.1
Auth Type: Client Credentials with Delegation
Deployment: AWS Lambda Node.js 18

The token revocation endpoint returns a 204, yet subsequent API calls fail with invalid_grant. Has the delegation scope handling changed recently?

PlatformOps · February 10, 2026, 7:51pm

This falls outside performance dashboard scope, but the token refresh issue often stems from stale delegation scopes.

Explicitly invalidate the refresh token on org switch.
Ensure the delegated_user_id is cleared before re-authenticating.
Verify the SDK session is fully terminated.

Check the AppFoundry session lifecycle docs for the exact invalidation sequence.