I’ve spent hours trying to figure out why the jwt verification fails in my react app when using the implicit grant flow. the token is generated via the platform sdk, but my custom validation logic rejects it immediately.
const verify = (token) => {
const payload = jwt.decode(token);
if (payload.exp < Date.now() / 1000) throw new Error('expired');
};
the error is jwt expired despite the token being fresh. is there a specific claim i need to check for implicit grants versus client credentials?