The script keeps hitting a 401 Unauthorized error on the second request to /api/v2/routing/queues. Documentation suggests the platform SDK handles token refresh automatically when you pass credentials to the Configuration object. We’re calling the auth manager manually every ten minutes but it still drops anyway. Here is the setup we are using for the US/Eastern environment.
from genesyscloud import Configuration, RoutingApi
config = Configuration()
config.host = “api.us-east-1.genesys.cloud”
config.client_id = os.getenv(“GENESYS_CLIENT_ID”)
config.client_secret = os.getenv(“GENESYS_CLIENT_SECRET”)
api_instance = RoutingApi(Configuration.get_default())
The issue isn’t your manual refresh logic. It’s that you’re likely creating a new Configuration object or instantiating the API client outside the scope where the token is being refreshed. The Genesys Python SDK (genesyscloud) handles token caching and refresh automatically if you use the PlatformClient pattern or ensure the Configuration instance is shared. If you’re just doing Configuration() and setting the host, you might be missing the oauth_client_id and oauth_client_secret in a way that doesn’t persist across calls, or you’re hitting a race condition where the token expires between the check and the request.
Stop manually refreshing. The SDK has an internal token manager. You need to pass your credentials into the config once, and then reuse that single config instance. If you’re creating a new RoutingApi client for every call with a fresh config, you’re bypassing the cache.
Here’s how to structure it so the SDK manages the lifecycle:
from genesyscloud import Configuration, RoutingApi, PlatformClient
# 1. Setup config once with credentials
config = Configuration()
config.host = "api.us-east-1.genesys.cloud"
config.oauth_client_id = "your_client_id"
config.oauth_client_secret = "your_client_secret"
# 2. Use PlatformClient to handle the auth context properly
platform_client = PlatformClient(config)
# 3. Get the API instance from the platform client
routing_api = platform_client.get_api_instance('RoutingApi')
# Now make calls. The SDK handles refresh.
try:
queues = routing_api.get_routing_queues()
print(f"Got {len(queues.entities)} queues")
except Exception as e:
print(f"Error: {e}")
If you really want to stick to the raw Configuration class, make sure you’re not recreating it. The get_access_token method caches the token in the config object. If you’re seeing 401s, check if your client app has the admin:queue scope. Sometimes the token is valid but the scope is too narrow for the second call if it’s hitting a different endpoint. Also, verify the time on your server. Token refresh relies on system time. If it’s off by more than a few minutes, the refresh request itself might fail silently or get rejected.
Check the config.access_token property after the first call. If it’s None, the initial auth failed. If it’s a string, the SDK is caching it. If it’s expiring, the SDK should refresh it before the next call. If it’s not, you might be hitting a bug in an older SDK version. Update to the latest genesyscloud package. pip install --upgrade genesyscloud.
I’ve seen this happen when people mix requests library calls with SDK calls. Don’t do that. Stick to one method. The SDK is opinionated for a reason. It handles the OAuth2 client credentials flow and the refresh token logic. You’re fighting the framework here. Let it do the work.