The security context token is expired or is not valid (During a SOAP Login)

<s:Header>

    <a:Action s:mustUnderstand="1">[http://www.w3.org/2005/08/addressing/soap/fault</a:Action>](http://www.w3.org/2005/08/addressing/soap/fault%3C/a:Action%3E)

</s:Header>

<s:Body>

    <s:Fault>

        <s:Code>

            <s:Value>s:Sender</s:Value>

            <s:Subcode>

                <s:Value xmlns:a="[http://schemas.xmlsoap.org/ws/2005/02/sc](http://schemas.xmlsoap.org/ws/2005/02/sc)">a:BadContextToken</s:Value>

            </s:Subcode>

        </s:Code>

        <s:Reason>

            <s:Text xml:lang="en-US">The security context token is expired or is not valid. The message was not processed.</s:Text>

        </s:Reason>

    </s:Fault>

</s:Body>

</s:Envelope>

I used Postman on Ubuntu 16.04 LTS to send the request.

any clue?

00520000004Ue4fAAC · December 24, 2019, 12:17am

I’m on mobile so forgive the low effort response here, but my first guess would be time synchronization. The WCF binding may be sensitive to significant differences in time between client and server even though you’re not explicitly doing a SSL/TLS connection over HTTPS. It’s probably not that easy but worth double checking!

0050O0000071p8WQAQ · December 24, 2019, 9:20am

I don’t think this is the case because the machine is being used as client and the server at the same time. I even tried to send the same request on the machine itself but I’m getting the same error.

0050O0000071p8WQAQ · January 15, 2020, 3:31pm

As far as I understood, Coming from Ubuntu will require you to login with a valid basic user which in turn requires SSL/TLS and the Active Directory (AD) authentication method will not work.

00520000004Ue4fAAC · January 15, 2020, 4:01pm

That is true for the current supported WCF channels but the deprecated ServerAPI channel still works and I’ve used it to get tokens and configuration from .NET Core using a Windows credential.

ServerAPI/ServerCommandService.asmx

Like I said though, it’s deprecated so if you have problems with it or it is finally removed all together from the product, you’d be on your own.

I believe we are planning to address this in a future version of the SDK. Meanwhile, another avenue is to build your own Web API service to run on the management server, and use it to provide the features you need (tokens, configuration access). Fortunately the Event Server and Recording Server APIs are more x-plat friendly. So once you have a token and know what objects you want to work with, you can use the existing interfaces without much additional effort.

0050O0000071p8WQAQ · January 16, 2020, 11:55am

Noted! Any Sample/Document on integrating a Web API Service and register it on the Management Client?

0050O0000071p8WQAQ · January 16, 2020, 12:16pm

I have tried a login with a valid basic user with SSL/TLS using SOAP, Can you check the issue here?

Thanks in advance.