Authorization token has expired

Answered

We're using a self-hosted version of YouTrack 2017.1 (Build 30867)

For two of our users now, (including myself, the administratior), our logins fail with the following error:

> Your authorization token has expired or is invalid. Re-enter your login credentials to refresh the token. If you are still unable to log in, please contact your administrator.

Resetting passwords doesn't fix it, and we've ended up having to delete and re-create users.

What steps should I be taking to diagnose the issue?

6 comments
Comment actions Permalink
Official comment

It turned out that there was an issue with old user merges. It is already fixed in the latest YouTrack build, so to resolve this issue we recommend to upgrade YouTrack.

Comment actions Permalink

I am seeing this error for a number of users but we do not self-host, it is on 2017.2 - is there a known issue?

0
Comment actions Permalink

We have the very same problems with 2017.3 (self hosted) - I'm even locked out with the admin account.

1
Comment actions Permalink

@Jko Hello,

 

Could you please let me know the exact YouTrack build that you're using? What's the exact error message? Do you use InCloud or standalone YouTrack?

0
Comment actions Permalink

@Lüba

Hi,

we are using:

  • 2017.3 standalone (currently on free plan because we are just evaluating at the moment
  • CentOS 7
  • zip-version
  • language set to german

The error is:

  1. I'm trying to login, but get redirect to hub login page.
  2. No message like "invalid user/password" appears (like it does when entering invalid data).
  3. URL contains an parameter (don't know the parameter name anymore) with value "Your authorization token has expired or is invalid. Re-enter your login credentials to refresh the token. If you are still unable to log in, please contact your administrator." - this message is only visible in the URL
  4. stopping and starting with -Djetbrains.jetpass.admin.restore=true did not help - login was still not possible (same error as above)

I can't exactly reproduce the error at will, but it happens a lot of time.

For us the main problem seems to be the default "admin" user. Luckily we created a second account which we promoted to admin permissions.

Yesterday, I got the error as described above and set the password at about 15:00 via the second user. After this, I was able to login. I tried several things to analyze/solve the problems (setting email, verify email, clearing logins, re-adding login). Was unable to login at 15:15, reset the password again (using the second account), worked again. A colleague of mine tried to login this morning with the "final" password from yesterday (15:15) - same token error.

I can not prove the following but maybe it helps: one of the hub-* logfiles said login was successful even when I got the token error. Can't find it anymore, it seems the logs are cleared when stopping/starting the server (which we did when we tried to restore the password via -Djetbrains.jetpass.admin.restore=true).

Because it seems it's related to the default "admin" user we disabled him and created a new admin user. Let's see how this works.

0

Please sign in to leave a comment.