Skip to content

Android SDK requests significantly more JWT auth tokens than iOS SDK Body #1071

Description

@nirmaljeff

Issue Description

We are from AutoScout24 and are investigating high JWT auth token request volume on Android compared with iOS.

Over the last 7 days, our backend saw approximately:

  • Android: ~170k JWT token requests
  • iOS: ~40k-42k JWT token requests

Both apps use Iterable JWT auth with userId. Both apps disable automatic push registration and manually sync push registration based on OS notification permission state.

We want to understand why Android calls IterableAuthHandler.onAuthTokenRequested() significantly more often than iOS.

Questions:

  1. Under what conditions does Android call onAuthTokenRequested() when a valid userId and valid JWT have already been restored from SDK storage?
  2. Is Android expected to request JWT auth tokens more often than iOS?
  3. Can foregrounding the Android app trigger JWT refresh even when the restored JWT is still valid?
  4. Can manual push registration / disable calls trigger JWT refresh when autoPushRegistration = false?
  5. Does reading IterableApi.getInstance().getAuthToken() ever trigger auth refresh, or is it only a getter?
  6. What is the recommended app-side handling to avoid duplicate backend JWT generation?

Expected behavior:

If the SDK has restored a valid userId and valid JWT auth token, Android should not request a new JWT unless the token is missing, invalid, expired, close to expiry, or an Iterable API returns a JWT-related 401.

Steps to Reproduce

  1. Configure Android SDK with JWT auth using IterableAuthHandler.
  2. Set autoPushRegistration = false.
  3. Identify user with setUserId(userId).
  4. Let the SDK restore userId and auth token from storage on later app starts.
  5. Observe calls to IterableAuthHandler.onAuthTokenRequested() / backend JWT endpoint.
  6. Compare request volume with iOS SDK using the same JWT auth setup.

Iterable orgId: AutoScout24

Iterable SDK version: com.iterable:iterableapi:3.7.0

Android OS version: Multiple stable Android versions in production; exact affected versions not isolated yet.


Beta Software Notice

This issue is observed in production on stable Android versions, not beta/pre-release OS versions.

Metadata

Metadata

Labels

No labels
No labels

Type

No type
No fields configured for issues without a type.

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions