Context
Found during review of #369.
Problem
The health monitor's periodic health check uses unauthenticated HEAD /api/v4/version, which only verifies network reachability. If a token is revoked or loses scope mid-session, the health monitor stays in healthy state because auth errors (401/403) are classified as auth (not transient) and don't increment failure counters.
Suggested approach
Add an optional authenticated health check (e.g., HEAD /api/v4/user with token) alongside the unauthenticated reachability check. When the authenticated check returns 401/403, transition to failed state.
Files involved
src/services/HealthMonitor.ts (performHealthCheck actor, quickHealthCheck function)
Context
Found during review of #369.
Problem
The health monitor's periodic health check uses unauthenticated
HEAD /api/v4/version, which only verifies network reachability. If a token is revoked or loses scope mid-session, the health monitor stays inhealthystate because auth errors (401/403) are classified asauth(nottransient) and don't increment failure counters.Suggested approach
Add an optional authenticated health check (e.g.,
HEAD /api/v4/userwith token) alongside the unauthenticated reachability check. When the authenticated check returns 401/403, transition tofailedstate.Files involved
src/services/HealthMonitor.ts(performHealthCheck actor, quickHealthCheck function)