Sometimes I got a 401 unauthorized error in my app


Hi Tobias Lekman, thank you very much for this great detailed post. I implemented a SP2013 onpremise environment with a providerhosted app with ADFS authentication. I used your customized TokenHelper.cs and SharePointContext.cs. It works fine, but sometimes I got a 401 unauthorized error. I am doing some investigation and have a question about your customized SharePointContext.cs file on row number 1176. You set there the lifetime of the outer token to 10 minutes. But on row number 1148 you set the actor token lifetime to 1000000 minutes. Is this by design?


khalidinio wrote Feb 9 at 8:31 AM

We fixed this issue today by increasing the lifetime of the outer token. The outer token lifetime (10 minutes) needs to be higher than the HighTrustAccessTokenLifetime (12 hours). Another reason why it was not working in our situation, is because we save the SharePointHighTrustSamlContext in the session like they do for SharePointAcsContext and SharePointHighTrustContext. In your situation the tokens will always recreated for each new request and you dont have a dependancy with the lifetime of the tokens.