Token Invalid or Expired
Your device fails to connect with "token invalid" or "token expired" errors. The device cannot register or maintain connection with OceanRemote servers. This guide covers registration token expiry , permanent token binding, MAC address validation, and token regeneration.
Last updated: April 22, 2026 | 10 min read
Symptoms
- Serial Monitor shows "[REG] Registration failed: Token already used or expired"
- Device registers but immediately shows "401 Unauthorized" on subsequent requests
- Dashboard shows device as "Pending" but never changes to "Online"
- After regenerating firmware, device still won't connect
- Device worked before but stopped working after re-flashing
- Multiple devices with same token
Common Causes
- Registration Token Expired Token generated more than 24 hours ago, never used
- Registration Token Already Used Token used once, cannot be reused
- Permanent Token Corrupted in EEPROM Storage corrupted due to power loss or checksum mismatch
- MAC Address Mismatch Token bound to different device's MAC address
- Token Revoked from Dashboard User manually revoked token for security reasons
- Firmware Token Hardcoded Incorrectly Wrong token pasted during firmware generation
- EEPROM Not Cleared Between Firmware Updates Old token persists causing conflict
OceanRemote Token Types
| Token Type | Format | Lifetime | Storage |
|---|---|---|---|
| Registration Token | oc_reg_xxxxxxxx... |
24 hours | Firmware code only |
| Permanent Token | 32-64 characters | Until revoked | EEPROM |
| Session Token | 16-32 characters | 60 minutes | RAM only |
Token Error Codes
| HTTP Code | Error Message | Solution |
|---|---|---|
| 401 | Token already used or expired | Generate new firmware with fresh token |
| 401 | Invalid token | Check token spelling, regenerate if needed |
| 403 | Token revoked | Regenerate token from dashboard |
| 410 | Registration token already used | Token cannot be reused. Generate new firmware |
Step-by-Step Fixes
1. Check Registration Token Age
Registration tokens expire after 24 hours. Never used = expired.
- Go to OceanRemote dashboard Your Device page
- Check when firmware was last generated
- If more than 24 hours ago, token is expired
- Click "Generate New Code" to get fresh token
- Flash new firmware within 24 hours
// Serial Monitor output for expired token:
// [REG] Registration token: oc_reg_xxxxx
// [REG] HTTP Response: 401
// [REG] Token already used or expired
//
// Solution: Generate new firmware with fresh token2. Regenerate Permanent Token
If permanent token is corrupted or revoked:
- Log into OceanRemote dashboard
- Go to Device Details page
- Click "Regenerate Token" button
- Confirm the action
- Copy the new firmware code provided
- Flash the new firmware to your device
- Device will register with new token
3. Clear EEPROM to Remove Corrupted Token
Power loss can corrupt EEPROM storage:
// Add this temporary code to clear EEPROM
#include <EEPROM.h>
void setup() {
Serial.begin;
EEPROM.begin;
// Clear all EEPROM
for {
EEPROM.write;
}
EEPROM.commit();
Serial.println;
}
void loop() {}
// After running once, remove this code and flash normal firmware4. Verify MAC Address Binding
Permanent token is bound to device MAC address:
- Open Serial Monitor at 115200 baud
- Look for:
[SYSTEM] Device ID: ESP32_XXXXXXXXXXXX - This ID is derived from MAC address
- If you changed network hardware , MAC changes
- Solution: Regenerate token from dashboard
5. Generate Fresh Firmware from Scratch
Complete reset of token system:
- In OceanRemote dashboard, go to "Your Device" page
- Click "Add New Device" or reconfigure existing
- Select your board
- Enter WiFi credentials and relay names
- Click "Generate Firmware Code"
- Copy the ENTIRE code
- Flash to device within 24 hours
- Device will register as NEW device
6. Check for Token Copy-Paste Errors
Manual token entry can introduce errors:
- Registration token format:
oc_reg_followed by 43 characters - Total length should be exactly 51 characters
- Contains only letters A-Z, a-z, numbers 0-9, hyphens, underscores
- No spaces, no line breaks
- Verify in Arduino IDE: Select token, count characters
- If incorrect, regenerate firmware and copy again
7. Delete and Re-add Device from Dashboard
Complete cleanup of all token records:
- In OceanRemote dashboard, find the problematic device
- Click "DELETE" button on device card
- Confirm deletion
- Go to "Your Device" page
- Configure as new device
- Flash and register as new device
- Old device will no longer appear; new one will connect
Token Storage Locations
| Token Type | Storage Location | Persistence | Clear Method |
|---|---|---|---|
| Registration Token | Firmware code | Until re-flashed | Flash new firmware |
| Permanent Token | EEPROM | Across resets, power cycles | Clear EEPROM or regenerate |
| Registration Used Flag | EEPROM | Permanent until cleared | Clear EEPROM |
Prevention Tips
- Always flash firmware within 24 hours of generation
- Save generated firmware code in a text file for backup
- Use "Regenerate Token" instead of deleting device when token issues occur
- Keep backup of permanent tokens for each device
- Avoid copying tokens manually use copy-paste from dashboard
- After power loss, allow device to re-establish session
Related Issues
- Session Expired Too Fast Session token issues
- Firmware Generation Failed Token creation problems
- Device Offline in Dashboard Connection issues
- Firmware Flash Success But No Connection Registration failures
Frequently Asked Questions
Q: Can I reuse a registration token?
A: No. Registration tokens are one-time use only. Once a device registers successfully, the token is permanently invalidated. If you need to re-flash the same device, generate new firmware with a fresh token.
Q: My device worked yesterday but shows token invalid today. Why?
A: Most likely: 1) Registration token expired , or 2) EEPROM corruption due to power loss. Try power cycling. If issue persists, regenerate token from dashboard and re-flash.
Q: What happens if someone steals my token?
A: Permanent tokens are bound to your device's MAC address. An attacker cannot use your token from a different device. However, you should still regenerate the token from the dashboard and re-flash your device as a security precaution.
Still having token issues? Contact Support or return to the Troubleshooting Hub.