TeamsFixer
de en
AADSTS500133 Severity: Medium

Token timestamp not within valid range

Your device clock is too far off from Microsoft. Auth tokens have tight time tolerances, so a wrong system clock causes immediate rejection.

Last verified:

Affected systems

windows macos ios android

Symptoms

  • AADSTS500133 with 'assertion is not within its valid time range'
  • Often appears after traveling between time zones
  • Other Microsoft apps show the same

Possible causes

  • System time off by more than 5 minutes from real UTC
  • Wrong time zone
  • Automatic time sync disabled
  • BIOS/CMOS battery dead (old hardware)

Solutions

1.Enable automatic time sync

Windows

  1. Settings → Time and Language → Date and Time

  2. Enable 'Set time automatically' and 'Set time zone automatically'

  3. Click 'Sync now'

macOS

  1. System Settings → General → Date and Time

  2. Enable 'Set date and time automatically'

  3. Set time zone to 'Automatic'

iOS

  1. Settings → General → Date & Time

  2. Enable 'Set Automatically'

Android

  1. Settings → System → Date and time

  2. Enable 'Automatic date and time'

2.Check BIOS time

Windows

  1. Boot into BIOS (typically F2, F12, or Del).

  2. Check current time - if far off, BIOS battery may be dead.

  3. Correct BIOS time, save, boot.

  4. If drift recurs: vendor service for battery replacement.

Background

Microsoft Entra tokens contain nbf (not-before) and exp (expiration) timestamps. If your local clock is outside this window, the server rejects the token immediately. Tolerance is typically 5 minutes in either direction.