Introduction
When you encounter the message "Token failed verification: expired," it indicates that the JSON Web Token (JWT) you are using is no longer valid.
Here’s how you can verify the expiration date of your token.
Understanding JWT Structure
JWTs consist of three parts separated by dots:
- Header
- Payload
- Signature
To diagnose the expiration issue, we'll focus on the Payload part, which contains the expiration data.
Decoding the JWT
To decode the JWT and extract its components, you can manually decode each section or use online tools like JWT.io .
Example JWT:
Header: eyJ2ZXIiOiIyIiwidHlwIjoiSldUIiwiYWxnIjoiUlMyNTYiLCJraWQiOiJOY3pMXzV4ejFJQ1JObHRlR2Y2NENJOHhuT080cHhuZk0tTnJNZEJkX1BnIn0 Payload: eyJleHQiOiJ7XCJyZXZvY2FibGVcIjpcInRydWVcIn0iLCJzdWIiOiJqZmFjQDAxaGZxMjZyMmRyank5MWYwdjY2dDgxMTcxXC91c2Vyc1wvYWRtaW4iLCJzY3AiOiJhcHBsaWVkLXBlcm1pc3Npb25zXC91c2VyIiwiYXVkIjoiKkAqIiwiaXNzIjoiamZmZUAwMDAiLCJleHAiOjE3MzIwNDM0ODIsImlhdCI6MTcwMDUwNzQ4MiwianRpIjoiMDVkOGM5NjUtN2E0Yy00MWM4LWE4ODItYzBjYzRjNjkxOTI5In0 Signature: v4_sj8p5PtfmU6erld25ec-jd3I2V9Tro9NUkX6P1EA20Oj2eQDhhpt-xKEchI6q72kncMlHfzKJzlMYTvIweV7zGraWj1vAJ4y7URfaYErCu5j2iFaosoR-_soeucovHg9cZlM0SGVYTjSBcgYoJQZVTMuEX2VkVJz3Rb5zpzGkYIBRcrZfRPE8BAOyKaStlgDCLOY5lO0NcwIOKrXU-m8Z6G0LMK-TYhD2hNmhuZEINWneM7PK1KgSmulgHI2VbSbyTG9G_D2rQSqIAkD06iZ4KbL21nl5ja1M9Lt7lvVbGvL3hcN0G-BIejMIRv7tDLwP1QSWcsGNw_S83IqUYQ
Decode the Payload:
You can decode the payload using the following the base64 command (assuming you have the payload string):
echo "eyJleHQiOiJ7XCJyZXZvY2FibGVcIjpcInRydWVcIn0iLCJzdWIiOiJqZmFjQDAxaGZxMjZyMmRyank5MWYwdjY2dDgxMTcxXC91c2Vyc1wvYWRtaW4iLCJzY3AiOiJhcHBsaWVkLXBlcm1pc3Npb25zXC91c2VyIiwiYXVkIjoiKkAqIiwiaXNzIjoiamZmZUAwMDAiLCJleHAiOjE3MzIwNTcxNTEsImlhdCI6MTcwMDUyMTE1MSwianRpIjoiYjEyOWVkYTktZmEzNC00ZjZhLWIxNjktOWIwNzk0ZmJkMGY0In0" | base64 -d
This will output a JSON object that includes various claims, including the exp (expiration) value.
Finding the Expiration Date
Once you have the decoded payload, locate the exp field, which indicates the expiration time in Unix epoch format.
For example:
"exp": 1732057151
Converting the Expiration Time
To convert the Unix epoch timestamp to a human-readable date, you can use an online epoch converter, such as Epoch Converter.
Alternatively, use the following command in your terminal:
date -r <epoch_time>
Replace <epoch_time> with the expiration time you obtained.
Example:
date -r 1732057151
Output:
Tue Nov 19 14:59:11 PST 2024
Conclusion
By following these steps, you can effectively verify the expiration date of a JWT that is failing verification due to being expired. If you continue to face issues, consider refreshing your token based on your application's authentication strategy.