OAuth Failed: Unable to load conversation undefined

GPT builders
, , ,
1

We have created a Custom GPT / Custom Action, and it worked for a while.

But now when you try the OAuth flow it responds with:

Unable to load conversation undefined

Making the Custom GPT completely unusable.

When I test from the builder, it fails and redirects to:

https://chatgpt.com/gpts/editor/undefined

It seems like this has been reported before, but not fixed.

Please could someone help

2 Likes
2

Did you meanwhile update your Custom GPT? Sometimes you have to click update again. And possibly also where the action is. Maybe that helps?

AND, you can also see the previous version. Sometimes it can also help to put this all into a copied GPT to experiment. Hope that helps. :slight_smile:

3

Thanks, but I pressed Update loads.

I briefly fixed it by removing the Auth and adding it back in.

But then a few days later it didn’t work again.

4

Thanks for letting me know.
Does this also happen with other custom gpts if you create a new one?

5

Is that with using a persistent OAuth token that continues working for you in independent code? Is action functionality restored using the same token … or one that has been re-issued?

When using OpenAI GPT actions or similar automated tasks, API keys or OAuth2 tokens you get could stop working on you. Commonly, this happens because:

  • The key/token has expired.
  • The issuing service automatically invalidated the token after a preset duration.

Some keys have expiration built-in. Some are tied to login challenges or services that aren’t expecting bot-like usage. Being able to quickly verify if and when a token expires allows you to proactively avoid interruptions or troubleshoot API request failures effectively. Or to simply see if a GPT can work without continued intervention.

So: some Python that will try to get expiry info from your pasted-in key at the end might be useful.

import base64
import json
from datetime import datetime, timezone
from typing import Optional

def decode_base64_padded(data: str) -> bytes:
    """Decode base64 string with correct padding."""
    padding_needed = (-len(data)) % 4
    data += "=" * padding_needed
    return base64.urlsafe_b64decode(data)

def parse_jwt_exp(token: str) -> Optional[datetime]:
    """Extract expiration from JWT token if possible."""
    try:
        header_b64, payload_b64, signature_b64 = token.split('.')
        payload_bytes = decode_base64_padded(payload_b64)
        payload = json.loads(payload_bytes)
        exp = payload.get("exp")
        if isinstance(exp, int):
            return datetime.fromtimestamp(exp, timezone.utc)
    except (ValueError, json.JSONDecodeError, base64.binascii.Error):
        pass
    return None

def parse_json_exp(token: str) -> Optional[datetime]:
    """Extract expiration from JSON-encoded token if possible."""
    try:
        token_json = json.loads(token)
        exp = token_json.get("exp")
        if isinstance(exp, int):
            return datetime.fromtimestamp(exp, timezone.utc)
    except json.JSONDecodeError:
        pass
    return None

def extract_expiration_time(oauth_token: str) -> Optional[datetime]:
    """
    Extract expiration time from an OAuth2 token string.

    Attempts JWT and JSON parsing strategies.
    Returns timezone-aware datetime or None if expiration cannot be found.
    """
    if not isinstance(oauth_token, str):
        raise TypeError("OAuth token must be provided as a string.")

    expiration = parse_jwt_exp(oauth_token)
    if expiration:
        return expiration

    expiration = parse_json_exp(oauth_token)
    if expiration:
        return expiration

    # No expiration could be extracted from token
    return None

if __name__ == '__main__':
    oauth_token_string = "paste API authentication here"

    expiration = extract_expiration_time(oauth_token_string)
    if expiration:
        print(f"Token expires at (UTC): {expiration.isoformat()}")
    else:
        print("Expiration time could not be determined from provided token.")

Producing on an actual key: Token expires at (UTC): 2025-04-05T23:22:38+00:00

(AI rewritten, out of code base that already did this)

How This Provided Code Helps You Diagnose Your Issue:

The provided Python function attempts to robustly decode any provided OAuth2 token:

  1. JWT Tokens:
    It first tries decoding the token as a JWT. If successful, it extracts the "exp" timestamp.

  2. Other JSON-Based Tokens:
    If JWT decoding fails, it attempts parsing as JSON to locate an expiry timestamp.

  3. Opaque or Unrecognized Tokens:
    If neither method succeeds, it clearly informs you that expiry information isn’t inspectable, helping you understand that you’ll need documentation or direct API support for your scenario.

Checking the key type itself can help you figure out if the provider can be used in a GPT.

Background

Brief Overview of OAuth2 Tokens, JWT Tokens, and Expiry:

OAuth2 tokens are generally provided by APIs to authorize requests. They commonly come in two types:

  • JWT Tokens (JSON Web Tokens):
    A JWT is a standardized token format composed of three sections:

    • Header: Metadata (algorithm used, token type).
    • Payload: Contains claims (user details, expiry timestamp, issued timestamp).
    • Signature: Used to verify authenticity.
      JWT tokens can typically be decoded (without secret verification) to inspect expiry time ("exp" claim).

  • Other/Opaque Tokens:
    Some APIs provide opaque (non-JWT) tokens or simply long random strings. These tokens usually don’t contain user-readable expiry details and rely entirely on API endpoints or documentation to confirm expiry durations.

Expiry (exp) claim:
Expiry claims ("exp") are not exclusive to JWT tokens. Some APIs may provide tokens encoded directly as JSON or another inspectable format, containing clear expiry timestamps. However, opaque tokens typically lack inspectable expiry info.