Auth0 Home Blog Docs

Issued At Claim Error

Hi,

I have a react app that is using the auth0 spa for user login.

Some of my users are receiving an error that prevents them from logging in.

Uncaught (in promise) Error: Issued At (iat) claim error in the ID token; current time is before issued at time

The time difference is about 5 seconds.

I believe the users are on a network that is using a proxy server, which might be causing the time difference.

Does the validation happen on the local machine? If so, there might be a time difference from the proxy server and the client machine.

Is there a way to allow some ‘room’ between the times to allow for this error? For example: a 10 second allowance between the times?

edit: I can see there is a leeway option to allow for slight time differences but the error message I have doesn’t match with the error messages I have found in auth0-spa-js.

Hi nmck,

leeway is used to account for the clock skew of JWT expiration, not the Issued At (iat) time.

The most probable reason of this error is the user’s machine is out of sync of time. You could check it by comparing the local time on the user’s machine with a time source on internet, such as https://www.timeanddate.com/
If there is an out of sync, the user needs to adjust their local machine’s time or configure NTP on their machine to sync time.

Hi @Guangjie,

Thanks for your reply.

I have seen this issue on two different machines (that are on the network with the proxy) which is why I initially thought it may be correlated to the proxy server.

I would doubt that both machines are out of sync, do you have any other thoughts that would cause this issue?

@nmck I had this issue happen to me yesterday. Looking at when you raised this issue I was certain it was an issue out of our control however, the users machine was indeed a minute slow. Which exceeded the leeway.

Good luck!

@mderrick thanks for the info, I’ll take another look at the affected machines.

Thanks!