Reputation: 13
Bearer error="invalid_token", error_description="The token is not valid before
My scenario is when we are testing with user logging-in and logging-out multiple times, we are getting error randomly -
Date: Tue, 22 Jun 2021 13:58:41 GMT WWW-Authenticate: Bearer error="invalid_token", error_description="The token is not valid before '06/22/2021 13:58:42'"
Backend API in dot net core, where we are generating and validating JWT tokens,
Upvotes: 1
Views: 3045
Answers (1)
Reputation:
Your tokens have the nbf (JWT Not Before) Claim, when verifying a token with nbf the current time must be at or after that timestamp. These timestamps are UNIX timestamps in seconds.
What may be happening is
- when you produce these tokens with
nbfthe claim value is ceiled to the nearest second, instead of being floored. - your clock may be skewed between the producer and consumer
In both cases the recommended way is described in the RFC
Implementers MAY provide for some small leeway, usually no more than a few minutes, to account for clock skew.
Some verification option like clock skew or clock tolerance may be present which you need to set to some acceptable value, e.g. 5 seconds to accommodate for tiny clock skew or floor/ceil discrepancies.
Upvotes: 5
Related Questions
- Getting issues when creating token with JWT
- JWT Bearer Keeps returning 401 Status - Bearer error="invalid_token", error_description="The signature is invalid"
- jwt_auth_no_auth_header error on validating WordPress REST API JWT token
- Why i'm getting "Bearer error="invalid_token"" in asp.net webapi?
- JWT Token does not begin with Bearer String ,and in axioms when sending it began with Bearer
- JWT Token could not be verifed before
- My jwt bearer token returns error="invalid_token", error_description="The token expired" with postman
- 401 unauthorised using a bearer token with Laravel Passport
- Insufficient Scope error. Token does not contain scopes
- How to debug JWT Bearer Error "invalid_token"