Token was deauthenticated after trying to refresh it
As of Symfony 4.0, logout_on_user_change is set to true. That means a user will be logged out if it has been changed. You should implement Symfony\Component\Security\Core\User\EquatableInterface and add the isEqualTo method: class User implements EquatableInterface { public function isEqualTo(UserInterface $user) { if ($this->password !== $user->getPassword()) { return false; } if ($this->salt !== $user->getSalt()) { return … Read more