From 1c9e2b69360d62a649f4d0dd7c4f340dedf0655a Mon Sep 17 00:00:00 2001
From: John Richmond <5629+jr@users.noreply.github.com>
Date: Mon, 21 Jul 2025 23:05:52 -0700
Subject: [PATCH] Bugfix: Cloud: be more specific about session error codes

InvalidClientTokenError indicates an unrecoverable state for
the session, so we need to be more exact about triggering it. A recent
Clerk outage resulted in a lot of 429 responses which should really cause
inactive-session, not a full clear to logged-out.
---
 packages/cloud/src/auth/WebAuthService.ts | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/packages/cloud/src/auth/WebAuthService.ts b/packages/cloud/src/auth/WebAuthService.ts
index d14cbe67d84..82d31224266 100644
--- a/packages/cloud/src/auth/WebAuthService.ts
+++ b/packages/cloud/src/auth/WebAuthService.ts
@@ -494,7 +494,7 @@ export class WebAuthService extends EventEmitter<AuthServiceEvents> implements A
 			signal: AbortSignal.timeout(10000),
 		})
 
-		if (response.status >= 400 && response.status < 500) {
+		if (response.status === 401 || response.status === 404) {
 			throw new InvalidClientTokenError()
 		} else if (!response.ok) {
 			throw new Error(`HTTP ${response.status}: ${response.statusText}`)