Forum Discussion
F5 looses the token for the first call
Do you have any similar issue? or any idea :
with the token that it has retrieved from the AD Entra ID endpoint. The first call to the backend always loses the token on the way via F5, so it does not reach the backend at all. The frontend then goes to an error page (no authorisation).
If you then start the same call again, i.e. reload the frontend, everything works as expected.
- JmtaylorModerator
Ozzy Have you been able to find a solution for this yet?
I was able to use some AI to assist with some options for you. Let us know if any of this is useful for you.this can be a tricky issue, but there are a few things you might want to check or try:
1. **Token Expiry and Synchronization**: Ensure that the token you retrieve from AD Entra ID is valid and not expired. Sometimes, there could be a time synchronization issue between your systems that causes the token to be invalid on the first call.
2. **Session Persistence**: Check the session persistence (or sticky sessions) configuration on your F5 load balancer. If the session is not sticky, the token might be lost or not properly forwarded to the backend on the first call.
3. **F5 Configuration**: Review your F5 configuration to ensure that the headers, including the authorization token, are being preserved and passed correctly. Sometimes, custom configurations or policies can strip out headers.
4. **Network Latency or Caching**: There could be network latency or caching issues that affect the first call. Investigate if any caching mechanisms are in place that might interfere with the token being sent on the first call.
5. **Logging and Monitoring**: Enable detailed logging on your F5 and backend to capture what happens to the token on the first call. This might give you insights into where the token is being lost.
6. **Retry Mechanism**: Implement a retry mechanism in your frontend to handle the first call failure gracefully, though this is more of a workaround than a solution.
If none of these suggestions resolve the issue, you might need to involve your F5 support or network team to dig deeper into the load balancer's behavior and configuration.
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com