Auth0 Home Blog Docs

Did auth0 server just experience clock skew? And what can I do about it?

I just experienced an issue where a user could not log in. This is the stacktrace I found on the server:

com.auth0.jwt.exceptions.InvalidClaimException: The Token can’t be used before Tue Jan 15 15:10:31 PST 2019.
at com.auth0.jwt.JWTVerifier.assertDateIsPast(JWTVerifier.java:448)
at com.auth0.jwt.JWTVerifier.assertValidDateClaim(JWTVerifier.java:434)
at com.auth0.jwt.JWTVerifier.verifyClaims(JWTVerifier.java:376)
at com.auth0.jwt.JWTVerifier.verify(JWTVerifier.java:355)

It seems the JWT token signed to me was several minutes in the future so it couldn’t be verified. After my computer’s time, which was correct, caught up with the token’s time, the login was allowed.

I don’t believe there’s anything I can really do on my side to prevent this. At best, I can catch the error and display an appropriate response.

Can anyone verify if this is the case?

Auth0, what are you doing to ensure there’s no clock skew on your servers issuing these tokens?

Are you still experiencing this? I am not aware of any issues that would have caused this.

I’m experiencing the same Issue. Did you resolve this?
This is the stacktrace:
com.auth0.jwt.exceptions.InvalidClaimException: The Token can’t be used before Fri May 24 11:57:55 UTC 2019.
at com.auth0.jwt.JWTVerifier.assertDateIsPast(JWTVerifier.java:480) ~[java-jwt-3.7.0.jar!/:na]
at com.auth0.jwt.JWTVerifier.assertValidDateClaim(JWTVerifier.java:466) ~[java-jwt-3.7.0.jar!/:na]
at com.auth0.jwt.JWTVerifier.verifyClaims(JWTVerifier.java:408) ~[java-jwt-3.7.0.jar!/:na]
at com.auth0.jwt.JWTVerifier.verify(JWTVerifier.java:387) ~[java-jwt-3.7.0.jar!/:na]

Hey there!

Sorry for such huge delay in response! We’re doing our best in providing you with best developer support experience out there, but sometimes our bandwidth is not enough comparing to the number of incoming questions.

Wanted to reach out to know if you still require further assistance?

I have not experienced the issue again. But it was happening pretty often back in Jan when I posted this issue.

I think the best thing to do on the client app side is to invalidate the token and have the user relogin and hope it doesn’t happen again.

Thanks a lot for sharing that!