I’m looking into this bug causing iOS app users getting banned every now & then, and I was wondering if anyone could shed some light on a hypothesis that it could be the multiple instantaneous requests for a refresh token that could be causing the bug. In my scenario, the ban happens immediately after several requests are made to the API to request state history for some sensors, all at almost the same time. I’ve dug into the frontend code, and it appears that, if the auth token has expired when fetchWithAuth() is called, it attempts to refresh the token.
Does anyone with knowledge of the API auth process know if this requesting of multiple refresh tokens could be causing the problem? Is there a limit to the number of refresh tokens the system can handle/store/etc that might be causing one/more of the tokens returned to be replaced before they’ve been used?