Skip to content

fix: apply token expiry buffer before reusing cached access token #330

New issue
New issue
Open
#331
Open
fix: apply token expiry buffer before reusing cached access token#330
#331
@aaguiarz

Description

@aaguiarz
aaguiarz
opened on Feb 16, 2026

Summary

Credentials.getAccessTokenValue() currently reuses a cached token up to the exact expiration instant:

if (this.accessToken && (!this.accessTokenExpiryDate || this.accessTokenExpiryDate > new Date())) {
  return this.accessToken;
}

The SDK defines token-expiry buffer constants but does not use them.

Impact

A token that is close to expiry can be sent on outbound requests and expire in transit.

Expected

If token expiry is within the configured buffer window, refresh proactively instead of reusing the cached token.

Proposed Fix

Use TokenExpiryThresholdBufferInSec (+ jitter) when deciding whether cached token is still valid.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    SDKs and Tooling

    Status

    Intake

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions