error: client_assertion token has an expiration too far into the future

[gabrielsroka]

Okta node sdk sets expiration for 5 minutes: https://github.com/okta/okta-sdk-nodejs/blob/895d48c9bf4e2e1d0d2fadcf0a84cc550e301851/src/jwt.js#L72-L84

whereas Python uses 60 minutes: https://github.com/okta/okta-sdk-python/blob/700c5f11bc30f661ee945ce5d2c7a4c044e49288/okta/jwt.py#L114-L122

i frequently get

okta-sdk-python - http_client - ERROR - {'message': "HTTP 401 {'error': 'invalid_client', 'error_description': 
'The client_assertion token has an expiration too far into the future.'}"}

errors on Python, but never on node. i set my clock using time.windows.com, but it's usually 1 sec fast

[gabrielsroka]

one hacky workaround is to modify the variable:

okta.jwt.JWT.ONE_HOUR -= 5 # allow 5 seconds of clock skew