Aspose PDF "Authentication failed" exception

Aspose.PDF Product Family
1

We are randomly seeing Aspose PDF authentication failed exceptions in the .net application. This error is very random and occurs once in few days.
The code is assigning the metered license and does retries using polly while assigning the license. Re attempt is done 3 times before logging an exception. Please help address this issue.

Aspose version: Aspose.PDF.25.1.0
Exception time between: 11/05/2025 from 01:14 Am to 10:30 Am CST

A message has been logged that matches your subscription:
type_id in (Error) and message LIKE ā€˜%Aspose Metered license failed after 3 tries%ā€™ and category_id in (WebPayroll.AIMS-Webpayroll, WebPayroll.WebPayroll)

Message details:
All attempts to set Aspose Metered license failed after 3 tries. Last error: System.InvalidOperationException: Authentication failed.
at dje_qH9Y6BSVR94WX5P5U9AV23726ZE2LSXX26KX9LJAN8UZK6ZFFLC6A_ejd.#=zliKheL99zUivrUCwHeY9m1umudU9(Object #=zQXONUWg=)
at dje_qH9Y6BSVR94WX5P5U9AV23726ZE2LSXX26KX9LJAN8UZK6ZFFLC6A_ejd.#=zrdSs835T8YblfNXaWEPT$x6JSVIC(Object #=zQXONUWg=)
at dje_qH9Y6BSVR94WX5P5U9AV23726ZE2LSXX26KX9LJAN8UZK6ZFFLC6A_ejd.#=zwmidnSvOvhQVYxI46deAYDhjXywDvD6xPg==(dje_qH9Y6BSVR94WX5P5U9AV23726ZE2LSXX26KX9LJAN8UZK6ZFFLC6A_ejd #=zQXONUWg=, #=qnGB2JgBW5SXMOqGqNyRNKIMSjey75FF215IEBr9obxE= #=z1aZLMbw=)
at dje_qH9Y6BSVR94WX5P5U9AV23726ZE2LSXX26KX9LJAN8UZK6ZFFLC6A_ejd.#=zB8SgfmKJA0NE_1RayzvcAGLg400l()
at dje_qH9Y6BSVR94WX5P5U9AV23726ZE2LSXX26KX9LJAN8UZK6ZFFLC6A_ejd.#=zpe2W$NZ8I8w$2e2Y4EIhq48ymhgY(Boolean #=zQXONUWg=)
at dje_qH9Y6BSVR94WX5P5U9AV23726ZE2LSXX26KX9LJAN8UZK6ZFFLC6A_ejd.#=zliKheL99zUivrUCwHeY9m1umudU9(Object #=zQXONUWg=)
at dje_qH9Y6BSVR94WX5P5U9AV23726ZE2LSXX26KX9LJAN8UZK6ZFFLC6A_ejd.#=zrdSs835T8YblfNXaWEPT$x6JSVIC(Object #=zQXONUWg=)
at dje_qH9Y6BSVR94WX5P5U9AV23726ZE2LSXX26KX9LJAN8UZK6ZFFLC6A_ejd.#=zgmuo56rjnsmi5uvf7UvX7OzdIp9U()
at dje_qH9Y6BSVR94WX5P5U9AV23726ZE2LSXX26KX9LJAN8UZK6ZFFLC6A_ejd.#=zd_NlKlouTze6DgFCmZdUXhrJ$DBwB$TXK7eP8wI=(Object #=zQXONUWg=, UInt32 #=z1aZLMbw=)
at dje_qH9Y6BSVR94WX5P5U9AV23726ZE2LSXX26KX9LJAN8UZK6ZFFLC6A_ejd.#=zpe2W$NZ8I8w$2e2Y4EIhq48ymhgY(Boolean #=zQXONUWg=)
at dje_qH9Y6BSVR94WX5P5U9AV23726ZE2LSXX26KX9LJAN8UZK6ZFFLC6A_ejd.#=zOZhVoghYkQ6OnpqF8vVTJ4Pk27ZyBa6ZvmcvwJmjHbto()
at dje_qH9Y6BSVR94WX5P5U9AV23726ZE2LSXX26KX9LJAN8UZK6ZFFLC6A_ejd.#=zP0mT6SF5LpHRWfFpHOlAulCuBfjRBPJc78T8gunULi4E(Object[] #=zQXONUWg=, Type[] #=z1aZLMbw=, Type[] #=zl74Mpy0=, Object[] #=zxLHi_io=)
at dje_qH9Y6BSVR94WX5P5U9AV23726ZE2LSXX26KX9LJAN8UZK6ZFFLC6A_ejd.#=zg1ktkHOIP4AlFFQlbEvKh0i$pve1zE9nLR_f7j4=(Stream #=zQXONUWg=, String #=z1aZLMbw=, Object[] #=zl74Mpy0=, Type[] #=zxLHi_io=, Type[] #=zMRVWfzE=, Object[] #=zRcxvzig=)
at dje_qH9Y6BSVR94WX5P5U9AV23726ZE2LSXX26KX9LJAN8UZK6ZFFLC6A_ejd.#=zWzpqGk3avf91ztiY$iI2MUo=(Stream #=zQXONUWg=, String #=z1aZLMbw=, Object[] #=zl74Mpy0=)
at dje_qH9Y6BSVR94WX5P5U9AV23726ZE2LSXX26KX9LJAN8UZK6ZFFLC6A_ejd.#=z9Xzy6YQiANMrg6lcTu_mfwRtGVqG(Stream #=zQXONUWg=, String #=z1aZLMbw=, Object[] #=zl74Mpy0=)
at Aspose.Pdf.Metered.SetMeteredKey(String publicKey, String privateKey)
at ASF.WebPayroll.Common.CyberArkConfigReader.<>c__DisplayClass5_0.b__2() in E:\BuildAgents\WDVTFSBLDP04-1_work\1068\s\ASF.Webpayroll.WebApps\ASF.Webpayroll.WebApps\Common\CyberArkConfigReader.cs:line 110
at Polly.Policy.<>c__DisplayClass108_0.b__0(Context _, CancellationToken _)
at Polly.Policy.<>c__DisplayClass138_0.b__0(Context ctx, CancellationToken token)
at Polly.Retry.RetryEngine.Implementation[TResult](Func3 action, Context context, CancellationToken cancellationToken, ExceptionPredicates shouldRetryExceptionPredicates, ResultPredicates1 shouldRetryResultPredicates, Action4 onRetry, Int32 permittedRetryCount, IEnumerable1 sleepDurationsEnumerable, Func4 sleepDurationProvider) at Polly.Retry.RetryPolicy.Implementation[TResult](Func3 action, Context context, CancellationToken cancellationToken)
at Polly.Policy.Implementation(Action2 action, Context context, CancellationToken cancellationToken) at Polly.Policy.Execute(Action2 action, Context context, CancellationToken cancellationToken)
at ASF.WebPayroll.Common.CyberArkConfigReader.Configuration() in E:\BuildAgents\WDVTFSBLDP04-1_work\1068\s\ASF.Webpayroll.WebApps\ASF.Webpayroll.WebApps\Common\CyberArkConfigReader.cs:line 80

