Token validation checks ensure that while validating tokens, all aspects are analyzed and verified. Turning off validation can lead to security holes by allowing untrusted tokens to make it through validation.

Set Microsoft.IdentityModel.Tokens.TokenValidationParameters properties RequireExpirationTime, ValidateAudience, ValidateIssuer, or ValidateLifetime to true. Or, remove the assignment to false because the default value is true.

This example disabled the validation.

To fix it, do not disable the validations or use the default value.

azure-activedirectory-identitymodel-extensions-for-dotnet ValidatingTokens wiki