HTTP/1.1 400 error when requesting new token
Posted: Wed Feb 25, 2026 8:43 pm
We have been communicating with Vertex O Series on demand for months with no problems requesting a refreshed token. On or around February 10, 2026 we began getting a "HTTP/1.1 400" error when requesting new token. It does not occur every time.
I had Vertex support looking into it for over 1 week and they determined based on log reviews, that we were sometimes sending an expired bearer token at the same time we are trying to use our Clid and CLscrt to request a refreshed token. We have made NO code changes since November 2025 and are stumped as to how to correct the issue. I am including a snippett of the Good request and response and also the Bad request and response.
What can we do to correct this?
I removed the Certficate and modified the client_id and client_secret in both below.
Good:
Bad:
I had Vertex support looking into it for over 1 week and they determined based on log reviews, that we were sometimes sending an expired bearer token at the same time we are trying to use our Clid and CLscrt to request a refreshed token. We have made NO code changes since November 2025 and are stumped as to how to correct the issue. I am including a snippett of the Good request and response and also the Bad request and response.
What can we do to correct this?
I removed the Certficate and modified the client_id and client_secret in both below.
Good:
Code: Select all
HTTPAPI Ver 1.49 released 2024-04-16
NTLM Ver 1.4.0 released 2014-12-22
OS/400 Ver V7R5M0
New iconv() objects set, PostRem=819. PostLoc=0. ProtRem=819. ProtLoc=0
Unlink debug file failed with errno=3027
http_persist_open(): entered
http_long_ParseURL(): entered
DNS resolver retrans: 2
DNS resolver retry : 2
DNS resolver options: x'00000136'
DNS default domain: ROYSTONLLC.COM
DNS server found: 10.5.5.1
DNS server found: 10.4.5.1
https_init(): entered
QSSLPCL = *OPSYS
SSL version 2 support disabled
SSL version 3 support disabled
Old interface to TLS version 1.0 support enabled
TLS version 1.0 support enabled
TLS version 1.1 support enabled
TLS version 1.2 support enabled
TLS version 1.3 support enabled
initializing GSK environment
GSK Environment now available
-------------------------------------------------------------------------------------
Dump of local-side certificate information:
-------------------------------------------------------------------------------------
Nagle's algorithm (TCP_NODELAY) disabled.
SNI hostname set to: roystonllc.na1.ondemand.vertexinc.com
-------------------------------------------------------------------------------------
Dump of server-side certificate information:
-------------------------------------------------------------------------------------
Cert Validation Code = 6000
-----BEGIN CERTIFICATE-----
--Removed for this sample
-----END CERTIFICATE-----
Serial Number: 06:37:47:6D:7E:5E:BB:7D:49:0F:CC:71:C2:07:75:23
Common Name: *.na1.ondemand.vertexinc.com
Issuer CN: Amazon RSA 2048 M01
Issuer Country: US
Issuer Org: Amazon
Version: 3
not before: 20251230190000
Unknown Field: 19:00:00 30-12-2025
not after: 20270129185959
Unknown Field: 18:59:59 29-01-2027
pub key alg: 1.2.840.113549.1.1.1
signature algorithm: 1.2.840.113549.1.1.11
Unknown Field: 0382010F003082010A0282010100B99E9AC31E1CAB2F526039E2D75CED768BA4409C25B4B13D3FC9ED9E45F7B044B7F4BC825EA589CE817DBF0F3737132EA00C62803B37AF4783A0023682F0124EBF23E356DE1D5B34F151873415BAB3028D9F81311EBF0494C2559DA29E9E6BD8C2242A1E19F639B3F627DE6D61208B645506767D3D8AACE18AD31512792EF7BC6EB962E8C46A85215A760134C5A808A594400AA8B9B08D71A6D6D4D39942027DDE0A9396814224B56DD898B4BE977C4FF63C3EBA797DC3DF34B7C144C9AFF5DA6A9AF706763007C2601E0EC43D9D722DF994EC1C63E6EF2AF26F8F944AD423DE7CEBB4D786EC130A0D1CFF0F328CAE4862B92E0989A9B4294DDBC4431353F6330203010001
Unknown Field: 2048
Unknown Field: 84ABDDF83546B2F2F13E63F33F514110
Unknown Field: 1.2.840.113549.2.5
Unknown Field: 8BD0C2032DBEF3A7FE18F3AF3CB4966929FA4B0B
Unknown Field: 4B03990D06D926D35A89EBE1CFA58CE5191418BA7E908395F170645882F8C612
Unknown Field: 5
Unknown Field: *.na1.ondemand.vertexinc.com
Unknown Field: 0
Unknown Field: 1.3.6.1.5.5.7.3.1
Unknown Field: 2.23.140.1.2.1
Unknown Field: http://crl.r2m01.amazontrust.com/r2m01.crl
Unknown Field: http://crt.r2m01.amazontrust.com/r2m01.cer
Unknown Field: http://ocsp.r2m01.amazontrust.com
Protocol Used: TLS Version 1.3
http_persist_req(POST) entered.
