000033384 - Server was unable to process request resulting in an Invalid session token error in RSA Archer GRC

Document created by RSA Customer Support Employee on Jun 29, 2016Last modified by RSA Customer Support on Mar 28, 2019
Version 3Show Document
  • View in full screen mode

Article Content

Article Number000033384
Applies ToRSA Product Set: Archer
RSA Version/Condition: Any
IssueInvalid Session Token or Bad Token error
A data feed, an external application that accesses Archer through the API, or an integration that access Archer through the RSA Connector Framework (RCF) or the Unified Connector Framework (UCF) fails with one of the following errors:
  • Server was unable to process request. ---> Bad Token
  • Server was unable to process request. ---> Invalid session token
CauseConnections to Archer via:
  • The Web Services API, 
  • A Web Services Transport data feed (which also uses the API), or
  • An integration that imports data through the RSA Connector Framework (RCF) or its successor, the Unified Connector Framework (UCF) use an impersonated Archer user session.

An Invalid Session Token or Bad Token error indicates that the user session token was terminated while the operation was still in process.  Most likely, this has occurred because:

  • Two processes (such as two data feeds) are configured to use the same user ID. 
  • An external process using the API is started once and then started again before the initial run has completed.
  • If this is an actual user ID, the user has logged on to Archer while the automated process is running. 
The result is that a new session token is generated for the account, and the first session token is terminated.
ResolutionAny automated process making an internal or external connection to Archer where user impersonation is done should have a unique user ID used only for that purpose.