We are trying to use the ImpCentral API from our servers, which are load-balanced. We share and store an access token in redis across servers. However it seems the access token is getting associated with a server somehow (IP address?) as it will work on one of our servers and not the other one (401).
Any idea what is going on here and the best way forward.
@ahoughton should have the answer for that
access tokens are – as you’ve found, and we should document – tied to an IP address. This is unlikely to change. There’s no limit on the number of access tokens you can create with your refresh token, though – I’d recommend having each server keep a local access token, and use a shared refresh token to manage re-auth.
There may be other options, but none that immediately come to mind.
and refresh token last forever (or on a max 5 cycle)?
They do. Note that if you don’t want to be suprised when they suddenly stop working – which they will as you log in / log out from various computers – you likely want to use a LoginKey instead. Same idea, long-lived, never expires, slightly more dangerous. See http://apidoc.electricimp.com/#tag/Auth.