Why does the /api/v2/platform/user endpoint starts returning 401 Unauthorized specifically when WebSocket connections exceed 150 concurrent sessions in the Singapore region?
I am running a JMeter script to stress-test the Genesys Cloud WebRTC integration. The setup involves generating OAuth tokens for 200 virtual agents. Everything works fine up to ~140 concurrent connections. Once I push past that threshold, the initial handshake succeeds, but subsequent attempts to fetch user capabilities fail with a 401.
The error payload is minimal: {"message": "Unauthorized", "status": 401}.
I have verified that the refresh token logic is correct and handles expiration gracefully in lower-load scenarios. The issue seems tied to concurrent token validation rather than expiry. Is there a hidden rate limit on the security validation endpoint itself? Or is this a known issue with the WebSocket connection pool in ap-southeast-1?
JMeter version: 5.6.2
Genesys Cloud Org Region: ap-southeast-1
Concurrency: 200 threads
Ramp-up: 0 seconds (instant load)
Any insights would be appreciated. I am stuck on this capacity planning blocker.
if i remember correctly, this is a rate limit on the oauth token refresh. the singapore region has stricter throttling. try adding a jitter to your jmeter script or switching to client credentials flow for the bots. also, check your provider config in terraform to ensure the token endpoint isn’t being hammered by concurrent apply blocks.
Depends on your setup, but generally the 401s stem from token refresh collisions in ap-southeast-1 rather than hard limits. Verify your ServiceNow Data Action handles transient auth failures gracefully. Add exponential backoff with jitter to the /api/v2/platform/user calls. The documentation suggests decoupling the handshake from the immediate ticket creation to avoid hammering the token endpoint during peak WebSocket load.
Depends on your setup, but generally the issue is not just rate limiting but how the token lifecycle is managed during bulk export jobs for digital channels.
Does anyone know why the /api/v2/platform/user endpoint starts returning 401 Unauthorized specifically when WebSocket connections exceed 150 concurrent sessions in the Singapore region?
The Singapore region has stricter throttling on OAuth token refreshes. When running stress tests with JMeter, the concurrent requests often collide on the token endpoint. For legal discovery and chain of custody, it is critical to capture the exact timestamp of these 401 rejections. If the token expires during a bulk export job, the metadata integrity can be compromised.
Try adding exponential backoff with jitter to your script. Also, verify that your ServiceNow Data Action handles transient auth failures gracefully. Decoupling the handshake from the immediate ticket creation helps avoid hammering the token endpoint. This approach ensures that the audit trail remains consistent even under high load. Check the Recording API documentation for best practices on handling 429 and 401 errors in bulk export scenarios.