Facing Error: Duplicate token found with @web3auth/single-factor-auth sdk

When asking for help in this category, please make sure to provide the following details:

  • SDK Version:^8.1.1
  • Platform: Web
  • Browser Console Screenshots:
  • If the issue is related to Custom Authentication, please include the following information (optional):
    • Verifier Name: staging-axr-wallet
    • JWKS Endpoint: https://api-staging.axirwallet.com/.well-known/jwks.json
    • Sample idToken (JWT): eyJ0eXAiOiJqd3QiLCJhbGciOiJSUzI1NiIsImtpZCI6IjhWclhWcVRRbG1uX084X3g5Y2d4NVY0RElsNmR3TXlqYVA1REN4Q2JOcnMifQ.eyJzdWIiOiI2NTYiLCJuYW1lIjoiYWJoaXNoZWtzYWd1KzEwNiIsImVtYWlsIjoiYWJoaXNoZWtzYWd1KzEwNkBnbWFpbC5jb20iLCJwaG9uZU51bWJlciI6Iis5MTk5NzE1MTI5MzkiLCJleHAiOjE3MzE1NjQ1NTMsImlhdCI6MTczMTQ3ODE1MywiaXNzIjoiaHR0cHM6Ly9hcGktc3RhZ2luZy5heGlyd2FsbGV0LmNvbSIsImF1ZCI6ImF4ci13YWxsZXQifQ.i4dOhTuJGe4DXC_6YX09oZ7XB6yj2PXLqqrpQLKpIKWWWoeSnE6Zv6384SvdG-OzoAgy_GHz1yQ4Xs4Wsm75ZKYGGzmqrwVRuK-J8WkuzVyOEzJ4VipVSfNW5XHSSxGNBKu-qE4Vgv0zS2EQBxcP0-XAVlMEdCr-VFNvP_v_XuYWrhX82C7o3rLHuCXEayyx6f2azT8P_g7E4efxqcg3k3Y59poyOZVod0hSrO0FDFeoANLmMXWUmKqPANOTMbIBVKtAEysVeWA_-QwFGjg7GbUSF4lPDg_tV50xKHmICACk4mVpqPNk12774t8m5yuBXwvRp56-yzrUNh5wLzG17g

web3Auth is initialized like this

const chainConfig = {
chainId: “0x1”,
displayName: “Ethereum Mainnet”,
chainNamespace: CHAIN_NAMESPACES.EIP155,
tickerName: “Ethereum”,
ticker: “ETH”,
decimals: 18,
rpcTarget: “https://rpc.ankr.com/eth”,
blockExplorerUrl: “https://etherscan.io”,
};

    const privateKeyProvider = new EthereumPrivateKeyProvider({
      config: { chainConfig },
    });

    const web3authSfa = new Web3Auth({
      clientId,
      web3AuthNetwork: WEB3AUTH_NETWORK.SAPPHIRE_DEVNET,
      usePnPKey: false,
      privateKeyProvider,
    });

    await web3authSfa.init();

web3AuthSfa is used like this

try {
if (!web3authSfa) {
console.log(“Web3Auth Single Factor Auth SDK not initialized yet”);
return;
}

    const isConnected = await web3authSfa.status;
    let telegramGeneratedPrivateKey;

    if (isConnected.toLowerCase() === 'connected') {
      telegramGeneratedPrivateKey = await web3authSfa.torusPrivKey;
    } else {

     

      await web3authSfa.connect({
        loginMethod:'jwt',
        verifier,
        verifierId: verifierId,
        idToken: authToken,
      });

      console.log("**@ web3AuthSfa connected ");

      telegramGeneratedPrivateKey = await web3authSfa.torusPrivKey;

    }

NOTE:- I have checked that i am passing different JWT each time but still facing this error , i checked that the jwt itself has changed and the decoded iat and exp timestamp also changed , so how can i fix this issue.

Hi Abhishek! Thanks for reaching out with your issue. I understand you’re encountering a “Duplicate token found” error while using the @web3auth/single-factor-auth SDK.

