3 posts / 0 new
Last post
markjasonanderson
Gateway Autorisation Token Timout

We establish a session with the CoAP gateway but after serveral hours we receive a 4.01 (unauthorised) response from the gateway. I presume this is the session timing out, but the question then is, what is the recommended way to maintain a session indefinetly?

Ours steps (Steps 7&8 were added to handle the 4.01 scenario):

  1. Obtain a token from https://api.data-platform.developer.ssni.com/api/tokens
  2. Post the token to coap://api.coap-staging.developer.ssni.com/sessions, this returns a 2.01.
  3. Establish an obsevation on a resource
  4. Receive notifications from the resource for several hours,
  5. Notifcaitions stop. 
  6. A CoAP GET for a reosurce on the device returns 4.01 unauthorised.
  7. Obtain a new token from  https://api.data-platform.developer.ssni.com/api/tokens
  8. Post the token to coap://api.coap-staging.developer.ssni.com/sessions, this returns a 2.01.
  9. Requests now work again.

Whilst we can recover by refreshing the session token, there is a period where we don't receive observe repsonses because we are unauthorised. We tried periodically POSTing to the echo resource but that never returns a 4.01.

The one answer is to proactively referesh the session token, but how often should this be done? and are there any problems with doing this, e.g. losing obsevation registrations?

 

 

 

 

 

 

 

Type: 
Public
tthayer
re: Gateway Autorisation Token Timout

This topic is discussed in the "Session timeout" section at CoAP APIs.  The idle timeout is 4 hours. Do you feel your sessions are timing out with less than 4 hours idle time?  There are suggestions for keeping the session open in the section referenced. Have you tried them? If so, do they work to keep the session alive?

Does your client receive a non-confirmable CoAP response SERVICE_UNAVAILABLE_503 (message code 163) message?

tthayer
re: Gateway Autorisation Token Timout

Re: "The one answer is to proactively referesh the session token, but how often should this be done? and are there any problems with doing this, e.g. losing obsevation registrations?"

Yes, opening a new session will lose observation registrations.