2

@karthikchinnibabu

Summary
Your application sometimes throws System.InvalidOperationException: Authentication failed when calling Aspose.Pdf.Metered.SetMeteredKey. The exception originates from the meteredā€‘license validation that contacts Asposeā€™s licensing service.

Why it happens

  1. Transient network problems ā€“ The validation request must reach Asposeā€™s cloud endpoint. DNS hiccups, proxy/firewall blocks, TLS handshake failures, or brief loss of connectivity can cause the request to fail.
  2. Rateā€‘limiting ā€“ Reā€‘issuing the meteredā€‘key many times in a short period (for example, on every request) may trigger Asposeā€™s throttling, resulting in the same exception.
  3. Concurrent initialization ā€“ Invoking SetMeteredKey from multiple threads simultaneously can race the internal HTTP client and produce intermittent authentication errors.
  4. TLS version mismatch ā€“ Older SDK builds may default to TLS 1.0/1.1. If the runtime does not automatically use TLS 1.2+, the handshake with Asposeā€™s service can fail sporadically.
  5. Incorrect or revoked keys ā€“ A typo, corrupted string, or a key that has been revoked will always fail. Because the key works most of the time, the issue is usually one of the transient factors above.

What to do next

  1. Initialize the metered license only once (application startā€‘up).
public static class AsposeLicense
{
private static readonly object _lock = new();
private static bool _initialized;

public static void Apply(string publicKey, string privateKey)
{
if (_initialized) return;

lock (_lock)
{
if (_initialized) return;

Force TLS 1.2 (required by Aspose cloud services)
System.Net.ServicePointManager.SecurityProtocol =
System.Net.SecurityProtocolType.Tls12;

Simple retry with exponential backā€‘off (Polly)
var policy = Polly.Policy
.Handle<InvalidOperationException>(ex => ex.Message.Contains("Authentication failed"))
.WaitAndRetry(
retryCount: 5,
sleepDurationProvider: attempt => TimeSpan.FromSeconds(Math.Pow(2, attempt)),
(ex, ts, retry, ctx) =>
{
Log the retry attempt
Console.WriteLine($"License retry {retry}: {ex.Message}");
});

policy.Execute(() => Aspose.Pdf.Metered.SetMeteredKey(publicKey, privateKey));

_initialized = true;
}
}
}

Call AsposeLicense.Apply(publicKey, privateKey); once during application startā€‘up (e.g., in Program.Main or Startup.Configure).

  1. Verify network reliability
  • Confirm the server can reach the Aspose licensing endpoint (e.g., `) from the production environment.
  • If a proxy or firewall is present, ensure it permits outbound HTTPS traffic to that endpoint.
  • Capture any socket or DNS errors in your logs to help pinpoint connectivity issues.
  1. Avoid repeated license calls
  • Do not call SetMeteredKey on every request; keep the single initialization from step 1.
  • This reduces the chance of hitting rate limits and eliminates unnecessary network traffic.
  1. Upgrade the Aspose.Pdf SDK if feasible
  • Newer SDK versions often include improvements to the licensing handshake and better handling of transient network errors.
  • Test the upgrade in a nonā€‘production environment before rolling it out.
  1. Validate the license keys
  • Doubleā€‘check that the public and private keys exactly match the values shown in your Aspose Cloud console.
  • If you suspect a key issue, generate a fresh pair in the console and update the code accordingly.
  1. Add robust logging and monitoring
  • Log each successful or failed license initialization with timestamp, exception details, and retry count.
  • Correlate failures with any known network incidents (VPN drops, DNS changes, etc.) to identify patterns.
  1. Consider a perpetual (fileā€‘based) license for production
  • If you have a perpetual license, loading it with new Aspose.Pdf.License().SetLicense("Aspose.Pdf.lic"); removes the need for runtime authentication entirely, eliminating this class of errors.

These actions are intended to reduce the occurrence of the ā€œAuthentication failedā€ exception. If the issue continues after applying them, capture a full HTTP trace (e.g., with Fiddler or Wireshark) of a failing request and provide the trace for further internal analysis.

:warning: I could not fully verify this explanation against the retrieved sources. Please double-check the behaviour in your environment and confirm the exact SDK/version.

1 Like