Base solution for your next web application
Open Closed

Lifetime validation failed. The token is expired #9573


User avatar
0
-bitman created
  • What is your product version? 8.2.0
  • What is your product type (Angular or MVC)? Angular
  • What is product framework type (.net framework or .net core)? .net core

I would like to get advice regarding the error I am getting in the application that is deployed in azure having multiple server instances.

info: Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerHandler[1]
      Failed to validate the token.
Microsoft.IdentityModel.Tokens.SecurityTokenExpiredException: IDX10223: Lifetime validation failed. The token is expired. ValidTo: '[PII is hidden. For more details, see https://aka.ms/IdentityModel/PII.]', Current time: '[PII is hidden. For more details, see https://aka.ms/IdentityModel/PII.]'.
   at Microsoft.IdentityModel.Tokens.Validators.ValidateLifetime(Nullable`1 notBefore, Nullable`1 expires, SecurityToken securityToken, TokenValidationParameters validationParameters)
   at System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateLifetime(Nullable`1 notBefore, Nullable`1 expires, JwtSecurityToken jwtToken, TokenValidationParameters validationParameters)
   at System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateTokenPayload(JwtSecurityToken jwtToken, TokenValidationParameters validationParameters)
   at System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateToken(String token, TokenValidationParameters validationParameters, SecurityToken& validatedToken)
   at SprintTek.Web.Authentication.JwtBearer.SprintTekJwtSecurityTokenHandler.ValidateToken(String securityToken, TokenValidationParameters validationParameters, SecurityToken& validatedToken) in C:\Users\SSPH\source\agent\_work\5\s\aspnet-core\src\SprintTek.Web.Core\Authentication\JwtBearer\SprintTekJwtSecurityTokenHandler.cs:line 40
   at Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerHandler.HandleAuthenticateAsync()
info: Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerHandler[7]
      Bearer was not authenticated. Failure message: IDX10223: Lifetime validation failed. The token is expired. ValidTo: '[PII is hidden. For more details, see https://aka.ms/IdentityModel/PII.]', Current time: '[PII is hidden. For more details, see https://aka.ms/IdentityModel/PII.]'.
info: Microsoft.AspNetCore.Routing.EndpointMiddleware[0]
      Executing endpoint 'SprintTek.Web.Controllers.TokenAuthController.GetExternalAuthenticationProviders (SprintTek.Web.Core)'

I checked the AccessTokenExpiration settings and it is for 1 day.

Please advise. Thank you!


5 Answer(s)
  • User Avatar
    0
    -bitman created

    If it helps, we have written an Android and an iOS application that is used by around 500 users and it sends API requests to the backend every 30 seconds. It seems that the RefreshToken() is failing at some point but I am not 100% sure because it is intermittent.

    Please advise. Thank you!

  • User Avatar
    0
    maliming created
    Support Team

    hi

    This does not seem to be an error. Sometimes the token may expire during the authentication process

  • User Avatar
    0
    -bitman created

    Hello @maliming,

    Thank you for replying. Based on how we call the api do you think a short interval is the one causing the expiration? Or can you suggest which avenue I should be looking at in order to avoid this?

    Thank you!

  • User Avatar
    0
    maliming created
    Support Team

    This is just a log of token invalid , you can ignore it. : )

  • User Avatar
    0
    -bitman created

    Thank you @maliming.