Jwt error in opensearch

hi, we are using saml with okta, and after an hour we are getting this error on the servers.
opensearch dashboard is getting 500
com.amazon.dlic.auth.http.jwt.keybyoidc.BadCredentialsException: The token has expired

@taltsafrir Could you share your current config.yml?

@taltsafrir I’ve tested your config with the latest OS 2.4.1 and I get the same issue.
The settings from opensearch_dashboards.yml posted in the first comment are valid only for basicauth and LDAP authentication domains.

As you’ve already noticed, this issue has been already reported to the dev team.