Last Updated: Dec 20, 2024
Overview
This article explains the cause of fertft events with the description:
Token could not be decoded or is missing in DB
Applies To
fertftevents- Refresh Token Exchange
Cause
- Reused: The Refresh Token family was previously invalidated due to re-use
- If an application attempts to re-use a rotating refresh token, the refresh token family is invalidated, and the error “Reused rotating refresh token detected, revoked the family” is displayed. The token is then deleted from the Auth0 database. Any subsequent use of the same token will result in the “Token could not be decoded or is missing in DB” error message.
- Revoked: The Refresh Token was revoked
- Expired: The Refresh Token expired
- Pruned: The limit of 200 Refresh Tokens per user per application has been reached, and the token in question has been pruned
- See: Limitations
Solution
Reused:
The application needs to be fixed to stop reusing Refresh Tokens.
Expired or Revoked:
The end-user needs to log in again to get a new Refresh Token.
Pruned:
If the application forces end-users to re-authenticate very frequently, the user will receive many Refresh Tokens. As a result, older Refresh Tokens stored in other applications can be pruned.
In such a case, the frequency of the forced re-authentication needs to be tuned.