Yes, if the auth service is broken, then this code won’t work either. You could probably put some sort of monitor that tracks the number of tokens returned per second and exits if it’s over a certain threshold, but I think it would be more productive to just fix the auth service.