Token must be a short-lived token and in a reasonable timeframe

Question

I am having the same error as this. In my case it is happening when the app is trying to upload a file via Google Cloud Client API.

POST https://www.googleapis.com/oauth2/v4/token
400 Bad Request
Invalid JWT: Token must be a short-lived token and in a reasonable timeframe

How I load the token is reading a service-account json file, and attach it to CURLOPT_HTTPHEADER in PHP. It did work properly for the past one month, so I am guessing that Google changed the way of authorization.

Has anyone faced & solved this?

Answer 1

I stumbled upon the same issue at roughly the same time, so I expected a generic bug of Google but here is what had happened on my computer :

raise HttpAccessTokenRefreshError(error_msg, status=resp.status)
oauth2client.client.HttpAccessTokenRefreshError: invalid_grant: Invalid JWT: Token must be a short-lived token and in a reasonable timeframe

was caused in my case by a poor synchronisation of the computer's clock where the code was executed that had a lag of 5 minutes (due to a faulty battery for the internal clock). It started working again when I manually changed the internal time of my computer to the correct one.

This solution was mentionned here, but not with the full error message

Answer 2

I had the same issue, I found that my server was delayed by 8 minutes. I configurated the NTP server and magically it was solved

Answer 3

For those getting that error for a containerized app and ending up here,

I had the same issue when using my token from a containerized app. Rebooting Docker Desktop (Windows) did it for me.

I had this setup for weeks before getting that issue for the first time.

Answer 4

Same problem encountered....manually reset my computer's clock to the current time....problem resolved.