Receiving "Client authentication with client secret signed JWT failed: Token reuse detected" when trying to get access token with client_Assertion

I am using “signed jwt with Client secret” client authentication. After generating the JWT token, while passing the JWT token against client_assertion for token endpoint, it returns the error “Client authentication with client secret signed JWT failed: Token reuse detected” , though it is the first attempt to retrieve access token.

Stack trace snippet :
        KC-SERVICES0025: Error when validating client assertion: java.lang.RuntimeException: Token reuse detected
at org.keycloak.keycloak-services@14.0.0//org.keycloak.authentication.authenticators.client.JWTClientSecretAuthenticator.authenticateClient(

Using :15.0.2 docker image. 

Please  suggest what is missing.


Same here, also with 15.0.2.
Sample token payload used as ‘client_assertion’:
“sub”: “rest_api”,
“iss”: “rest_api”,
“aud”: “https://<…>”,
“exp”: 1640100249,
“jti”: “1640098496163”
The jti is newly generated on each request and has never been used before.
Any hint would be welcome

In Keycloak 16.1.0 and 18.0.0 had the same problem using the next jwt:

“alg”: “HS512”

“sub”: “{realm}”,
“aud”: “https://{server:port}/auth/realms/{realm}”,
“nbf”: 1651814483,
“iss”: “{realm}”,
“exp”: 1651922482,
“iat”: 1651814482,
“jti”: “{uuid}”

The problem was that the certificate field in the keys tab had value, you only need to enable Use JWKS URL or Use JWKS and works for me. For example: