While validating claim obtained from the azure b2c token using PKCE flow, the nbf claim is actually greater than the current time(the server time) . I am getting b2c token after validation from custom policy and the b2c token is being validated on the api server running on the azure container app. The following java code is being used to validate the nbf claim:-
private boolean isTokenMature(DecodedJWT jwt) {
Long nbf = jwt.getClaim("nbf").asLong();
Long now = System.currentTimeMillis() / 1_000;
return nbf < now;
}
Could you please explain why the token is failing to validate? Is this the difference between the api server timezone(TZ) and the b2c server TZ and if so, how to find the b2c server's TZ (although the b2c token uses epoch time which is irrespective of the TZ and epoch time calculated in US would be same as that in Japan at any given instant)?