i am using keycloak in my client application for Authentication and Authorization purpose. I configured the keycloak Tokens under Relams settings as below
SSO Session Idle - 8 - Hours
SSO Session Max - 10 - Hours
Access Token Lifespan - 5 - Minutes
Access Token Lifespan For Implicit Flow - 15 - Minutes
Client Session Idle - 0 Minutes
Client Session Max - 0 Minutes
Since the life span of the Access token is 5 minutes, my assumption is that the token i am using in client app should be valid for 5 minutes of duration, But the token is expiring even before this 5 minutes of time. (exactly after 4minutes 15 seconds).
when i try to access any of the backend APIs, the validation fails with an error as below
WWW-Authenticate: Bearer error="invalid_token", error_description="An error occurred while attempting to decode the Jwt: Jwt expired at 2023-06-01T13:09:09Z", error_uri="https://tools.ietf.org/html/rfc6750#section-3.1"
why are the tokens getting invalid even before the expiry duration ? and how to resolve this ?