Users randomly receiving "User revoked consent" 401 errors #139
Comments
|
Found this happening with some more Tesla customers. Appears like it might be isolated to Europe. Adding MFA, changing passwords, resetting apps/services doesn't help. "User revoked consent" is happening for them every 8 hours as the token refreshes. |
|
I think the problem happens if a user who is signing in is registered in another region than the partner account. My partner account is in the EU but NA users are getting exactly this error. After changing the region from one account from NA to EU everything works fine for this account. |
@sapkra It sounds like you found a solution to this, but I don't follow. What do you mean you changed the region? |
|
You can move a user to EU servers (the region of the account) in the account settings on the Tesla Website. As a developer you should know how because it's disabled for some reason to "normal" users. |
@sapkra Weird, I can't find this setting anywhere on either user or developer accounts. Can you post a URL and screenshot of this setting? |
|
https://accounts.tesla.com/account-settings/personal-information/edit-basic-information PS: in my case I needed the developer console to change the region ;) |
|
Here the full explanation how to change the region:
|
|
I am getting the same when refreshing a token. Data calls work fine until the token expires. HTTP 401 It's only for eu users. We are registered in the US. We have tried every combination of things to change when registering an eu user but still get stuck on the refresh not working. Unfortunately we cannot ask every user to go in and change their region in developer mode. Did anyone figure this issue out? |
|
I'm receiving hundreds of emails about this and really am not sure what to tell people. I have tried pretty much everything imaginable. |
|
+1 I’m one of those people emailing @stx as a user. This needs to be fixed, as it’s clearly not implementing the OAuth2 standard correctly from a user perspective. My region is set to UK. Any further details that help I’m happy to help supply. |
|
Can confirm we are seeing many cases of this. This should be treated as critical @sethterashima |
|
Hello! 👋 We are using fleet api and now start experience the same problem. Would appreciate any feedback from Tesla, but support haven't responding to our emails. |
|
Hey! I have this problem with one of my two 3rd party apps, the Smart charging at home connected to my electricity company "Tibber" works perfectly but the Tessie app (for driving record) logs out after exactly 8 hours. Very surprising as I need it for accounting of the car's private versus service miles. Do we know if anyone is working on a solution? |
|
Same here. Tessie logout every 8h. very annoying :( |
|
It happen to me as well. My wifes car was for any reason in region "US". After moving it to "EU" / German account as described by |
My account is locked to my country sweden and i can't choose any other? i did however put in my home adress, se if that will change the fault... |
|
Did you define the scope "offline_access" at registration and did the token refresh work? I don't know much about the Go technique refreshing tokens, but my python implementation kind of works. |
|
@stx I'm not sure if this helps, or is just random. As has been usual over the past few days Tessie kicked me out yesterday and asked for an access token. However this time I happened to be in a private browser on Safari on iOS. I had to log back in with username, password, authenticator code. Since I've done this I've not been kicked out again (I was expecting that to have happened this morning and yesterday afternoon). |
|
It appears that Tesla has rolled out an auth system update with a new refresh token format, and this problem seems to be fixed now judging from the experience of several users. Can anyone else confirm this issue has been resolved for them as well before I close this? |
|
@stx No, I'm still seeing frequent cases of login_required. I'd hold off on closing this. |
|
We see that Tesla updated refresh_token structure yesterday. Which means all fleet_api token refreshes failed (401 login required - our entire fleet on those), but then after customers log in again, then everything works and the original 401 Error Revoked problem disappears. So a heavy-handed fix it seems, but did the trick. Now just have to get all our drivers to re-connect :(. |
|
Hi, mine seems to have been working since yesterday, had an update to the Tesla app from the App-store in my phone, but so far it's been working and I'm hopeful now. But eagerly waiting for it to crash again… |
|
Just out of curiosity, where are you seeing that Tesla updated the token refresh system? Are they publishing a log somewhere? |
|
Hi, I don't have to log in to Tesla since yesterday as well. I switched my connectivity in Tessie account yesterday and I had to log in again with my ID and 2FA. No problem anymore. |
|
No logout anymore on my side since +30h ago. That never happened. |
|
I still see problems with registration of runs, last run was registered int but the app is stuck in idle... despite several restarts |
|
How difficult would it be for tesla to create a driving journal themselves to keep track of their private vs business miles, with the option to save as an excel file? then we wouldn't have this problem... |
|
Hey all we've now upgraded the system, this bug should be resolved. Thank you for the feedback to chase this down! |
|
Thanks for confirming. I believe those still having issues are running into the new change that refresh tokens can no longer be used twice: #160. |
Some users are (randomly?) receiving "User revoked consent" 401 errors whenever their access token is refreshed. This is happening multiple times a day, and it forces them to reauthorize their account over and over again - but the reauthorizations are automatic and do not prompt them for consent, so consent has not actually been revoked.
They claim they are not altering their Tesla account in any way and have no other apps or services running.
Here is an example Tesla OAuth response:
The text was updated successfully, but these errors were encountered: