Auth Token Drift | FieldManual

Auth Token Drift

Severity: critical Last verified: 2026-03-01

authapi 401ssession-expiry clock-synctoken-rollover

Signal

Sudden increase in invalid token errors
Clients reporting forced logout loops

Immediate Actions

Verify issuer and verifier clock offsets.
Extend grace window for skewed tokens by 2 minutes.
Rotate signing keys only after drift is corrected.

Validation

401 spikes return to baseline
Session refresh success above 99%