Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions

OAuth JWT signature check but not expiration date

PhilippeG
Nimbostratus
Nimbostratus

‎01-Mar-2022 06:29

We implemented oAuth with JWT in an API protection profile for a mobile app and it's working fine when Signature is validated and we are in the token time range (iat/exp).

We have now a special case where users can arrive with a valid JWT (signed) but outsite the validity of it (after exp date) and we would in this case redirect them to re-login or request a new JWT.

Is there a way to only validate the signature (and not the date) and allow restricted access ?

Labels:
0 Kudos
0 REPLIES 0
Copyright © 2023 Khoros, LLC