DEV Community

Mark Nefedov
Mark Nefedov

Posted on

Dotnet authentication clock skew.

#webdev #dotnet #auth #discuss

If you use dotnet JWT authentication check your TokenValidationParameters, and make sure you have set ClockSkew to reasonable values. By default, it is set to 300 seconds (5 minutes). That make your JWT tokens valid for extra 5 minutes.

/// <summary>
        /// Gets or sets the clock skew to apply when validating a time.
        /// </summary>
        /// <exception cref="ArgumentOutOfRangeException">If 'value' is less than 0.</exception>
        /// The default is <c>300</c> seconds (5 minutes).
        [DefaultValue(300)]
        public TimeSpan ClockSkew
        {
            get
            {
                return _clockSkew;
            }

            set
            {
                if (value < TimeSpan.Zero)
                    throw LogHelper.LogExceptionMessage(new ArgumentOutOfRangeException(nameof(value), LogHelper.FormatInvariant(LogMessages.IDX10100, LogHelper.MarkAsNonPII(value))));

                _clockSkew = value;
            }
        }
Enter fullscreen mode Exit fullscreen mode

Top comments (0)

Read next

om_vaja profile image

Node JS - The Event Loop

Om Vaja -

probir-sarkar profile image

Next.js Interview Mastery: Essential Questions 81-90 (Part 9)

Probir Sarkar -

muhammadawaisshaikh profile image

Angular Version 19: New Features and Updates

Muhammad Awais -

aniruddhadak profile image

👨‍💻 My Developer Portfolio: Showcasing My Journey and Projects 💖

ANIRUDDHA ADAK -