Barclays "401 - 1012117 - Invalid token. The token has expired." for valid tokens

Description

Getting back 401 for valid tokens. When the token is used later it is working as expected.
401 prompts the client to re-auth which is unnecessary.
In the case that they to re-auth they get a different account to the one previously listed.

Technical Impact

Client A

"openbanking_intent_id": "BARCLAYS-A-10000001696567"

fapiInteractionId : f99675c9-637b-4c03-bf98-2de39da50fee, Nov 25, 2019 @ 10:07:04.508

The account details we get back when calling the/accounts endpoint is as follows:

"identifiers": [

{

"identifierType": "REFERENCE_NUMBER",

"value": "10000000000000367629"

},

{

"identifierType": "BICSWIFT",

},

{

"identifierType": "SORT_CODE",

},

{

"identifierType": "ACCOUNT_NUMBER",

},

{

"identifierType": "IBAN",

}

],

Client B

"openbanking_intent_id": "BARCLAYS-A-10000001478679"

fapiIntercationId : 972db2e3-1e25-45c0-a2d2-f83b3c013e2a, Nov 24, 2019 @ 03:17:32.621

Logs show that the following error returned 401 - "1012117 - Invalid token. The token has expired.​​

Could you please elaborate on the error and why it might occur when using a valid token.

The token is now working as expected and the client is able to refresh and fetch data.

Client C

"openbanking_intent_id": "BARCLAYS-A-10000001587032"

fapiIntercationId : f82b3e43-2a3a-4792-96e2-57bc96289822, Nov 24, 2019 @ 03:14:13.523

Logs show that the following error returned 401 - "1012117 - Invalid token. The token has expired.​​

Could you please elaborate on the error and why it might occur when using a valid token.

The token is now working as expected and the client is able to refresh and fetch data.

Workaround

None

Resolution Notes

None

Impact Assessment

This is potentially a security breach if the wrong accounts are being returned.

Status

Assignee

Unassigned

Reporter

Service Desk

Reference

None

Service Desk Reference

OBSD-12404

ASPSP

Query Type

None

Created (Original)

Nov 27, 2019, 9:34 AM

TPP Impact

None

TPP

Issue Summary

Barclays "401 - 1012117 - Invalid token. The token has expired." for valid tokens

OB Environment

None

Business Impact Severity

Level 2

Share

Yes
Configure