My Oracle Support Banner

Session Management in Inbound Web Services throws error Session Token is missing or invalid or has expired (Doc ID 1110645.1)

Last updated on JULY 21, 2020

Applies to:

Siebel eFinance - Version SIA [19230] and later
Information in this document applies to any platform.


We are trying to implement a stateless inbound web service integration. Initially we used to pass the user name and password in this url: http://<hostname>/eai_enu/start.swe?SWEExtSource=SecureWebService&SWEExtCmd=Execute&Username=xxx&Password=xxx
And this used to work fine..

But we wanted to introduce the session management feature and as soon as we introduce &WSSOAP =1 tag in the URL and the other steps outlined in the booksheld, we are getting the following error:

Error Code: 23939 Error Message: Error: Inbound SOAP Message - Session Token is missing or invalid or has expired

Our issue is similar to the issue reported under (Doc ID 523601.1) But we have tried the solutions provided under for that SR, namely: SessionTimeout = SessionTokenTimeout. Authentication Type is set to None on all operations. SessionTokenMaxAge is set to 2880.

Here is the new URL with WSSOAP


And the soap input is sent here as the attachment. Please let us know why I am not able to enable Session Management for this web service.


To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.