Forum / Devolutions Password Server - Support

Token Expired using SSO - Office 365

  • Create an Issue
  • Cancel

When logging into our Password Server using our SSO from Office 365 we get these errors:

SecurityTokenExpiredException - IDX10223: Lifetime validation failed. The token is expired. ValidTo: '04/29/2019 15:44:58', Current time: '04/30/2019 06:12:08'. at Microsoft.IdentityModel.Tokens.Validators.ValidateLifetime(Nullable`1 notBefore, Nullable`1 expires, SecurityToken securityToken, TokenValidationParameters validationParameters) at System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateLifetime(Nullable`1 notBefore, Nullable`1 expires, JwtSecurityToken jwtToken, TokenValidationParameters validationParameters) at System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateTokenPayload(JwtSecurityToken jwtToken, TokenValidationParameters validationParameters) at Devolutions.Server.TokenValidationHandler.d__9.MoveNext() --- Login

We do get logged logged in but every time an error gets reported. Is there a way to extend this token's lifetime?

Clock5 mths

Hello,

What Devolutions Password Server version are you using?

Best regards,



Érica Poirier

signaturesignature

Clock5 mths

Version 6.1.3.0

Clock5 mths

Hello,

Thank you for the information.

Are you using only the DPS web interface or you are connecting to it using Remote Desktop Manager?

The only configurable token value is the Token Valid Time in Administration - Password Server Settings - Advanced but I don't think this one will have an impact on that error message. Here is the online help page about that parameter.
https://helpserver.devolutions.net/webinterface_advanced.htm

Best regards,



Érica Poirier

signaturesignature

Clock5 mths

Erica,

No, that doesn't seem to be the setting.

We are using Password vault manager enterprise edition v10.0.0.0 64bit version.

Jelte

Clock5 mths

Hello,

We have been able to reproduce your issue and a ticket has been submitted to our engineering department. The internal ticket number is DPS-3084. The error will not impact the PVM and DPS functionality.

About your Password Vault Manager v10, if you haven't read the following blog article, this could be an interesting offer as PVM being phased out, we’ve decided to replace PVM with RDM for free!
https://blog.devolutions.net/2019/03/important-announcement-password-vault-manager-now-fully-integrated-in-remote-desktop-manager

Best regards,



Érica Poirier

signaturesignature

Clock5 mths

We still get these errors when logging into Devolutions Password Server's web portal using Office 365 login.

"
The following error was received by at 7/22/2019 9:55:01 AM
Error:
SecurityTokenExpiredException - IDX10223: Lifetime validation failed. The token is expired. ValidTo: '07/18/2019 15:11:02', Current time: '07/22/2019 07:55:01'. at Microsoft.IdentityModel.Tokens.Validators.ValidateLifetime(Nullable`1 notBefore, Nullable`1 expires, SecurityToken securityToken, TokenValidationParameters validationParameters) at System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateLifetime(Nullable`1 notBefore, Nullable`1 expires, JwtSecurityToken jwtToken, TokenValidationParameters validationParameters) at System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateTokenPayload(JwtSecurityToken jwtToken, TokenValidationParameters validationParameters) at Devolutions.Server.TokenValidationHandler.d__14.MoveNext() --- Login
Source:
Microsoft.IdentityModel.Tokens

"

Do you know if there's a solutions or explenation for this?

Clock2 mths


Hello,

Are you still using DPS version 6.1.3?

Do you get this error message even on recent connections to the DPS instance?

Best regards,



Érica Poirier

signaturesignature

Clock2 mths


Hello,

Could you please check if the machine on which the DPS is hosted is on the same time zone as the one you have on your local computer?

If it's the same, are both clocks are synchronized?

That is maybe two causes why you still get that expired token error message.

Best regards,



Érica Poirier

signaturesignature

Clock2 mths

We upgraded our version to 2019.1.17.0 with no difference in the error.

Time on all machines is exact the same.

Strange this is that the difference between Valid to and current time is always exactly 4 days.

. The token is expired. ValidTo: '07/18/2019 15:11:02', Current time: '07/22/2019 07:55:01'.

Clock2 mths


Hello,

Thank you for the information.

Everything we could find online regarding this Office365 error is related to unsynchronized clocks between the server and the client. They must be set on the same time zone, same date and same hour. Another thing that could cause the issue is there is still invalid information in the browser cache.

Could you please clear your browser cache? If you are using RDM, please clear the local cache file using CTRL+F5.

Let me know if the issue still exist.

Best regards,



Érica Poirier

signaturesignature

Clock2 mths