Authorization failure when token is too long #1089
Comments
|
SSO bug. pls refile here: https://github.com/ccpgames/sso-issues |
|
Reopening since it seems to be an error specifically with using an SSO token on ESI. Summarizing a discussion from Slack to add relevant info:
Simple and effective workaround: Don't request tokens with all scopes. |
|
GESI requests all scopes and I haven't heard of anyone having this issue. Using the V2 SSO stuff tho. |
@RamonRobben is also using V2, otherwise the scope list wouldn't affect the token length anyways. Is GESI requesting publicData and |
|
Then the issue seems easy to fix. Just remove p.s by removing it from the scope list I mean whoever is developing this API should remove them from even being an option to select for your application. |
|
I just looked. Yea, those are the only 2 its not requesting since they're not used on any route. So that would prob be why this error doesn't happen. But yea, prob can be removed from the dev app UI at this point. |
|
|
|
The outpost scope should def be gone though, that's an oversight. It doesn't solve the underlying problem with token length though. |
|
I have the same problem. Everything works fine with fewer scopes, but not with all scopes. |
|
@GENiALi same recommendation for you until this gets fixed, don't request the |
|
I've hidden the read_outposts and write_structures scopes because they're no longer used. At some point in the future, probably about 9 months from now, I'll for-reals delete them. I'll put a blog out about it in a few weeks once I've spoken to the sso guys and know exactly what the plan is, but in the mean time if you guys wanna get out ahead of this, stop adding those scopes to your login URLs now and the transition should be seamless for you. This doesn't solve the underlying problem of a token length limit, just a bit of cleanup. |
CarbonAlabel
changed the title
|
Confirm that still actual |
|
Updated list of useless scopes:
|
|
Internal issues: EO-13248, EO-13249 |
|
ccpgames/sso-issues#63 might be related. |
|
The issue is still happening as of today. This post just saved me after hours of work trying to figure out what was wrong |
|
All of my token went invalid today with the error message : |
|
Confirm that still actual |
|
I'm running into this issue as well. |
|
Wasted a good chunk of time figuring out what was going on until I stumbled upon this |
|
For all running into this issue, see the workaround. You should only request the scopes you need and not everything and the kitchen sink. You can always expand upon later as you add features. |
|
the bug still exist |
|
This happens again. Could CCP please stop putting more thing into the token without fixing this issue? I'm leaning towards an edge where there is no spare scope for me to remove. |
|
Don't request all scopes in one token. |
|
Yeah, you should only request the scopes you are likely to use. |
I generally use all of them, in batches.
I figured out it works in most cases, but not in the cases when character length is excessively long. I do agree it should be splited to multiple tokens, but the current architecture limits me from doing so. |
|
I have several "dev keys" which are bascally the same, but with different scopes. |
Bug
Make your application request an access token using all scopes currently available and then use that token on any endpoint.
Make sure you are logged in to https://login.eveonline.com beforehand.
Request
First authorize yourself using SSOv2 and ALL scopes available.
Then make an request to any endpoint using the token you got.
Response
{ "error": "authentication failure" }Workaround
Just don't request all scopes. It is highly unlikely that you would need them all.
Expected
The output of the endpoint you are sending your request to.
Checklist
Check all boxes that apply to this issue:
The text was updated successfully, but these errors were encountered: