04-13-2022 10:28 AM
I’m using the DuoUniversal C# SDK. Everything works fine most of the time. But intermittently, the call to Client.ExchangeAuthorizationCodeFor2faResult() throws an error because the call to the /oauth/v1/token API has returned a 400 Bad Request response code. My computer clock is accurate. What might cause it to intermittently fail like this?
Solved! Go to Solution.
04-19-2022 09:16 AM
Update: was a bug in the C# client library. Apparently there will be a fixed version 1.1.1 available shortly!
04-14-2022 08:59 AM
Some more info. I ran the client library in source (from Github) and found the HTTP 400 error response from the API has the following body:
{“error”: “invalid_client”, “error_description”: “Invalid Client assertion: Token used before nbf.”}
But as I said, my computer clock on my web server is accurate.
It looks like the client library generates a JWT to pass to the API with a nbf field set to exactly the current time on the web server. Which would mean that if the web server’s time is even a second ahead of the Duo API server’s time, the Duo API would reject the call… that can’t be right, can it?
04-19-2022 09:16 AM
Update: was a bug in the C# client library. Apparently there will be a fixed version 1.1.1 available shortly!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide