express-jwt icon indicating copy to clipboard operation
express-jwt copied to clipboard

Published 20 hours ago verified publisher icon auth0

Support clock skew

Open SanPangGitHub opened this issue 9 years ago • 2 comments

  1. Does the lib support clock skew? So I could validate the JWT by adding small leeway for nbf.
  2. Does the clock skew should always be handled in validation side, not issue side?

SanPangGitHub avatar Oct 14 '16 09:10 SanPangGitHub

1 - not explicitly that I'm aware of 2 - the clock skew is typically done at the receiving end (how it looks in java)

timelf123 avatar Nov 03 '16 14:11 timelf123

It is actually supported via the 'clockTolerance' option. All options are are delegated to https://github.com/auth0/node-jsonwebtoken which implements this skew feature.

Cooke avatar Sep 08 '17 15:09 Cooke