I also don't see how that's better than just handling the error and trying again. I guess it does save a request, but still seems far from ideal. Especially considering you now have to create another user, and add additional logic to manage the rotating.
... View more
I'm running into a problem with authenticating via the rest API. I run a cron every 5 minutes and every so often I get a not authenticated error. I'm using this ruby client: GitHub - raszi/mrkt: This gem provides some level of abstraction to Marketo REST APIs. The problem is that the API includes expires_in in the response with how many seconds left the token has before it expires. Without an exact expiration time, doing something like "Time.now + expires_in" (mrkt/authentication.rb at master · raszi/mrkt · GitHub) is just an approximation. Even with an explicit timestamp for expires_in though, there is still a possibility of this happening depending on server time accuracy (because my server may not be in sync with the API). This is one why we need a refresh endpoint, or at least a way to force a new token!! Since I can't force a new token to be returned (AFAIK), I can only handle the error and retry a moment later. The fact that I'm running the every 5 minutes creates a perfect scenario for this to happen. A new token is created during one run, and ~1hour later intermittently on the 12th run the problem occurs. Monkey-patching the comparison (in the ruby gem) from "<" to "<=" has made the problem much less frequent, but of course hasn't entirely solved the problem.
... View more