We are seeing an issue I can not explain and I have no idea how or where to debug it. When our mobile app calls our api, sometimes one of the requests will randomly fail authentication. This triggers our login, which will get a proper 200 and redirect back. This results in an XHR redirection loop.
As you can see in the GIF below, we start out with 200's. Then when preferences-hash is called, all of a sudden we get a 401 with invalid JWT token even though the exact same bearer is used (as you can see when switching to successful requests).
The more requests are fired, the more are suddenly getting 401's back. And then eventually, after a couple of cycles everything will get 200 and all is fine.