Showing posts from July, 2019

AspNet Core JWT Authentication ValidateLifetime "The token has no expiration"

Found a "bug" within aspnet core JWT Authentication and thought I'd write something up since I could not find much info online.

Found the answer here, but it's not easy to find:

Essentially, if you create a valid JWT with an expiration time after the year 2038, the default aspnet core JWT Auth will determine that it is invalid saying, "The token has no expiration".

The solution is to create a JWT with an expiration time after "now" but before the year 2038.

Hope this helps,