cancel
Showing results for 
Search instead for 
Did you mean: 

Intermittent E00114: Invalid OTS Token - now working today after no changes

Yesterday I discovered that this error has been frequent over the past several months, starting on 3/25/2020: E00114: Invalid OTS Token.

 

I was able to reproduce the issue 100% of the time yesterday, in which I tried no less than 50 times. I tried (on sandbox) to rule out a number of things:

- Its definitely not submitting the request twice.
- Not API keys, even rotated sandbox just to be 101% sure
- Sample code from auth.net GitHub repo to create customer profile from opaque data worked: https://github.com/AuthorizeNet/sample-code-php/blob/master/CustomerProfiles/create-customer-profile...

 

The last one is particular concerning - that means it works in some cases but not others. The front-end code that generates the opaque code was identical, I simply added another endpoint which called the above sample code with the nonce and it worked flawlessly.

 

Anyway, I was completely stumped and decided to sleep on it. Tried it first thing in the morning, and suddenly on both sandbox and production it started working perfectly fine without making any changes.

 

I'm seeing other reports about people using delays to overcome this error, is this still the accepted solution to give it time to replicate?

 

Is it possibly some race condition in how I'm creating ARB? Here is what I'm using to create ARB from Opaque data: https://gist.github.com/slothstronaut/d467d0455d8f0b846437d6f65f7958c0

 

Thanks 

findmate
Member
2 REPLIES 2

The issue started happening - again - with no code changes, so definitely some kind of race condition or something of the sort causing this.

 

https://www.dropbox.com/s/r54lbtyc5b11lf5/Screenshot%202020-06-20%2009.00.35.png?dl=0

 

Going to test adding a delay before sending request

findmate
Member

Adding a delay fixes it. But it takes a 10 second delay even in production to get it to work.

 

This is disappointing that a delay is required to get Accept.js to work reliably.