OAUTH token refresh race conditions

Questions
1

When multiple executions use the same OAuth2 credential concurrently, is there a possibility of token refresh race conditions?
I’m seeing occasional 401s under parallel load and wondering if simultaneous refresh attempts could invalidate previously issued access tokens.

Describe the problem/error/question

What is the error message (if any)?

Please share your workflow

(Select the nodes on your canvas and use the keyboard shortcuts CMD+C/CTRL+C and CMD+V/CTRL+V to copy and paste the workflow.)

Share the output returned by the last node

Information on your n8n setup

  • n8n version:
  • Database (default: SQLite):
  • n8n EXECUTIONS_PROCESS setting (default: own, main):
  • Running n8n via (Docker, npm, n8n cloud, desktop app):
  • Operating system:
2

Yes, this can happen depending on the OAuth provider.

Many providers issue a new refresh token during a refresh cycle and invalidate the previous one immediately.

If two executions attempt to refresh simultaneously:
Execution A refreshes → receives new token pair
Execution B refreshes using old refresh token → fails with 401
This is not strictly an n8n bug but a concurrency side effect.

Mitigation strategies:

  • Reduce parallelism when sharing credentials
  • Use separate OAuth credentials for high-concurrency workflows
  • Introduce a credential proxy pattern (single refresh authority flow)
    This is more visible in queue mode under load.
2 Likes
3

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.