DEV Community

Mark Nefedov
Mark Nefedov

Posted on

Dotnet authentication clock skew.

#webdev #dotnet #auth #discuss

If you use dotnet JWT authentication check your TokenValidationParameters, and make sure you have set ClockSkew to reasonable values. By default, it is set to 300 seconds (5 minutes). That make your JWT tokens valid for extra 5 minutes.

/// <summary>
        /// Gets or sets the clock skew to apply when validating a time.
        /// </summary>
        /// <exception cref="ArgumentOutOfRangeException">If 'value' is less than 0.</exception>
        /// The default is <c>300</c> seconds (5 minutes).
        [DefaultValue(300)]
        public TimeSpan ClockSkew
        {
            get
            {
                return _clockSkew;
            }

            set
            {
                if (value < TimeSpan.Zero)
                    throw LogHelper.LogExceptionMessage(new ArgumentOutOfRangeException(nameof(value), LogHelper.FormatInvariant(LogMessages.IDX10100, LogHelper.MarkAsNonPII(value))));

                _clockSkew = value;
            }
        }
Enter fullscreen mode Exit fullscreen mode

Top comments (0)

Read next

izyus profile image

Please check my portfolio

Yakov Levin -

gabrielsenadev profile image

Frontend Challenge: Animated Globe CSS Art: Earth Day

Gabriel Sena -

ajinm profile image

Unlocking Cloudflare's Threat Score: Enhance Your Security Without Upgrading Your Plan

ajinm98 -

anmolbaranwal profile image

30+ app ideas with complete source code

Anmol Baranwal -