No examples on how to set expiry of token

[neogeno]

If I set a standard claim "exp" in my JWE token with expiry date in the past it doesn't seem to make any difference. Other libraries will throw an error saying the token has expired? What is the correct usage in this library to specify token expiry?

[rohe]

I'm not sure I get the question.
Creating a JWE token with an "exp" claim that is in the past is possible to do.
The "exp" claim is only verified when the payload is verified. So it's not part of verifying a signature or doing a decryption.

[neogeno]

I mean when I decrypt the token and verify the signature of such a JWE there is no error saying the token has expired. I am still able to view the payload as normal. So do you mean I have to manually check the value of the exp claim to see if the token has expired or not? Pyjwt for example will raise an error when decoding/verifying such tokens if the JWT is expired .

[aksh-gupta]

@neogeno Were you able to set exp in JWE or you implemented the expiration of token manually?

[neogeno]

Had to write a seperate check