Skip to main content

Troubleshooting: User has exceeded the maximum number of tokens

ExtendSync Outlook | Learn how to revoke older unneeded tokens

Updated over a week ago

ExtendSync for Outlook (NetSuite Edition) and ExtendInsights for Excel (NetSuite Edition) use NetSuite’s secure login flow, which supports Two-Factor Authentication (2FA), Single Sign-On (SSO), and Token-Based Authentication (TBA).

When a user logs in, NetSuite automatically generates a Token ID and Token Secret tied to the user’s role and account.
For example, a Sales Manager role will have a unique token associated with that role and user ID.

When users log out of NetSuite within the app (Menu → Log Out), ExtendSync automatically revokes that token.

Known Limitation

NetSuite enforces a maximum of 25 active tokens per user.

CloudExtend generates a new token each time you log in but can only revoke the current session token when you log out properly.

If you regularly close your browser or clear cache without logging out, these tokens can accumulate over time and eventually reach the 25-token limit, preventing new logins.

Common Scenarios Causing Token Build-Up

🔵 User is using Outlook on the web

Behavior:
When using Outlook on the web, ExtendSync relies on the browser’s session storage.
This data is cleared automatically when the Outlook browser tab is closed, an action that’s beyond ExtendSync’s control.

If this happens before you log out via ExtendSync (Menu → Log Out):

  • The session reference to your NetSuite tokens is lost.

  • ExtendSync cannot automatically revoke the token.

  • Over time, these unrevoked tokens accumulate.

Best Practice:
Before closing the Outlook web browser tab, log out of NetSuite via ExtendSync (Menu → Log Out).

💡 Note:
If you exit your browser while the Outlook tab remains open and later restore your tabs, your session data will remain intact.

🔵 User has enabled 'Clear Cache On Exit' for their browser

Behavior:
If your browser is configured to clear cache upon exit, ExtendSync cannot trigger its logout sequence because the cached session data used to revoke tokens is deleted prematurely.

This is most common in:

  • Edge (default browser cache for modern Windows builds)

  • Internet Explorer (used in older Windows builds)

Best Practice:
Disable “Clear Cache on Exit” in your browser settings, or ensure you log out via ExtendSync before closing Outlook.

🔵 User manually clears their browser cache

Behavior:
If you manually clear your browser cache without logging out of ExtendSync, your next login will generate a new token.
Since the previous session’s token reference is deleted, it cannot be revoked. This leads to token accumulation.

Best Practice:
Always log out of ExtendSync before clearing browser cache.

Resolving the issue

🔵 Manually Revoking Tokens in NetSuite

If you’ve reached the 25-token limit, you must manually revoke old or unused tokens in NetSuite.

Steps:

  1. In NetSuite, go to Setup → Users/Roles → Access Tokens.

  2. Locate the user’s token list.

  3. Select and revoke older or unnecessary tokens.

Once revoked, you can log back into ExtendSync normally.

Related Articles
End-Users: How to Install and Login to ExtendSync Outlook from Microsoft AppSource
Troubleshooting: Trouble updating or loading your ExtendSync Outlook
Troubleshooting: How to log out of ExtendSync for Outlook NetSuite
Settings: Optimize performance by checking for a connection to the ExtendSync Outlook bundle
Troubleshooting: Making sure that browser cache is not being cleared on exit
Did this answer your question?