What happens when a username/password is invalid? Its possible that every request will attempted to acquire a token (passing the invalid credentials over and over again) which could lock the users account. Setup a process to not attempt to re-acquire tokens if credentials are invalid. Possibly wait for credential changes before trying to acquire the token again (like an update to the username/password).
What happens when a username/password is invalid? Its possible that every request will attempted to acquire a token (passing the invalid credentials over and over again) which could lock the users account. Setup a process to not attempt to re-acquire tokens if credentials are invalid. Possibly wait for credential changes before trying to acquire the token again (like an update to the username/password).