Random 401 Unauthorized on OAuth2 for some users on /oauth2/@me & /users/@me.

[RealAlphabet]

Since the beginning of the year, I've been experiencing a problem with the Oauth2 Discord API. Randomly, Oauth2 tokens return "401 Unauthorized" when I try to retrieve the associated user (after refreshing the token) or the token information with the introspection route. This causes a loop and a denial of service on my API every time a buggy user logs in with his Discord account on my platform. The loop problem has been fixed but I still got Cloudflare Ban 24 hours because of it. There's a huge problem from an OAuth2 data integrity point of view on Discord, I've never seen anything like it. I've tested it several times, even by hand, the route accepts all the refresh tokens I give it, sends me back a new token, but I can't do anything with that token, I have to ask the user to connect and in 15% of cases (I've been monitoring for 1 month now) users simply can't connect to my platform. I had to create several applications and test them in round robin mode to get around the problem...

An example of a buggy user. I have to forcibly revoke the token with the route to revoke the token and the user has to reconnect for it to work again. Otherwise, even reconnecting doesn't work 70% of the time for the user.

Please note that I have created 4 different applications since the end of December, so this is not due to the application. I've even tried removing the "guilds.join" scope and leaving only "identify", but the problem persists. I've also bought a new IP address with a very good reputation from my German host, but it's no use.

[RealAlphabet]

Migrating this to an issue instead #6769.