User17149773956193392270 (Customer) asked a question.
Receiving intermittent "Invalid session" response from Okta
Hello, we have set up pods in Kubernetes with the Okta SDK. Occasionally (and this happens rather rarely) one of the pods will get into a bad state in which Okta reports the following error back:
"errorCode":"E0000005","errorSummary":"Invalid session","errorLink":"E0000005"
Restarting the pod fixes the issue but I'd like to prevent this from happening if possible. Do you have any idea why this could be happening?
That error typically means "Invalid Authorization header in the request or an invalid API token." as mentioned in the following article. I'm unsure how the API token is managed in your specific integration as I've not set up Kubernetes with Okta. When you get this error you could try the API token manually via POSTMAN to see if it errors everywhere or if this is only an issue with your Kubernetes integration.
https://support.okta.com/help/s/article/Reactivate-User-API-call-returning-error-E0000005?language=en_US You may want to check logs and see if you can figure out the "Occasionally" to see if perhaps it only happens when the API token has not been used for a longer period of time.
While less likely to do with your error, you might take a look at the last comment in the following documentation and see if your "...token_lifetime..." values need adjusted.
https://developer.okta.com/blog/2021/11/08/k8s-api-server-oidc
You may need to reach out to Okta Support for help reviewing/debugging your integration. Best of luck!