JWT claims.Expiration and local client time

Czech_Tomasz · September 12, 2024, 10:21am

Hi,

Question concerning this situation. I have XDATA Rest server with set to AccessToken
claims.Expiration := IncMinute(now, 20);

From the browser/client side I would have the opportunity to check if the token expired before run the xdata rest service function.

When I get from existing Token claim Expiration time it is local time set on the server ... but our client e.g. has different time zone. In this case should I during Token creation add extra claim e.g. like this

JWTAccessToken.Claims.SetClaimOfType<string>('TokenExpiration', DateToISO8601(JWTAccessToken.Claims.Expiration));

or I'm able to change the existing claims.Expiration to client local time?

wlandgraf · September 12, 2024, 5:34pm

The 'exp' claim in JWT is already in Unix time, which means it's UTC. So there is no need for an extra claim.

It's not clear what your JWTAccessToken.Claims.Expiration is, so I can't tell if Expiration returns the value in UTC or local time zone.

If it's UTC, just use TTimeZone.Local.ToLocalTime to convert it to your local time zone.

Czech_Tomasz · September 13, 2024, 7:49am

Ok ... thank you ... now everything is clear.

system · September 14, 2024, 7:50am

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.