0 Replies Latest reply on Jun 19, 2020 4:13 AM by Deblina_HPE

    Clock Tolerance -Single Sign-On Token Policy

    Deblina_HPE Lurker

      Hi,

      We have few doubts on Clock Tolerance  in Vmware SSO as below

       

      1.From our application we are calling SSO "Issue token" API and we are getting a bearer token; without any lifetime parameter input.

      2.we try to validate the token using "validate" API in a guest vm

      3.the clock tolerance of the setup is 10 minutes

       

      Observation:

      the token is valid when guest vm is faster than VCSA within 10 mins range

      VCSA-3 p.m. IST and Guest Vm is 3.08 pm IST

       

      the token is invalid when guest vm is slower than VCSA within 10 mins range

      VCSA-3.08 p.m. IST and Guest Vm is 3.00 pm IST

       

      How does clock tolerance works in this scenario?