Forum Discussion
PhilippeG
Mar 01, 2022Nimbostratus
OAuth JWT signature check but not expiration date
We implemented oAuth with JWT in an API protection profile for a mobile app and it's working fine when Signature is validated and we are in the token time range (iat/exp).
We have now a special case where users can arrive with a valid JWT (signed) but outsite the validity of it (after exp date) and we would in this case redirect them to re-login or request a new JWT.
Is there a way to only validate the signature (and not the date) and allow restricted access ?
No RepliesBe the first to reply
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects