JWT/AD IAT value is off by more than 3 minutes

2 Comments

  • Longathrow
    Comment actions Permalink

    For anyone having problems with this code and the server time being out, you will need to modify the utils.asp file to adjust for timezone difference.  Zendesk servers are in UTC time, if your server isn't in UTC, then it will pass back the incorrect time and not authenticate with an error of "The supplied iat value is more than 3 minutes off, check your server clock."

    To fix this find the following lines

    dtmAdjusted = DateAdd("n", lngBias, dtmDateValue)
    dtmAdjusted_date = dtmAdjusted

    And modify it to the following, making sure you adjust the X in DateAdd("h", X, dtmAdjusted), to how ever many hours you are in front of behind UTC time.

    dtmAdjusted = DateAdd("n", lngBias, dtmDateValue)
    dtmAdjusted_timeshift = DateAdd("h", X, dtmAdjusted)
    dtmAdjusted_date = dtmAdjusted_timeshift

    So an example for Sydney, Australia would be -18

    dtmAdjusted = DateAdd("n", lngBias, dtmDateValue)
    dtmAdjusted_timeshift = DateAdd("h", -18, dtmAdjusted)
    dtmAdjusted_date = dtmAdjusted_timeshift

    I also had a small stumbling block when trying to login as an agent, with agents with multiple sign in options, Zendesk would have another fit.  So test the login with an end-user instead.

    0
  • Brett - Community Manager
    Comment actions Permalink

    Thanks for taking the time to share this with everyone Longathrow!

    0

Please sign in to leave a comment.

Powered by Zendesk