diff --git a/src/services/tokens.ts b/src/services/tokens.ts
index 8e151b5b..ef541d4c 100644
--- a/src/services/tokens.ts
+++ b/src/services/tokens.ts
@@ -21,7 +21,7 @@ export function generateTokens(
   userPoolId: string
 ) {
   const eventId = uuid.v4();
-  const authTime = new Date().getTime();
+  const authTime = Math.floor(new Date().getTime() / 1000);
 
   return {
     AccessToken: jwt.sign(
diff --git a/src/targets/initiateAuth.test.ts b/src/targets/initiateAuth.test.ts
index a6218ed5..30199bca 100644
--- a/src/targets/initiateAuth.test.ts
+++ b/src/targets/initiateAuth.test.ts
@@ -379,7 +379,7 @@ describe("InitiateAuth target", () => {
               username: "0000-0000",
               event_id: expect.stringMatching(UUID),
               scope: "aws.cognito.signin.user.admin", // TODO: scopes
-              auth_time: now.getTime(),
+              auth_time: Math.floor(now.getTime() / 1000),
               jti: expect.stringMatching(UUID),
             });
             expect(
@@ -405,7 +405,7 @@ describe("InitiateAuth target", () => {
               "cognito:username": "0000-0000",
               email_verified: true,
               event_id: expect.stringMatching(UUID),
-              auth_time: now.getTime(),
+              auth_time: Math.floor(now.getTime() / 1000),
               email: "example@example.com",
             });
             expect(
@@ -461,7 +461,7 @@ describe("InitiateAuth target", () => {
             username: "0000-0000",
             event_id: expect.stringMatching(UUID),
             scope: "aws.cognito.signin.user.admin", // TODO: scopes
-            auth_time: now.getTime(),
+            auth_time: Math.floor(now.getTime() / 1000),
             jti: expect.stringMatching(UUID),
           });
           expect(
@@ -483,7 +483,7 @@ describe("InitiateAuth target", () => {
             "cognito:username": "0000-0000",
             email_verified: true,
             event_id: expect.stringMatching(UUID),
-            auth_time: now.getTime(),
+            auth_time: Math.floor(now.getTime() / 1000),
             email: "example@example.com",
           });
           expect(
diff --git a/src/targets/respondToAuthChallenge.test.ts b/src/targets/respondToAuthChallenge.test.ts
index f85ed2cf..d1d6acbe 100644
--- a/src/targets/respondToAuthChallenge.test.ts
+++ b/src/targets/respondToAuthChallenge.test.ts
@@ -98,7 +98,7 @@ describe("RespondToAuthChallenge target", () => {
         username: "0000-0000",
         event_id: expect.stringMatching(UUID),
         scope: "aws.cognito.signin.user.admin", // TODO: scopes
-        auth_time: now.getTime(),
+        auth_time: Math.floor(now.getTime() / 1000),
         jti: expect.stringMatching(UUID),
       });
       expect(
@@ -118,7 +118,7 @@ describe("RespondToAuthChallenge target", () => {
         "cognito:username": "0000-0000",
         email_verified: true,
         event_id: expect.stringMatching(UUID),
-        auth_time: now.getTime(),
+        auth_time: Math.floor(now.getTime() / 1000),
         email: "example@example.com",
       });
       expect(