failing in verifyIdToken() with kid

[jun]

Sometimes firebase verifyIdToken() response error are like below. I'm using firebase admin SDK with node.js.

(bearer authorize deny:Firebase ID token has \"kid\" claim which does not correspond to a known public key. Most likely the ID token is expired, so get a fresh token from your client app and try again. See https://firebase.google.com/docs/auth/admin/verify-id-tokens for details on how to retrieve an ID token.)

so, I decode token with JWT and find kid which start with '0096ad...' that included in google public keys.

What wrong with this token?

[Kato Richardson]

Hi Jun,

The likely answer is that it you are sending a client token to the server and storing it there, and it has expired before being used. Tokens expire after about 30m and need to be refreshed. So if you're sending the token from a client and it's close to that deadline, you'll want to refresh it and send to the server again. There are some API methods like addTokenIdListener to help you detect changes on the client and you can pass a boolean to getIdToken to force a refresh if you know it's close to the 30m mark. 

☼, Kato

--
You received this message because you are subscribed to the Google Groups "Firebase Google Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to firebase-tal...@googlegroups.com.
To post to this group, send email to fireba...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/firebase-talk/6b6f4968-dfe6-4d4f-96de-93f3091e3df8%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

--

Kato Richardson |

Developer Programs Eng |

kato...@google.com |

775-235-8398