<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeKnowledge Base
Okta Verify Logs Showing the Error "Authorization Error: ID Token expired"
Oct 6, 2025
Multi-Factor Authentication
Okta Identity Engine
Overview

This article offers a solution for the situations in which:

  • An end user cannot enroll in Okta FastPass (Okta Verify app on Desktop) even after uninstalling/reinstalling the Okta Verify App.
  • End users are experiencing a FastPass looping issue.
  • An end user sees the error Something went wrong... repeatedly with FastPass (Okta Verify app on Desktop).
  • Enrollment of Okta Verify for Windows is successful, but they are unable to authenticate due to the error:

 Authentication of user via MFA results in FAILURE with Reason: INVALID CREDENTIALS.

 

To troubleshoot those issues: 

  1. Check if the Okta System Log shows: 

Reason:INVALID_CREDENTIALS
Result:FAILURE
Factor:SIGNED_NONCE

  1. Collect Okta Verify Logs from Desktop (macOS / Windows) and check if Okta Verify Logs contain these errors:

[OktaWebRequest.SendMessageAsync]: Call to https://[domain].okta.com/api/v1/authenticators?key=okta_verify&expand=methods failed with Unauthorized. Request ID: <requestid>

or

 {🛑 "OIDC Auth": {"message": "Oidc auth error occurred, Error: api(message: "Authorization Error: ID Token expired", underlyingError: Optional(Error Domain=org.openid.appauth.general Code=-15 "ID Token expired" UserInfo={NSLocalizedDescription=ID Token expired})) Description: Authorization Error: ID Token expired"


 

Applies To
  • Multi-Factor Authentication (MFA)
  • Okta Identity Engine (OIE)
  • Okta Verify/FastPass
Cause
  • The time in BIOS is not set to automatic sync.
  • Clock Skew Interval.
Solution

Please ensure the end user's device has the clock set to automatic sync. Changing the time in the BIOS to the correct time should work.

For Windows users:

  1. Open the Start menu and click Settings.
  2. Click Time & Language on the Settings dialog box.
  3. Scroll down to the Related Settings section and click Additional date, time & regional settings.
  4. The Clock and Region screen in the Control Panel displays.
  5. Click Date and Time.
  6. Click the Internet Time tab on the Date and Time dialog box.
  7. Click Change settings.
  8. On the Internet Time Settings dialog box, check the Synchronize with an Internet Time server box.
  9. Select a Server from the drop-down list.
  10. If the server is not listed, type the name of an Internet time server. The time servers can be found on Microsoft’s site.
  11. Click Update now.

Date and time

 Internet settings                        

                                           

For macOS Users:

  1. On the Mac, choose Apple menu > System Settings, click on  General in the sidebar, then click Date & Time on the right (scroll down if needed).
  2. Turn on Set time and date automatically, click Set, then enter a network time server for the region.
  3. Turn on Set time zone automatically using current location.

              Date and time 

Recommended content

Still looking for help?
Loading
Okta Verify Logs Showing the Error "Authorization Error: ID Token expired"