<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeCommunityForum
0D54z00007rG5bFCASOkta Classic EngineAuthenticationAnswered2026-01-06T09:00:47.000Z2022-07-29T17:28:30.000Z2022-08-10T07:44:59.000Z

ruhaq (ruhaq) asked a question.

July 29, 2022 at 5:28 PM
The client_assertion token has already been used

We are generating client_assertion token and passing it to oauth2/v1/token endpoint.

We are getting access_token.

 

When we try again to hit oauth2/v1/token again after few seconds with different client_assertion token it fails with below error.

 

{

    "error": "invalid_client",

    "error_description": "The client_assertion token has already been used."

}

 

When we try after 1/2 mins it works and start failing again for few mins.

  • 3 answers
  • 709 views

  • ErikM.26381 (Developer Support)

    Hello,

     

    If this is the behavior you are seeing please open a support case so we can get your Org details and research our backend logs.

  • RobertT.93075 (Customer)

    I resolved this same problem by not re-using the same "jti" field value in the JWT I was creating to send to the oauth2/v1/token endpoint.

  • ruhaq (ruhaq)

    Thank you, Robert. It worked for me as well. Okta should take note of this and update their documentation accordingly.😀

This question is closed.
Loading
The client_assertion token has already been used