DEV Community

Mark Nefedov
Mark Nefedov

Posted on

Dotnet authentication clock skew.

#webdev #dotnet #auth #discuss

If you use dotnet JWT authentication check your TokenValidationParameters, and make sure you have set ClockSkew to reasonable values. By default, it is set to 300 seconds (5 minutes). That make your JWT tokens valid for extra 5 minutes.

/// <summary>
        /// Gets or sets the clock skew to apply when validating a time.
        /// </summary>
        /// <exception cref="ArgumentOutOfRangeException">If 'value' is less than 0.</exception>
        /// The default is <c>300</c> seconds (5 minutes).
        [DefaultValue(300)]
        public TimeSpan ClockSkew
        {
            get
            {
                return _clockSkew;
            }

            set
            {
                if (value < TimeSpan.Zero)
                    throw LogHelper.LogExceptionMessage(new ArgumentOutOfRangeException(nameof(value), LogHelper.FormatInvariant(LogMessages.IDX10100, LogHelper.MarkAsNonPII(value))));

                _clockSkew = value;
            }
        }
Enter fullscreen mode Exit fullscreen mode

Top comments (0)

Read next

andrewkangg profile image

With your .env, project, and a single Dockerfile, simply run 'bash run.sh'.

Andrew Kang-G -

scofieldidehen profile image

Thursday Quiz

Scofield Idehen -

juarezasjunior profile image

Simplifying HTTP Calls with Refit

Juarez Júnior -

nate10 profile image

Performance Analysis of JSON, Buffer / Custom Binary Protocol, Protobuf, and MessagePack for Websockets

nate10 -