https://xsts-keys.auth.xboxlive.com/psskeys is returning expired signing keys

Jingchen Wu 0 Reputation points
2024-11-18T16:44:46.56+00:00

Hello!

We've noticed that https://xsts-keys.auth.xboxlive.com/psskeys sometimes returns expired keys and we're currently unable to verify some tokens because they're signed by some other keys we're unable to retrieve.

e.g. I've just sent a request to this API and the first key I've got is:

{
      "nbf": 1731802803,
      "exp": 1731946803,
      "tie": 1731889203,
      "iat": 1731795606,
      "n": "...",
      "e": "AQAB",
      "alg": "PS256",
      "kid": "031beff8-e3da-435b-b522-d772b3592666",
      "kty": "RSA",
      "use": "sig"
    },
		

the exp field says that the key expires at Mon Nov 18 2024 16:20:03 GMT+0000 and I sent the request at 16:40 18th November GMT.

This API worked perfectly until Wednesday last week, and we started seeing this issue since then.

Microsoft Partner Center
Microsoft Partner Center
A Microsoft website for partners that provides access to product support, a partner community, and other partner services.
1,028 questions
{count} votes

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.