Auth0 Home Blog Docs

Did auth0 server just experience clock skew? And what can I do about it?

I just experienced an issue where a user could not log in. This is the stacktrace I found on the server:

com.auth0.jwt.exceptions.InvalidClaimException: The Token can’t be used before Tue Jan 15 15:10:31 PST 2019.
at com.auth0.jwt.JWTVerifier.assertDateIsPast(JWTVerifier.java:448)
at com.auth0.jwt.JWTVerifier.assertValidDateClaim(JWTVerifier.java:434)
at com.auth0.jwt.JWTVerifier.verifyClaims(JWTVerifier.java:376)
at com.auth0.jwt.JWTVerifier.verify(JWTVerifier.java:355)

It seems the JWT token signed to me was several minutes in the future so it couldn’t be verified. After my computer’s time, which was correct, caught up with the token’s time, the login was allowed.

I don’t believe there’s anything I can really do on my side to prevent this. At best, I can catch the error and display an appropriate response.

Can anyone verify if this is the case?

Auth0, what are you doing to ensure there’s no clock skew on your servers issuing these tokens?

Are you still experiencing this? I am not aware of any issues that would have caused this.

I’m experiencing the same Issue. Did you resolve this?
This is the stacktrace:
com.auth0.jwt.exceptions.InvalidClaimException: The Token can’t be used before Fri May 24 11:57:55 UTC 2019.
at com.auth0.jwt.JWTVerifier.assertDateIsPast(JWTVerifier.java:480) ~[java-jwt-3.7.0.jar!/:na]
at com.auth0.jwt.JWTVerifier.assertValidDateClaim(JWTVerifier.java:466) ~[java-jwt-3.7.0.jar!/:na]
at com.auth0.jwt.JWTVerifier.verifyClaims(JWTVerifier.java:408) ~[java-jwt-3.7.0.jar!/:na]
at com.auth0.jwt.JWTVerifier.verify(JWTVerifier.java:387) ~[java-jwt-3.7.0.jar!/:na]