Hi –
I recently came across an issue where a user had an incorrect time zone on their machine. Their client and server time did not match and therefore the current time was always past the expiry time of the token.
However, even when I look into okta-auth-js code it seems as if the client time is being used here as well: okta-auth-js/validateClaims.ts at 1263546ef236f95420025bc2e25ac1b11378d120 · okta/okta-auth-js · GitHub
Is there any way to circumvent this and ensure the user is using the correct time?