Important Update: Community URLs redirect issues are partially resolved. Learn More. .

Showing results for 
Search instead for 
Did you mean: 

Exception being thrown by CreateRecord

Contributor III

I have code that calls Record.CreateRecord in the Archer Web API. For 203 records, this code works just fine. For 22 records, I get the Exception listed below. I have confirmed that none of the values I'm trying to import are too long for the fields, that the value list values are correct, and all other inputs are correct according to how each field has been configured. 


It appears this is an Exception that is not being handled in the RSA Archer code. 


Any help in troubleshooting this would be greatly appreciated. 


Bad Token\nSQL statement: usp_get_next_sequential_id_for_module @userToken = '48FE1675573C78D03CDF9C47975916D8', @moduleId = 526, @incrementBy = 1, @date = '1/29/2019 4:06:39 PM'

   at ArcherTech.Kernel.Providers.Data.ArcherSqlDatabase.WrapDatabaseCall(DbCommand command, Action methodToWrap)

   at ArcherTech.Kernel.Providers.Data.ArcherSqlDatabase.ExecuteScalar(DbCommand command)

   at ArcherTech.Kernel.DataSource.Db.ContentDataSource.GetContentNextSequenceId(Int32 moduleId, Nullable`1 subformFieldId, Int32 increment)

   at ArcherTech.Kernel.Brokers.PopulateSequenceIdTask.Execute(ContentContext contentContext)

   at ArcherTech.Kernel.Brokers.TaskExecutionHelper.ExecuteTasks(T contentContext, IList`1 tasks)

   at ArcherTech.Kernel.Brokers.TransactionalTask`1.ExecuteTransaction(T contentContext)

   at ArcherTech.Kernel.Brokers.TransactionalTask`1.Execute(T contentContext)

   at ArcherTech.Kernel.Brokers.TaskExecutionHelper.ExecuteTasks(T contentContext, IList`1 tasks)

   at ArcherTech.Kernel.Brokers.ContentBroker.ExecuteContentSavePlan(ContentContext contentContext, IDictionary`2 indexMap, ContentSavePerformanceData performanceData, BatchContentSaveResult returnResults)

   at ArcherTech.Kernel.Brokers.ContentBroker.Save(IList`1 contentContainers, Nullable`1 subformFieldId, ContentSaveOptions saveOptions)

   at ArcherTech.Kernel.Brokers.ContentBroker.Save(InternalContentSaveContainer content, Nullable`1 subformFieldId, ContentSaveOptions saveOptions)

   at ArcherTech.Kernel.Managers.ContentManager.Save(SessionContext sessionContext, ContentContainer content, Nullable`1 subformFieldId)

   at ArcherTech.Kernel.Managers.ContentManager.Save(SessionContext sessionContext, Content content, Nullable`1 subformFieldId)

   at sessionContext, Content content, Nullable`1 subformFieldId)

   at sessionToken, XmlNode recordNode, Nullable`1 subformFieldId)

   at sessionToken, Int32 moduleId, String fieldValues)


Archer Employee
Archer Employee

Keith is there anything being send back to the API call itself?

 Advisory Consultant

Archer Employee
Archer Employee

Though I do see references to a subform in the stack dump.  Do any of those records have anything to do with populating/updating a sub form record?

 Advisory Consultant

The problem turned out to be that my session token is being invalidated and that isn't being handled in the lower levels of the Web API. Instead of sending back "Invalid Session Token", the code is throwing an exception when the stored procedure fails and instead of returning "Invalid Session Token", it's returning "Bad token". I'm not looking for the text "bad token" in the exception message and attempt to re-open the session token before retrying the CreateRecord method.


Which is a really fragile way of doing this. Is there any way to create an account who's session token doesn't get wiped out when it's used to login a second time? That's the real problem here. I many requests hitting the Web API all the time. Each request requires a session token, but opening the session token invalidates any existing session tokens.

I believe this is a current Archer design, when you login with the same user, it removes old token and creates new one. There was some enhancement idea about it, AFAIK.

Not applicable

Hi Keith, this is a classic problem with session tokens. I have two solutions to this issue and there may be more:

1. Use different user accounts per application so their use does not interfere with each other (same solution for data feed accounts)

2. Store the session key in a database (hopefully securely) and reuse it for the applications (less desirable, but depends on your scenario). If that token expires, have a method that checks for that, obtains a new session token, and update it in the database.


Hope that helps!

Keith, Ilya Khen‌ is correct.  This is how Archer handles session tokens for the user; one session token per-user login.


Is there a reason why you're making multiple logins for the same user?

 Advisory Consultant

Yes. Our users found the Archer search functionality difficult to use. We also needed a search that would search other systems within our organization. So we wrote a custom search that searches Archer and this external system and returns results to the user. Some of those records the user does not have access to, but they still need to be able to search and view a few fields. So the search uses an elevated account to perform the search. 


I get that this is how Archer is currently architected. I've been writing code against the API since 2012. However, this is the first time I've seen a different error message when the session token is invalidated. It makes me wonder what the other possible messages are that I'm not catching that would indicate the session token expired. 




I have the same problem and I'm 100% sure that is not related to account as I'm using a unique account for the datafeed, we are trying to update a module with 0.7 million records, we suspect that we have a limitation by module this is why the process got stuck somewhere but we don't have more details 

If the data feed is making a database request/call and it exceeds the timeout, a bad token can occur.  Consider increasing the session timeout for the Services Security Parameter as detailed in 000029541 - Data Import fails with large files in RSA Archer‌.