Salesforce AppExchangeimplicithighCluster of 11 signals
Card #563 · Salesforce AppExchange

Token expiration and rotation issues in background jobs and embedded apps

Merchants and developers are experiencing disruptive full-page reloads in embedded apps and 401 Unauthorized errors in background jobs due to expired or stale access tokens. The issue often stems from in-memory session caching and race conditions during token rotation, causing scheduled tasks to fail.

Salesforce AppExchangeUpdated Jun 7, 20260.18
Pain score
0.18/ 1.00 · weighted product of four components
Reach0.70
distinct authors (log-normalized)
Recency1.00
freshness decay, half-life months
Engagement0.38
upvotes + comments, normalized
Monetization0.50
willingness-to-pay cues in evidence
§ Evidence — 4 verified quotes
the app automatically reloads the whole page and redirects via exit-iframe to /auth to get a new token
Forum·@truongsondev··source ↗
offline access token is refreshed but some of the bg jobs are still using expired offline token and finally it ends up having unauthorized request to admin gql api
Forum·@crpatel··source ↗
Any scheduled job after that (e.g., the next day) fail, which speaks to it potentially being an issue with how the vendor is handling rotating tokens.
Reddit·@sodulob··source ↗
The refresh inside unauthenticated.admin(shop) only updates the session row in your SessionStorage, but any worker that grabbed a session before the refresh is still holding the old object in memory
Forum·@lumine··source ↗

Comments are a Pro feature — join the conversation, share what you've shipped, hear what others are building.

Upgrade to Pro