Unable to validate session-bound result token

rahul.bisht · August 16, 2018, 10:03am

Hi Team,
when we leave the hoisted login page of our application for a long time.It goes to error page of auth0 with error – Unable to validate session-bound result token.

{
“date”: “2018-08-03T06:43:20.954Z”,
“type”: “f”,
“description”: “Unable to validate session-bound result token.”,
“connection”: “Username-Password-Authentication”,
“connection_id”: “con_0OSTu5DYjGIPhuah”,
“client_id”: “0viZBdFDGCNE1STH5JS2XJz6lsULH9Ri”,
“client_name”: “”,
“ip”: “”,
“user_agent”: “Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:61.0) Gecko/20100101 Firefox/61.0”,
“details”: {
“body”: {
“wa”: “wsignin1.0”,
“wresult”: “eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJ1c2VyX2lkIjoiNWI0NTk1MmVjOThhNTM1NmE5OTk3ODQ1IiwiZW1haWwiOiJ5dWFuc2hlbmcueHVAc2llbWVucy5jb20iLCJlbWFpbF92ZXJpZmllZCI6dHJ1ZSwibGFzdF9wYXNzd29yZF9yZXNldCI6IjIwMTgtMDctMTJUMDg6MTQ6NTUuMDE4WiIsInNpZCI6Ik5xNzhGdWpMRDdueEo1SnBvbDVjRHZRbWhWVW1vYlgtIiwianRpIjoiNWI2M2Y5ODhkODhhNjk0MDFjYTA3ZDYxIiwiaWF0IjoxNTMzMjc4NjAwLCJleHAiOjE1MzMyNzg2NjAsImF1ZCI6InVybjphdXRoMDpzaHNwcm9kOlVzZXJuYW1lLVBhc3N3b3JkLUF1dGhlbnRpY2F0aW9uIiwiaXNzIjoidXJuOmF1dGgwIn0.h4I_G4SfPpcPUriHWETH5S5sL8t_YgiFIuqjCHcvWrFPCThmCvP8O1yu1Th6EjSfJTiH7p7I_FobfcsygwWgMsxq8GmY8krnms3a3ZAAE5o5AKx3Hu4WUd89L8Az0K27TL3Ogtct3PW31pcpFLv8nsDklHw5EVfS1bILOlbQc98”,
“wctx”: "{"strategy":"auth0","auth0Client":"eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4yLjMifQ==","tenant":"shsprod","connection":"Username-Password-Authentication","client_id":"0viZBdFDGCNE1STH5JS2XJz6lsULH9Ri","response_type":"code","scope":"openid email","redirect_uri":"teamplay
},
“qs”: {},
“connection”: “Username-Password-Authentication”,
“error”: {
“message”: “Unable to validate session-bound result token.”,
“oauthError”: “invalid_request”,
“type”: “request-error”
}
},
“hostname”: “”,
“log_id”: “90020180803064320954636544350907313481545897783823695874”
}

Carlos_Mostek · August 17, 2018, 4:37pm

There is a session timeout. I don’t know what the exact time is, it is something like 30 minutes or maybe a couple of hours. That timer starts when you redirect to /authorize, if the login doesn’t happen within that session timeout, then you can end up getting errors. You should be able to handle that error and redirect them back to the login page from your callback though, with some sort of “session timed out error, please log in again”.

dmytro.shaposhnik1 · August 30, 2018, 1:36pm

Just encountered same issue. Carlos, could you clarify how it can be handled?

trevors · November 21, 2018, 7:23am

Same issue here. It is in Auth0’s login hosting page… could you help me to redirect user to the login page?

rahul.bisht · July 2, 2019, 2:58pm

can we increase this timeout.