The user can be logged out due to several reasons and then the token will be illegal and use of it will lead to a session failure. In ApiSetItem this is reported as a no-token -error which is wrong. When this happens the error message should be intercepted and the user logged in again. Preferably without the user loosing any on-going changes.
A guess is that a small popup window asking for user credentials should be sufficient, and after logging in the user through the ordinary API the Wikibase API can be queried for new token(s).
Version: unspecified
Severity: normal