+ Start a Discussion
Shraddha NayakShraddha Nayak 

Able to authenticate using JWT token for expired X509 certificate

I am using JWT token based authentication to Salesforce for authentication for my platform user. I have uploaded a self signed X509 certificate as digital signature for the connected app. My certificate has been expired as per the date shown in details on digital signature i.e. it has been expired on 5th April, 2018. But I am still able to authenticate users with the same certificate using the JWT token based authentication flow. How this is happening? Should the authentication request be failed? Does salesforce ignore the expiry date of certificate for JWT token based authentication? Please help
Raghu RamanujamRaghu Ramanujam
Hi,

Did you get any answers to this ?
Have the same query..
Thanks,
Raghu
Dragan VujnovicDragan Vujnovic

Seems like not enforced - the full answer is here:
https://salesforce.stackexchange.com/questions/313488/do-expired-certificates-for-salesforce-connected-applications-block-connections

KR,
Dragan
Maven Mule (https://www.mavenmule.com)