Expiration Time (exp) claim error in the ID token

niks · June 23, 2021, 10:42pm

Hi,

I have a react app that uses auth0.authorize() [auth0-js library] for user login.

Some of the users are unable to login & the error logs are as follows:

Expiration Time (exp) claim error in the ID token; current time "Wed Jun 16 2021 09:05:36 GMT+0000 (Coordinated Universal Time)" is after expiration time "Wed Jun 16 2021 08:10:49 GMT+0000 (Coordinated Universal Time)"

The difference is about an hour. The user actual login request timestamp is 2021-06-16T08:04:50.200Z.

The user has tried doing login from different VPN endpoints from different locations, but is still seeing the same issue.

Is there any way where we need to enforce a particular timezone (UTC)? Only a handful of end-users are seeing this issue so far.

Any pointers will be highly appreciated.

konrad.sopala · July 1, 2021, 8:28am

The issue here was specific to user’s local machine time. It was not synced with the world clock & hence it was 1 hour ahead of the actual time. This was causing the JWT to be considered as expired. We asked the user to check the time on the local machine on this website: https://time.is and it was clearly showing the difference in there.

Issue got resolved when the user synced their machine clocks with the OS time settings (eg: Apple clock auto set).

Topic		Replies	Views
Expiration Time (exp) claim error in the ID token — larger time discrepancies Help auth0 , id_token , login , expiration , time	4	3807	August 17, 2021
Issued At Claim Error Help	11	6241	January 16, 2020
Access token expiry time is not getting applied on the JWT token Help jwt , expiration	6	7319	April 7, 2020
Token expiry stuck at 7200 seconds Help id_token , access_token , expire	7	8678	September 17, 2018
JWT expiration fixed at 3600 sec (one hour) JWT.io	2	6535	December 24, 2018

Expiration Time (exp) claim error in the ID token

Related Topics