http_long_ParseURL(): entered
http_long_ParseURL(): entered
do_oper(POST): entered
There are 0 cookies in the cache
POST /oseries-auth/oauth/token HTTP/1.1
Host: roystonllc.na1.ondemand.vertexinc.com
User-Agent: http-api/1.48
Content-Type: application/x-www-form-urlencoded
Content-Length: 145
senddoc(): entered
client_id=XXXXe7ccdd4.vertexinc.com&client_secret=XXXXd6397d824e1e4a5fd61d0b0863ac89363a665ff9d042506d692b84323328&grant_type=client_credentials
recvresp(): entered
HTTP/1.1 200
Date: Wed, 25 Feb 2026 13:09:07 GMT
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: AWSALB=KZmjhWz1LXlKA5B4aw+4yAefQD4DuAVMO2CZRVUhmCfjUfiOnL11V5FkAyWeRoiuCNpkDkEY0Vk6HaeFbnKjigmDCjHRZL8WTZMg3gsd9GU0xHUkfYeeKdT/JZKv; Expires=Wed, 04 Mar 2026 13:09:07 GMT; Path=/
Set-Cookie: AWSALBCORS=KZmjhWz1LXlKA5B4aw+4yAefQD4DuAVMO2CZRVUhmCfjUfiOnL11V5FkAyWeRoiuCNpkDkEY0Vk6HaeFbnKjigmDCjHRZL8WTZMg3gsd9GU0xHUkfYeeKdT/JZKv; Expires=Wed, 04 Mar 2026 13:09:07 GMT; Path=/; SameSite=None; Secure
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Frame-Options: DENY
SetError() #13: HTTP/1.1 200
recvresp(): end with 200
recvdoc parms: chunked 0
header_load_cookies() entered
cookie_parse() entered
cookie = AWSALB=KZmjhWz1LXlKA5B4aw+4yAefQD4DuAVMO2CZRVUhmCfjUfiOnL11V5FkAyWeRoiuCNpkDkEY0Vk6HaeFbnKjigmDCjHRZL8WTZMg3gsd9GU0xHUkfYeeKdT/JZKv; Expires=Wed, 04 Mar 2026 13:09:07 GMT; Path=/
cookie attr AWSALB=KZmjhWz1LXlKA5B4aw+4yAefQD4DuAVMO2CZRVUhmCfjUfiOnL11V5FkAyWeRoiuCNpkDkEY0Vk6HaeFbnKjigmDCjHRZL8WTZMg3gsd9GU0xHUkfYeeKdT/JZKv
cookie attr Expires=Wed, 04 Mar 2026 13:09:07 GMT
cookie attr Path=/
cookie_parse() entered
cookie = AWSALBCORS=KZmjhWz1LXlKA5B4aw+4yAefQD4DuAVMO2CZRVUhmCfjUfiOnL11V5FkAyWeRoiuCNpkDkEY0Vk6HaeFbnKjigmDCjHRZL8WTZMg3gsd9GU0xHUkfYeeKdT/JZKv; Expires=Wed, 04 Mar 2026 13:09:07 GMT; Path=/; SameSite=None; Secure
