Azure AD token 5 minutes behind - PhpOut

ReddyRohit
September 9, 2022
106 views
1 vote
2 Answers

I am using RS256 algorithm to generate Azure AD token.

When I decode the token in https://jwt.io/ The issued at is 5 minutes behind the time of request.

Requested time: 9:00:00 PM IST.

Issued at: 8:55:00 PM IST.

Little strange but why?

Thank you in advance!

Tags: azure azure-active-directory jwt token

Answers

- Urmas
- September 13, 2022 at 1:55 pm
- 0 votes
0
I can’t find documentation, but that’s by design. To make sure that when some systems have some minor offsets of times, then tocen is still good for acceesing your app/env

Login or Signup to reply.

- mybrave
- September 27, 2022 at 2:21 pm
- 0 votes
0
This is called "Clock Skew" and the official reason is

The need of the clock skew is to avoid situations where the client clock and the token issuing service clock are not exactly in sync. However, we plan to make it a configurable value and is in our backlog.

You can read more about it e.g. here

Login or Signup to reply.

Please signup or login to give your own answer.

Click here to cancel reply.