diff --git a/src/client/http_client.rs b/src/client/http_client.rs
index 99558dba..e3f9f323 100644
--- a/src/client/http_client.rs
+++ b/src/client/http_client.rs
@@ -405,6 +405,9 @@ impl HttpClient {
     ///
     /// Login is done on demand, so this is only required if you need
     /// access to authentication data in 'AuthInfo'.
+    ///
+    /// Note: tickets a periodially re-newed, so one can use this
+    /// to query changed ticket.
     pub async fn login(&self) -> Result<AuthInfo, Error> {
         if let Some(future) = &self.first_auth {
             future.listen().await?;
diff --git a/src/client/pull.rs b/src/client/pull.rs
index a80b10dc..0d24d7b9 100644
--- a/src/client/pull.rs
+++ b/src/client/pull.rs
@@ -410,7 +410,8 @@ pub async fn pull_group(
 
     list.sort_unstable_by(|a, b| a.backup_time.cmp(&b.backup_time));
 
-    let auth_info = client.login().await?;
+    client.login().await?; // make sure auth is complete
+
     let fingerprint = client.fingerprint();
 
     let last_sync = tgt_store.last_successful_backup(group)?;
@@ -447,6 +448,9 @@ pub async fn pull_group(
             if last_sync_time > backup_time { continue; }
         }
 
+        // get updated auth_info (new tickets)
+        let auth_info = client.login().await?;
+
         let options = HttpClientOptions::new()
             .password(Some(auth_info.ticket.clone()))
             .fingerprint(fingerprint.clone());