Troubleshooting
Problem
Once the IBMid Federation enabled with OMS, the APITester page frequently experienced YCP0427 error "Cannot invoke API because user is not authenticated." even the user session is still valid. Refreshing the APITester page does not help the situation. The user has to exit and relaunch the browser to start a new session.
Symptom
The problem normally happens after 30 min of idle time. The "Cannot invoke API because user is not authenticated" returned as the API response and with the following in logs:
<?xml version="1.0" encoding="UTF-8"?>
<Errors>
<Error ErrorCode="YCP0427" ErrorDescription="Cannot invoke API because user is not authenticated." ErrorRelatedMoreInfo="">
<Attribute Name="ErrorCode" Value="YCP0427" />
<Attribute Name="ErrorDescription" Value="Cannot invoke API because user is not authenticated." />
<Stack>com.yantra.yfc.util.YFCException com.yantra.interop.services.security.util.UserTokenHelper.validateToken(UserTokenHelper.java:158) com.yantra.integration.adapter.DefaultIntegrationFlow.invoke(DefaultIntegrationFlow.java:178) com.yantra.integration.adapter.DefaultIntegrationFlow.invoke(DefaultIntegrationFlow.java:97) com.ibm.sterling.afc.fwk.api.modutil.XapiRepositoryImpl$1.invoke(XapiRepositoryImpl.java:54) com.yantra.interop.client.XApiRequestDispatcher.invoke(XApiRequestDispatcher.java:83) com.yantra.integration.adapter.IntegrationFlowAdapter.invoke(IntegrationFlowAdapter.java:25) com.yantra.interop.services.api.ApiRequestDispatcher.invoke(ApiRequestDispatcher.java:79) sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:90) sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:55) java.lang.reflect.Method.invoke(Method.java:508) com.yantra.interop.client.YIFApiInvokeHandler.callMethod(YIFApiInvokeHandler.java:65) com.yantra.interop.client.YIFApiInvokeHandler.invoke(YIFApiInvokeHandler.java:43) com.sun.proxy.$Proxy50.invoke(Unknown Source) sun.reflect.GeneratedMethodAccessor82.invoke(Unknown Source) sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:55) java.lang.reflect.Method.invoke(Method.java:508) com.yantra.interop.client.InteropLocalClientAdapter.invoke(InteropLocalClientAdapter.java:42) com.yantra.interop.client.ClientAPICallHandler.invoke(ClientAPICallHandler.java:77) com.sun.proxy.$Proxy50.invoke(Unknown Source) com.yantra.interop.client.InteropHttpServlet.handleApiRequest(InteropHttpServlet.java:583) com.yantra.interop.client.InteropHttpServlet.processRequest(InteropHttpServlet.java:222) com.yantra.interop.client.IBMApiTesterServlet.processRequest(IBMApiTesterServlet.java:117) com.yantra.interop.client.InteropHttpServlet.doPost(InteropHttpServlet.java:174) javax.servlet.http.HttpServlet.service(HttpServlet.java:707) javax.servlet.http.HttpServlet.service(HttpServlet.java:790) com.ibm.ws.webcontainer.servlet.ServletWrapper.service(ServletWrapper.java:1225)
<Errors>
<Error ErrorCode="YCP0427" ErrorDescription="Cannot invoke API because user is not authenticated." ErrorRelatedMoreInfo="">
<Attribute Name="ErrorCode" Value="YCP0427" />
<Attribute Name="ErrorDescription" Value="Cannot invoke API because user is not authenticated." />
<Stack>com.yantra.yfc.util.YFCException com.yantra.interop.services.security.util.UserTokenHelper.validateToken(UserTokenHelper.java:158) com.yantra.integration.adapter.DefaultIntegrationFlow.invoke(DefaultIntegrationFlow.java:178) com.yantra.integration.adapter.DefaultIntegrationFlow.invoke(DefaultIntegrationFlow.java:97) com.ibm.sterling.afc.fwk.api.modutil.XapiRepositoryImpl$1.invoke(XapiRepositoryImpl.java:54) com.yantra.interop.client.XApiRequestDispatcher.invoke(XApiRequestDispatcher.java:83) com.yantra.integration.adapter.IntegrationFlowAdapter.invoke(IntegrationFlowAdapter.java:25) com.yantra.interop.services.api.ApiRequestDispatcher.invoke(ApiRequestDispatcher.java:79) sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:90) sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:55) java.lang.reflect.Method.invoke(Method.java:508) com.yantra.interop.client.YIFApiInvokeHandler.callMethod(YIFApiInvokeHandler.java:65) com.yantra.interop.client.YIFApiInvokeHandler.invoke(YIFApiInvokeHandler.java:43) com.sun.proxy.$Proxy50.invoke(Unknown Source) sun.reflect.GeneratedMethodAccessor82.invoke(Unknown Source) sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:55) java.lang.reflect.Method.invoke(Method.java:508) com.yantra.interop.client.InteropLocalClientAdapter.invoke(InteropLocalClientAdapter.java:42) com.yantra.interop.client.ClientAPICallHandler.invoke(ClientAPICallHandler.java:77) com.sun.proxy.$Proxy50.invoke(Unknown Source) com.yantra.interop.client.InteropHttpServlet.handleApiRequest(InteropHttpServlet.java:583) com.yantra.interop.client.InteropHttpServlet.processRequest(InteropHttpServlet.java:222) com.yantra.interop.client.IBMApiTesterServlet.processRequest(IBMApiTesterServlet.java:117) com.yantra.interop.client.InteropHttpServlet.doPost(InteropHttpServlet.java:174) javax.servlet.http.HttpServlet.service(HttpServlet.java:707) javax.servlet.http.HttpServlet.service(HttpServlet.java:790) com.ibm.ws.webcontainer.servlet.ServletWrapper.service(ServletWrapper.java:1225)
Cause
The error is due to the api security token attached with the OMS session after login. Server properties "api.security.token.timeout" is used to control its timeout. By default it is at 30 min. If this value is less than the user session timeout (by default it is 6000 sec), the api security token expires first. The user cannot take more actions until the browser is closed to start a new IBMid session.
Environment
OMoC platform with IBMid federation enabled.
Resolving The Problem
Adjust api.security.token.timeout server properties with a value that is greater than the required user session timeout. (ex. api.security.token.timeout=86400000 for 24 hours). The setting allows user session to be expired first. A refreshing of the APITester page can be used to renew the user session.
Document Location
Worldwide
[{"Type":"MASTER","Line of Business":{"code":"LOB59","label":"Sustainability Software"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SS6PEW","label":"Sterling Order Management"},"ARM Category":[{"code":"a8m0z000000cxzbAAA","label":"SaaS Components"}],"ARM Case Number":"TS005479560","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Versions"}]
Was this topic helpful?
Document Information
Modified date:
01 November 2021
UID
ibm16475311