Here’s a summary of the information you’ve provided, which will help our support team to assist you more effectively:

Issue Summary:

  • SDK Details: @web3auth/single-factor-auth
  • SDK Version: ^8.1.1
  • Platform: Web
  • Error Encountered: Duplicate token found
  • Verifier Name: staging-axr-wallet
  • JWKS Endpoint: Link
  • Sample idToken (JWT): Provided

Initialization Code Snippet:

const chainConfig = {
    chainId: "0x1",
    displayName: "Ethereum Mainnet",
    chainNamespace: CHAIN_NAMESPACES.EIP155,
    tickerName: "Ethereum",
    ticker: "ETH",
    decimals: 18,
    rpcTarget: "https://rpc.ankr.com/eth",
    blockExplorerUrl: "https://etherscan.io",
};

const privateKeyProvider = new EthereumPrivateKeyProvider({
    config: { chainConfig },
});

const web3authSfa = new Web3Auth({
    clientId,
    web3AuthNetwork: WEB3AUTH_NETWORK.SAPPHIRE_DEVNET,
    usePnPKey: false,
    privateKeyProvider,
});

await web3authSfa.init();

Usage Code Snippet:

try {
    if (!web3authSfa) {
      console.log("Web3Auth Single Factor Auth SDK not initialized yet");
      return;
    }

    const isConnected = await web3authSfa.status;
    let telegramGeneratedPrivateKey;

    if (isConnected.toLowerCase() === 'connected') {
      telegramGeneratedPrivateKey = await web3authSfa.torusPrivKey;
    } else {
      await web3authSfa.connect({
        loginMethod:'jwt',
        verifier,
        verifierId: verifierId,
        idToken: authToken,
      });
      console.log("**@ web3AuthSfa connected ");
      telegramGeneratedPrivateKey = await web3authSfa.torusPrivKey;
    }

Notes:

  • You mentioned checking that you’re passing different JWTs each time, but you’re still receiving the error. It may be worth confirming if the verifierId is unique for each request as well, as reusing that might lead to issues.

For the next steps, I recommend checking your console for any additional error messages or logs that might help further diagnose the issue. If possible, please provide screenshots of the browser console during the error occurrence, as this could provide more context.

We’ll ensure that your request is sent to our support team for further investigation. If you have any other questions or need further assistance, feel free to ask!

Note: This response was generated by an AI bot and may require further verification. The Web3Auth support team has tracked this issue and will be responding as soon as possible.

hi @shahbaz , could you please help me with this ? Thanks

hi @shahbaz , could you please help me with this? How do i fix this issue ?

hi @shahbaz , any updates here ?

Hey @abhishek.sagu

Are you calling the login function twice?

We don’t have loginMethod in SFA. Please take a reference from here: Usage of Single Factor Auth JS SDK | Documentation | Web3Auth

We even have a telegram example, from where you can take reference:

No @shahbaz i am not calling the login function twice. I just call the login function once and it gives me the duplicate token error

I want to create a private key with only 1 required share , will this no modal sdk work ? I am currently trying to use @web3auth/single-factor-auth with which i am facing this duplicate token error .

hi @shahbaz , how can i fix this issue. I am only calling the method once and that too with the new token.

Okay, and how are you generating the token?

hi @shahbaz , here is how i am generating the token

async getIdToken(newUser, showOnlyVerified = false) {
const ks = fs.readFileSync(‘keys_rsa.json’);

const keyStore = await jose.JWK.asKeyStore(ks.toString());
const [key] = keyStore.all({ use: 'sig' });

const opt = {
    compact: true,
    jwk: key,
    fields: { typ: 'jwt' }
};

const tokenPayload = {
    sub: `${newUser.id}`, // must be unique to each user
    name: newUser.username,
    email: showOnlyVerified ? newUser.getEmailVerified() : newUser.email,
    phoneNumber: showOnlyVerified ? newUser.getPhoneVerified() : newUser.phone_number,
    exp: Math.floor(Date.now() / 1000) + 86400, // expires in 1 day
    iat: Math.floor(Date.now() / 1000),
    iss: process.env.WEB3AUTH_ISS,
    aud: 'axr-wallet',
};

const payload = JSON.stringify(tokenPayload);

return await jose.JWS.createSign(opt, key).update(payload).final();

}

hi @shahbaz , @Ayush , i tried by increasing the exp timestamp too but its still giving me the same duplicate token error. How can i fix this ?

hi @shahbaz , any updates here ? Is there any way to fix it ?

Hey @abhishek.sagu, we’ll have a look today. I’ll update you asap

Hey @abhishek.sagu

And how are you allowing the users to authenticate?