FieldManual

Operator field manual: playbooks, runbooks, checklists, and postmortems.

Auth Expiry Incident 2026-02-03

Severity: critical Last verified: 2026-02-25
authgateway 401ssession-expiry clock-synctoken-refresh

Summary

Clock skew between token issuer and verifier caused cascading authentication failures.

Corrective Actions

  • Enforced NTP drift alarms at 250ms.
  • Added canary token validation checks every minute.