cookie attr AWSALBCORS=KZmjhWz1LXlKA5B4aw+4yAefQD4DuAVMO2CZRVUhmCfjUfiOnL11V5FkAyWeRoiuCNpkDkEY0Vk6HaeFbnKjigmDCjHRZL8WTZMg3gsd9GU0xHUkfYeeKdT/JZKv
cookie attr Expires=Wed, 04 Mar 2026 13:09:07 GMT
cookie attr Path=/
cookie attr SameSite=None
cookie attr Secure=
recvchunk(): entered
get_chunk_size(): entered
335
chunk size = 821
get_chunk_size returned 821
calling comm_blockread
{"access_token":"eyJ4NXQjUzI1NiI6IjFrY0MxVExCQVpzUDhCNG4xU0NtU0RENjh6ZzgyWmU4V0NaUEFZSE13NlEiLCJraWQiOiJiOGE3ZWVmOC1jMTlhLTQ5NjgtOGZjOC02ZmQyZDRlMDIzNWYiLCJhbGciOiJSUzI1NiJ9.eyJzdWIiOiI1MzFiN2U3Y2NkZDQudmVydGV4aW5jLmNvbSIsImF1ZCI6IiIsIm5iZiI6MTc3MjAyNDk0NywiaXNzIjoiaHR0cDovL2xvY2FsaG9zdDo4MDk1L29zZXJpZXMtYXV0aCIsImV4cCI6MTc3MjAyNjc0NywiaWF0IjoxNzcyMDI0OTQ3LCJ1c2VySWQiOjY2LCJqdGkiOiJmOTUzMjU5MS03OTZjLTRhNzUtYWMxNi0zODI1Y2QyNzlmYjIifQ.U4deqIHxlrq7UK3SsufXjAyloGQemjL54SEDkLoG1OiE9bmmgTpkylGlOlYYOCjZMTd0_KH0eEegbHRWhHWOJIV7GGiEJcS9wCTX2Xqn9Rf3OOx144n_qFuBDzuBsCI6hwEqQ9tgEATU3W-Jp2T6hYxmfBF7Zwh2Ysjpd2lHUvqeSAsKw72fs_EF-jKmPAX_z6BMHzbJ2OTunhgMiOw_TcFdiiv6hU87ajTo0CmJ2hRCC3ITGXXGmFlKkeluTHEp4uAQBkRGjMwawfLElyAo95JuMa1wMQPn_MpU-WONdwwAlI6QBxFFi5j3Gcq3kW1iepXejU6aomUdMKdDLhcLfg","token_type":"Bearer","expires_in":1799}
comm_blockread returned 821
get_chunk_size(): entered
0
chunk size = 0
get_chunk_size returned 0
http_close(): entered
Code: Select all
HTTPAPI Ver 1.49 released 2024-04-16
NTLM Ver 1.4.0 released 2014-12-22
OS/400 Ver V7R5M0
Unlink debug file failed with errno=3027
http_persist_open(): entered
http_long_ParseURL(): entered
DNS resolver retrans: 2
DNS resolver retry : 2
DNS resolver options: x'00000136'
DNS default domain: ROYSTONLLC.COM
DNS server found: 10.5.5.1
DNS server found: 10.4.5.1
Nagle's algorithm (TCP_NODELAY) disabled.
