Title: JWT Time Threshold Issue
Last modified: September 18, 2018

---

# JWT Time Threshold Issue

 *  Resolved [jjepsilon](https://wordpress.org/support/users/jjepsilon/)
 * (@jjepsilon)
 * [7 years, 8 months ago](https://wordpress.org/support/topic/jwt-time-threshold-issue/)
 * Hello,
 * My company recently had an issue occur where our server clock lapsed due to a
   power cycle and we lost the ability to login to WordPress via Auth0. Although
   I was able to correct our server clock, we still had issues logging in.
 * We received the error ‘Invalid ID token (used too early)’ (and after I traced
   the error to file: /auth0/lib/php-jwt/Authentication/JWT.php, the error occurring
   was: ‘Cannot handle token prior to (iat)’).
 * I was able to fix this issue by increasing the number of seconds “15” to “60”
   in the following if statement on line 89 of JWT.php: (if ( isset( $payload->iat)&&
   $payload->iat > time() + 15 ))
 * Changing 15 seconds to 60 seconds fixed our issue because the time threshold 
   allowance was corrected, however this fix will be wiped the next time we update
   the plugin.
 * Would it be possible to add some sort of feature to the plugin where we could
   alter the time allowance threshold without having to hard-code it?
 * Please let me know.
 * Thanks!
 * JJ
    -  This topic was modified 7 years, 8 months ago by [jjepsilon](https://wordpress.org/support/users/jjepsilon/).
    -  This topic was modified 7 years, 8 months ago by [jjepsilon](https://wordpress.org/support/users/jjepsilon/).

Viewing 1 replies (of 1 total)

 *  [Josh C](https://wordpress.org/support/users/auth0josh/)
 * (@auth0josh)
 * [7 years, 8 months ago](https://wordpress.org/support/topic/jwt-time-threshold-issue/#post-10701250)
 * Hi [@jjepsilon](https://wordpress.org/support/users/jjepsilon/),
 * We use the [Firebase PHP JWT library](https://github.com/firebase/php-jwt) but
   it looks like we’re a version or two behind. The newest version allows the leeway
   to be set with a static variable:
 * [https://github.com/firebase/php-jwt/blob/master/src/JWT.php#L30](https://github.com/firebase/php-jwt/blob/master/src/JWT.php#L30)
 * I’ll make a note to update that library in the next version of the plugin so 
   that doesn’t have to be hard-coded. Marking this as complete for now, look for
   the change in v3.8.0 coming out in a few weeks.
 * Thanks!

Viewing 1 replies (of 1 total)

The topic ‘JWT Time Threshold Issue’ is closed to new replies.

 * ![](https://ps.w.org/auth0/assets/icon-256x256.png?rev=3351758)
 * [Login by Auth0](https://wordpress.org/plugins/auth0/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/auth0/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/auth0/)
 * [Active Topics](https://wordpress.org/support/plugin/auth0/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/auth0/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/auth0/reviews/)

 * 1 reply
 * 2 participants
 * Last reply from: [Josh C](https://wordpress.org/support/users/auth0josh/)
 * Last activity: [7 years, 8 months ago](https://wordpress.org/support/topic/jwt-time-threshold-issue/#post-10701250)
 * Status: resolved