question

Upvotes
Accepted

RDP Authentication problem with multiple WebSocket sessions on a single user

Hi,


I have a problem when getting AuthenticationInfo JSON from RDP GW with multiple Websocket sessions.


We are running our identical Reuters Client applications on 5 different machines. So we connect to RDP on 5 different machines (each of them opens a websocket) by using same client_id, user and password.


We login Refinitiv Data Platform (RDP) GW by using https://api.refinitiv.com:443/auth/oauth2/v1/token url.



So,


On startup, when we try to login GW with takeExclusiveSignOnControl=false value flag (we don’t want to sign-off others) and password method we cannot login.

So on next try we are setting its value to true (takeExclusiveSignOnControl=true) and can login to GW then.


Application Logs (machine 1):


0525-174616.241-I-(RdpGwAuthentication) - RDP AUTH: Sending authentication request with password to url: https://api.refinitiv.com:443/auth/oauth2/v1/token

0525-174618.178-E-(RdpGwAuthentication) - RDP AUTH: Authentication failed! - HTTP statusCode=400, reason=Bad Request : HttpResponseProxy{HTTP/1.1 400 Bad Request [Date: Tue, 2

5 May 2021 17:46:18 GMT, Content-Type: application/json, Content-Length: 77, Connection: keep-alive, X-Amzn-Trace-Id:

Root=1-60ad37e8-0f332d4c1b427dd41a18192b, X-Served-By: region=eu-west-1; cid=d15c7bebba574bdfa4e7f96314d5260c, X-Tr-Requestid: adef68dd-12e8-4032-8a12-d0f3a2

342665] ResponseEntityProxy{[Content-Type: application/json,Content-Length: 77,Chunked: false]}}

0525-174618.679-I-(RdpGwAuthentication) - RDP AUTH: Sending authentication request with password to url: https://api.refinitiv.com:443/auth/oauth2/v1/token

0525-174618.682-I-(RdpGwAuthentication) - RDP AUTH: takeExclusiveSignOnControl is true

0525-174619.339-I-(RdpGwAuthentication) - RDP AUTH: Authentication succeeded.




But when we also try to update the token (using previous token and sending to GW) we again encounter with the same problem. So we are again setting the takeExclusiveSignOnControl=true and getting a new token.

So on every refresh token step we get this error on all machines. This is the our case we want to solve.



Application Logs (machine 1):


0525-180926.291-I-(RdpGwAuthentication) - RDP AUTH: Sending authentication request with refresh token to url: https://api.refinitiv.com:443/auth/oauth2/v1/token

0525-180928.894-E-(RdpGwAuthentication) - RDP AUTH: Authentication failed! - HTTP statusCode=400, reason=Bad Request : HttpResponseProxy{HTTP/1.1 400 Bad Request [Date: Tue, 2

5 May 2021 17:48:56 GMT, Content-Type: application/json, Content-Length: 29, Connection: keep-alive, X-Amzn-Trace-Id:

Root=1-60ad3886-1ed7606b176db93d13423837, X-Served-By: region=eu-west-1; cid=34855dd65625402cbf715b3f499eba7a, X-Tr-Requestid: 95d67dd8-bdcc-4675-9aee-61c7b6

daa510] ResponseEntityProxy{[Content-Type: application/json,Content-Length: 29,Chunked: false]}}

0525-180928.895-E-(ReutersClient) - Cannot get AuthenticationInfo from RDP GW. Token updating process failed!

0525-180929.395-I-(RdpGwAuthentication) - RDP AUTH: Sending authentication request with password to url: https://api.refinitiv.com:443/auth/oauth2/v1/token

0525-180929.397-I-(RdpGwAuthentication) - RDP AUTH: takeExclusiveSignOnControl is true

0525-180930.062-I-(RdpGwAuthentication) - RDP AUTH: Authentication succeeded.

0525-180930.062-I-(ReutersClient) - Started to update tokens. Session expire time (expires_in) 300 sec.

0525-180930.063-I-(RdpGwAuthentication) - RDP AUTH: Sending authentication request with refresh token to url: https://api.refinitiv.com:443/auth/oauth2/v1/token

0525-180930.584-I-(RdpGwAuthentication) - RDP AUTH: Authentication succeeded.



With the above steps we have considered the below technical PDF information for the takeExclusiveSignOnControl flag.

We firstly send false flag to GW. But after we encounter error on login we send true flag value. So this invalidates refresh tokens on all machines!





As a note;


When we just run only 1 machine (so 1 WebSocket session) to connect RDP GW we have no problem for token updates:


Application Logs (machine 1):


0525-183209.447-I-(RdpGwAuthentication) - RDP AUTH: Sending authentication request with refresh token to url: https://api.refinitiv.com:443/auth/oauth2/v1/token

0525-183210.098-I-(RdpGwAuthentication) - RDP AUTH: Authentication succeeded.

050525-183210.098-I-(WebSocketSession) - WSOCK: Sending login request (firstLogin false)

0525-183210.098-I-(ReutersClient) - Finished updating tokens. Session expire time (expires_in) 300 sec



Regards,

rdp-apirefinitiv-data-platformauthenticationtokencredentials
1622111489422.jpeg (48.5 KiB)
icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 5.0 MiB each and 10.0 MiB total.

Upvotes
Accepted
9.7k 49 38 60

Hi @bilgisayarmuhendisi.tr,

Each Machine ID has a session count of 1, meaning you can’t run multiple applications using the same ID. This will result in errors when attempting to refresh your access token. Later this year, the server team will be implementing a new authorization mechanism to address the current limitations of the IDs. I would suggest you reach out to your Refinitiv account manager to acquire multiple IDs and explain what you are trying to do.

icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 5.0 MiB each and 10.0 MiB total.

Upvotes

Thanks for the reply.

Regards.

icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 5.0 MiB each and 10.0 MiB total.

Click below to post an Idea Post Idea