Identityserver4: Implicit flow Access token lifetime valid for next 5 min more minutes after expiry
We can only help you if you are on the latest version. Either use the latest 3.x or 4.x
version 3.0.1
Issue / Steps to reproduce the problem
Identity Database client A has accesstokenlifetime as 300, identitytokenlifetime as 300
when the token is received it also has expiry time according to the database configuration
"nbf": 1594177726,
"exp": 1594178026,
But when I call API using this token after expiry time it is still validated for next 5 more min
My app hosted on azure web app which has WEBSITE_TIME_ZONE - India Standard Time
kajaljain
All 3 comments
The target validating access tokens has a 5 minutes clock skew ,(allowing 5 minutes old tokens) by default.
You can set to to something else here
new TokenValidationParameters
{
IssuerSigningKeys = openIdConfig.SigningKeys,
ValidAudiences = new[] { audience },
ValidIssuer = issuer,
ValidateLifetime = true,
ValidateAudience = true,
ValidateIssuer = true,
ValidateIssuerSigningKey = true,
ValidateTokenReplay = true,
ClockSkew = TimeSpan.FromMinutes(0) //#### Don't accept clock skew
};
tndata
on 8 Jul 2020
Thanks, now working!
kajaljain
on 8 Jul 2020
This issue has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.
![github-actions[bot] picture](https://avatars2.githubusercontent.com/in/15368?v=4&s=40)
github-actions[bot]
on 26 Nov 2020
Related issues
klioqc
路
3Comments
osudude
路
3Comments
krgm03
路
3Comments
leastprivilege
路
3Comments
nukec
路
3Comments
Most helpful comment
The target validating access tokens has a 5 minutes clock skew ,(allowing 5 minutes old tokens) by default.
You can set to to something else here