How to fix INVALID_SESSION_ID in Salesforce deployments
The session ID used to authenticate an API call has expired, been revoked, or was never valid.
Surfaces during: any API call, most often mid-way through a long-running deploy or test jobWhat it means
INVALID_SESSION_ID means the access token authenticating an API or Metadata API call is no longer valid, whether because it expired, was revoked, or wasn't a real session to begin with. Salesforce rejects the call outright before attempting the requested deployment or data operation, since authentication is checked first.
Unlike INVALID_LOGIN, which blocks the very first authentication attempt, this error strikes mid-job: the pipeline authenticated successfully, started working, and the session died somewhere in the middle of a long-running deploy, test run, or Bulk API job.
Common causes
The fix
- Authenticate fresh immediately before long-running jobsRe-authenticate or refresh the token right before kicking off a deploy or test run rather than reusing an older session.
- Extend session timeout settings where legitimateIncrease the session timeout in Setup for orgs where CI runs genuinely take longer than the default window.
- Avoid caching session IDs across pipeline runsRe-authenticate per job instead of persisting and reusing a session ID between separate pipeline executions.
How Serpent prevents this
Serpent manages authenticated connections to every org centrally and refreshes them automatically, so a long-running deploy or test job doesn't die mid-run because a cached session expired underneath it. See the Salesforce deployment error library.

Prevention
Related errors
INVALID_SESSION_ID, answered
Start free. No credit card, no install, no commitment.
Set up in under 15 minutes. No DevOps hire needed.