SNI hostname set to: roystonllc.na1.ondemand.vertexinc.com
-------------------------------------------------------------------------------------
Dump of server-side certificate information:
-------------------------------------------------------------------------------------
Cert Validation Code = 6000
-----BEGIN CERTIFICATE-----
--Removed for this sample
-----END CERTIFICATE-----
Serial Number: 06:37:47:6D:7E:5E:BB:7D:49:0F:CC:71:C2:07:75:23
Common Name: *.na1.ondemand.vertexinc.com
Issuer CN: Amazon RSA 2048 M01
Issuer Country: US
Issuer Org: Amazon
Version: 3
not before: 20251230190000
Unknown Field: 19:00:00 30-12-2025
not after: 20270129185959
Unknown Field: 18:59:59 29-01-2027
pub key alg: 1.2.840.113549.1.1.1
signature algorithm: 1.2.840.113549.1.1.11
Unknown Field: 0382010F003082010A0282010100B99E9AC31E1CAB2F526039E2D75CED768BA4409C25B4B13D3FC9ED9E45F7B044B7F4BC825EA589CE817DBF0F3737132EA00C62803B37AF4783A0023682F0124EBF23E356DE1D5B34F151873415BAB3028D9F81311EBF0494C2559DA29E9E6BD8C2242A1E19F639B3F627DE6D61208B645506767D3D8AACE18AD31512792EF7BC6EB962E8C46A85215A760134C5A808A594400AA8B9B08D71A6D6D4D39942027DDE0A9396814224B56DD898B4BE977C4FF63C3EBA797DC3DF34B7C144C9AFF5DA6A9AF706763007C2601E0EC43D9D722DF994EC1C63E6EF2AF26F8F944AD423DE7CEBB4D786EC130A0D1CFF0F328CAE4862B92E0989A9B4294DDBC4431353F6330203010001
Unknown Field: 2048
Unknown Field: 84ABDDF83546B2F2F13E63F33F514110
Unknown Field: 1.2.840.113549.2.5
Unknown Field: 8BD0C2032DBEF3A7FE18F3AF3CB4966929FA4B0B
Unknown Field: 4B03990D06D926D35A89EBE1CFA58CE5191418BA7E908395F170645882F8C612
Unknown Field: 5
Unknown Field: *.na1.ondemand.vertexinc.com
Unknown Field: 0
Unknown Field: 1.3.6.1.5.5.7.3.1
Unknown Field: 2.23.140.1.2.1
Unknown Field: http://crl.r2m01.amazontrust.com/r2m01.crl
Unknown Field: http://crt.r2m01.amazontrust.com/r2m01.cer
Unknown Field: http://ocsp.r2m01.amazontrust.com
Protocol Used: TLS Version 1.3
http_persist_req(POST) entered.
http_long_ParseURL(): entered
http_long_ParseURL(): entered
do_oper(POST): entered
There are 2 cookies in the cache
POST /oseries-auth/oauth/token HTTP/1.1
Host: roystonllc.na1.ondemand.vertexinc.com
User-Agent: http-api/1.48
Content-Type: application/x-www-form-urlencoded
Content-Length: 145
Authorization: Bearer eyJ4NXQjUzI1NiI6IjFrY0MxVExCQVpzUDhCNG4xU0NtU0RENjh6ZzgyWmU4V0NaUEFZSE13NlEiLCJraWQiOiJiOGE3ZWVmOC1jMTlhLTQ5NjgtOGZjOC02ZmQyZDRlMDIzNWYiLCJhbGciOiJSUzI1NiJ9.eyJzdWIiOiI1MzFiN2U3Y2NkZDQudmVydGV4aW5jLmNvbSIsImF1ZCI6IiIsIm5iZiI6MTc3MjAyNDk0NywiaXNzIjoiaHR0cDovL2xvY2FsaG9zdDo4MDk1L29zZXJpZXMtYXV0aCIsImV4cCI6MTc3MjAyNjc0NywiaWF0IjoxNzcyMDI0OTQ3LCJ1c2VySWQiOjY2LCJqdGkiOiJmOTUzMjU5MS03OTZjLTRhNzUtYWMxNi0zODI1Y2QyNzlmYjIifQ.U4deqIHxlrq7UK3SsufXjAyloGQemjL54SEDkLoG1OiE9bmmgTpkylGlOlYYOCjZMTd0_KH0eEegbHRWhHWOJIV7GGiEJcS9wCTX2Xqn9Rf3OOx144n_qFuBDzuBsCI6hwEqQ9tgEATU3W-Jp2T6hYxmfBF7Zwh2Ysjpd2lHUvqeSAsKw72fs_EF-jKmPAX_z6BMHzbJ2OTunhgMiOw_TcFdiiv6hU87ajTo0CmJ2hRCC3ITGXXGmFlKkeluTHEp4uAQBkRGjMwawfLElyAo95JuMa1wMQPn_MpU-WONdwwAlI6QBxFFi5j3Gcq3kW1iepXejU6aomUdMKdDLhcLfg
