Lifetime validation failed. The token is expired


We’ve had Auth0 setup and working successfully for a while. However, I’ve noticed we’re getting occasional auth exceptions thrown (5-6 per day). It’s a .net Core WebApi 3.1 service, hosted on Azure.

“Lifetime validation failed. The token is expired”


After some reading around, this seems related to our auth scheme:

"options.TokenValidationParameters = new TokenValidationParameters"
"ValidateLifetime = true"

It totally makes sense that we should want to validate the lifetime of a token, and kick it out if it’s not appropriate, so I don’t want to turn this setting off.

Most of the topics I could find out this point to a time sync error between the auth server and the api. I’ve checked our API time in the console and it looks correct (set to UTC). I can’t imagine Auth0’s auth clock is out more than the 5 minutes that the default Clock Skew is set to.

However, I’m also not seeing the same issue in our other APIs, which have almost identical code/settings.

Any ideas? Thanks!

I am running into the same issue occasionally. Were you able to resolve this?

Unfortunately not. In the end we did some telemetry filtering within the API to avoid the message setting off our alerts.