CrowdStrike OAuth2 API token not refreshing

Describe the problem/error/question

When using the built-in CrowdStrike OAuth2 API credentials, a failed HTTP Request to the API (HTTP response code 401) does not get automatically result in an OAuth2 token refresh.

If I open the credential within n8n and wait for the “Connection tested successfully” message, it works again. I have confirmed that in the CrowdStrike API request audit, no token refresh is taking place until I manually open the credential within n8n and test it.

What is the error message (if any)?

The API return with the 401 HTTP error code and the message “access denied, invalid bearer token”.

Please share your workflow

image1310×421 19.5 KB

Share the output returned by the last node

{
  "body": {
    "meta": {
      "query_time": 2.39e-7,
      "powered_by": "crowdstrike-api-gateway",
      "trace_id": "7efe427d-6a01-4561-8ff6-5653228becd6"
    },
    "errors": [
      {
        "code": 401,
        "message": "access denied, invalid bearer token"
      }
    ]
  },
  "headers": {
    "server": "nginx",
    "date": "Wed, 13 Dec 2023 11:10:30 GMT",
    "content-type": "application/json",
    "content-length": "231",
    "connection": "close",
    "x-content-type-options": "nosniff",
    "x-cs-traceid": "7efe427d-6a01-4561-8ff6-5653228becd6",
    "x-ratelimit-limit": "15",
    "x-ratelimit-remaining": "13",
    "strict-transport-security": "max-age=31536000; includeSubDomains"
  },
  "statusCode": 401,
  "statusMessage": "Unauthorized"
}

Information on your n8n setup

• n8n version: 1.18.2
• Database (default: SQLite): SQLite
• n8n EXECUTIONS_PROCESS setting (default: own, main):
• Running n8n via (Docker, npm, n8n cloud, desktop app): Docker
• Operating system: Ubuntu

Hey @tyrells,

Welcome to the community

I have just created NODE-996 as the internal bug ticket to look into this, Thanks for letting us know.

Also affected by this issue
Just updated to 1.25.1 today and confirmed still occuring

Hey @Dan_Westness & @tyrells,

Would either of you be able to run a test version of n8n to see if it resolves the issue or if you are able to would you be able to create me a limited access test account to your Crowdstrike instance? Feel free to drop me a DM if either option is good for you.

While I will not be able to delegate access to our crowdstrike, I can spin up a test instance in docker and test it out if there is a release i should target.

Hey @Dan_Westness,

You can use n8nio/n8n:branch-node-996-crowdstrike-credential-refresh-failing as the docker image if you have a bit of time.

We’re encountering the same problem. I was wondering if there may be a way to workaround it for now while the root cause is being fixed.

Is there a programatic way to do whatever the “test credential” button is doing in the credential editor? If so, we could make our workflows do that step right before CrowdStrike API access.

Thanks!

Hey @jzrts,

The fix will be available in todays release, The credential test just calls {URL}/user-management/queries/users/v1 if that helps.

New version [email protected] got released which includes the GitHub PR 9108.

I updated to 1.38.2 today and the issue still exists for me.

It is also a problem that the node itself doesn’t error when it fails, but rather outputs the error in a seperate object that i need to filter and create my own error handling based upon

When I connect the account it always says it couldn’t connect (but it does work still in node for my query)… at least until token expires and never refreshes either

image907×631 30.4 KB

I am moving over my authentication to generic OAUTH2 API instead
Seems to be working ok here in this config, but time will tell if it encounters the same issue with the refresh token. Doubtful since it’s using client credentials instead of authorization code i would think

image897×750 29.7 KB

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.