How to handle CredentialsExpiredException in my Spring boot connect App

Hi Experts,

I am using the spring boot connect app and if JWT token is expired then I am getting below exception and the default API response is below.


20-07-09 14:53:23.475   [ERROR] --- [http-nio-8080-exec-1] com.atlassian.connect.spring.internal.auth.jwt.JwtAuthenticationProvider:172 - JWT expired at Thu Jul 09 13:24:29 IST 2020 and time is now Thu Jul 09 14:53:23 IST 2020 (30 seconds leeway is allowed)
2020-07-09 14:53:23.478   [WARN ] --- [http-nio-8080-exec-1] com.atlassian.connect.spring.internal.auth.jwt.JwtAuthenticationFilter:72 - Failed to authenticate request JWT expired at Thu Jul 09 13:24:29 IST 2020 and time is now Thu Jul 09 14:53:23 IST 2020 (30 seconds leeway is allowed)
        at com.atlassian.connect.spring.internal.auth.jwt.JwtAuthenticationProvider.verifyToken( ~[atlassian-connect-spring-boot-core-2.0.6.jar:?]
        at com.atlassian.connect.spring.internal.auth.jwt.JwtAuthenticationProvider.authenticate( ~[atlassian-connect-spring-boot-core-2.0.6.jar:?]
        at ~[spring-security-core-5.2.2.RELEASE.jar:5.2.2.RELEASE]
        at ~[spring-security-core-5.2.2.RELEASE.jar:5.2.2.RELEASE]
        at$AuthenticationManagerDelegator.authenticate( ~[spring-security-config-5.2.2.RELEASE.jar:5.2.2.RELEASE]
        at com.atlassian.connect.spring.internal.auth.jwt.JwtAuthenticationFilter.doFilterInternal( [atlassian-connect-spring-boot-core-2.0.6.jar:?]
        at org.springframework.web.filter.OncePerRequestFilter.doFilter( [spring-web-5.2.5.RELEASE.jar:5.2.5.RELEASE]
    "status": 401,
    "error": "None",
    "message": "No message available",
    "timeStamp": "Thu Jul 09 14:53:23 IST 2020"

How to handle this CredentialsExpiredException exception in my code?
I used ResponseEntityExceptionHandler but it is not working.

@dchouksey89, that exception is thrown by the JWT authentication middleware when handling an incoming request with an expired JWT token. You cannot handle it in your application code beyond disabling JWT authentication.

There may be different reasons for you receiving an expired JWT token. Sometimes customers’ browsers can attempt to reload iframes with stale URLs. It could also be due to clock skew on your system.

1 Like

Hi @epehrson,

Is there any way to handle this exception and send customize error message?

    "status": 401,
    "error": "None",
    "message": "JWT token has expired",
    "timeStamp": "Thu Jul 09 14:53:23 IST 2020"

@dchouksey89, I had a quick look at this, and I think there are multiple ways to accomplish it. I’m sure atlassian-connect-spring-boot could be improved to make this kind of customization easier and enable a more elegant solution, but here is one that seems to work.

server.error.path: /my-error
public class MyErrorController extends AbstractErrorController {

    private static final String PATH = "/my-error";

    public MyErrorController(ErrorAttributes errorAttributes) {

    public String getErrorPath() {
        return PATH;

    @RequestMapping(value = PATH)
    public String error(HttpServletRequest request, HttpServletResponse response) {
        Exception authenticationException = (Exception) request.getAttribute(WebAttributes.AUTHENTICATION_EXCEPTION);
        return authenticationException.getMessage();

Hi @epehrson

Ohh nice thanks for the sample code.:grinning: