Yesterday I discovered that this error has been frequent over the past several months, starting on 3/25/2020: E00114: Invalid OTS Token.
I was able to reproduce the issue 100% of the time yesterday, in which I tried no less than 50 times. I tried (on sandbox) to rule out a number of things:
- Its definitely not submitting the request twice.
- Not API keys, even rotated sandbox just to be 101% sure
- Sample code from auth.net GitHub repo to create customer profile from opaque data worked: https://github.com/AuthorizeNet/sample-code-php/blob/master/CustomerProfiles/create-customer-profile...
The last one is particular concerning - that means it works in some cases but not others. The front-end code that generates the opaque code was identical, I simply added another endpoint which called the above sample code with the nonce and it worked flawlessly.
Anyway, I was completely stumped and decided to sleep on it. Tried it first thing in the morning, and suddenly on both sandbox and production it started working perfectly fine without making any changes.
I'm seeing other reports about people using delays to overcome this error, is this still the accepted solution to give it time to replicate?
Is it possibly some race condition in how I'm creating ARB? Here is what I'm using to create ARB from Opaque data: https://gist.github.com/slothstronaut/d467d0455d8f0b846437d6f65f7958c0
The issue started happening - again - with no code changes, so definitely some kind of race condition or something of the sort causing this.
Going to test adding a delay before sending request