Cookie: $Version=0; AWSALB=TypZDKXL9hPTVSLlDnty+7OgtjR4FI6yP1dHxMbIBiiZBquJP/RTJ0nVUuxYOBXYAdV4TP7F9xMqVPiMvknRd5c8982U/QCbWQN/Br1yLeL2JM60EE8eD/+GuOyI; $Path=/; $Version=0; AWSALBCORS=TypZDKXL9hPTVSLlDnty+7OgtjR4FI6yP1dHxMbIBiiZBquJP/RTJ0nVUuxYOBXYAdV4TP7F9xMqVPiMvknRd5c8982U/QCbWQN/Br1yLeL2JM60EE8eD/+GuOyI; $Path=/;
senddoc(): entered
client_id=XXXXe7ccdd4.vertexinc.com&client_secret=XXXXd6397d824e1e4a5fd61d0b0863ac89363a665ff9d042506d692b84323328&grant_type=client_credentials
recvresp(): entered
HTTP/1.1 400
Date: Wed, 25 Feb 2026 13:09:20 GMT
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: AWSALB=on2zbrXuWJQqHY3M/kvIDyZySXwH0rtt9pKLLKfugaaZ9eMoC8DC9FlRcAQJonCd5DiyNl/sUomG4Js5N+dWhsxsemukqDArW1JCaIJmDxr7GBMN0WYcQ4FHWBYs; Expires=Wed, 04 Mar 2026 13:09:20 GMT; Path=/
Set-Cookie: AWSALBCORS=on2zbrXuWJQqHY3M/kvIDyZySXwH0rtt9pKLLKfugaaZ9eMoC8DC9FlRcAQJonCd5DiyNl/sUomG4Js5N+dWhsxsemukqDArW1JCaIJmDxr7GBMN0WYcQ4FHWBYs; Expires=Wed, 04 Mar 2026 13:09:20 GMT; Path=/; SameSite=None; Secure
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Frame-Options: DENY
SetError() #13: HTTP/1.1 400
recvresp(): end with 400
recvdoc parms: chunked 0
header_load_cookies() entered
cookie_parse() entered
cookie = AWSALB=on2zbrXuWJQqHY3M/kvIDyZySXwH0rtt9pKLLKfugaaZ9eMoC8DC9FlRcAQJonCd5DiyNl/sUomG4Js5N+dWhsxsemukqDArW1JCaIJmDxr7GBMN0WYcQ4FHWBYs; Expires=Wed, 04 Mar 2026 13:09:20 GMT; Path=/
cookie attr AWSALB=on2zbrXuWJQqHY3M/kvIDyZySXwH0rtt9pKLLKfugaaZ9eMoC8DC9FlRcAQJonCd5DiyNl/sUomG4Js5N+dWhsxsemukqDArW1JCaIJmDxr7GBMN0WYcQ4FHWBYs
cookie attr Expires=Wed, 04 Mar 2026 13:09:20 GMT
cookie attr Path=/
cookie_parse() entered
cookie = AWSALBCORS=on2zbrXuWJQqHY3M/kvIDyZySXwH0rtt9pKLLKfugaaZ9eMoC8DC9FlRcAQJonCd5DiyNl/sUomG4Js5N+dWhsxsemukqDArW1JCaIJmDxr7GBMN0WYcQ4FHWBYs; Expires=Wed, 04 Mar 2026 13:09:20 GMT; Path=/; SameSite=None; Secure
cookie attr AWSALBCORS=on2zbrXuWJQqHY3M/kvIDyZySXwH0rtt9pKLLKfugaaZ9eMoC8DC9FlRcAQJonCd5DiyNl/sUomG4Js5N+dWhsxsemukqDArW1JCaIJmDxr7GBMN0WYcQ4FHWBYs
cookie attr Expires=Wed, 04 Mar 2026 13:09:20 GMT
cookie attr Path=/
cookie attr SameSite=None
cookie attr Secure=
recvchunk(): entered
get_chunk_size(): entered
1a
chunk size = 26
get_chunk_size returned 26
calling comm_blockread
{"error":"invalid_client"}
comm_blockread returned 26
get_chunk_size(): entered
0
chunk size = 0
get_chunk_size returned 0
SetError() #13: HTTP/1.1 400
http_close(): entered