---
id: OV-C10-EDGE-005
title: "Auth token expiry does not disrupt offline work; sync holds until re-auth"
product: mobile
module: offline-visitation
type: recovery
priority: P0
risk: critical
status: draft
automationStatus: planned
sourceRefs:
  tsd: PK144
  tsdSection: C10
  tsdScenario: C10.2
  prd: PK144
  jira: null
automationRef: null
lifecycleStatus: active
lifecycleReason: "AI-generated draft from PK144 TSD C10.2; pending QA review."
lastReviewedAt: null
reviewedBy: null
supersededBy: null
duplicateOf: null
blockedBy: null
preconditionRefs:
  - PRE-OV-mode-luring-active
tags:
  - mobile
  - offline-visitation
  - auth
  - sync
  - edge-case
  - pk144
  - staging
---
## Objective
Verify offline operations are protected when the auth token expires, and sync resumes after re-authentication.

## Preconditions
- See [[PRE-OV-mode-luring-active]]
- And the backend session token has expired while working offline

## Steps
1. Continue working with downloaded data while offline
2. Let the network recover and a silent sync attempt run with the expired token
3. Re-authenticate via the standard login flow

## Expected Result
- Then no re-authentication is prompted offline (no login screens or session-expiry popups) and the visit can be completed using local data
- And when sync attempts and auth fails, sync HOLDS pending items, waits for re-authentication, and items remain in Gagal Kirim (Gagal Terkirim), NOT marked as permanent failure
- And after re-authentication queued items resume sync automatically with no manual action
- And the non-blocking silent retry policy applies

## Source Traceability
- TSD: PK144
- Section: C10 - Cross-cutting Edge Cases & Failure Recovery
- Scenario: C10.2 - Auth token expiry: offline operations protected
- Acceptance Criteria: E11.US-2 AC1–AC4

## Evidence Required
- Behavior trace across offline work, failed sync hold, and post-re-auth resume.

## Notes / Gaps
- Testing Concern #38 (High): auth token refresh boundary contract (cross-PRD).