diff --git a/api_proxy.go b/api_proxy.go
index 093f227..3e79c1c 100644
--- a/api_proxy.go
+++ b/api_proxy.go
@@ -25,7 +25,7 @@ import (
 	"encoding/json"
 	"fmt"
 
-	"github.com/golang-jwt/jwt"
+	"github.com/golang-jwt/jwt/v4"
 )
 
 type ProxyClientMessage struct {
@@ -127,7 +127,7 @@ func (r *ProxyServerMessage) CloseAfterSend(session Session) bool {
 // Type "hello"
 
 type TokenClaims struct {
-	jwt.StandardClaims
+	jwt.RegisteredClaims
 }
 
 type HelloProxyClientMessage struct {
diff --git a/go.mod b/go.mod
index 41c1b65..21e0cf4 100644
--- a/go.mod
+++ b/go.mod
@@ -4,7 +4,7 @@ go 1.17
 
 require (
 	github.com/dlintw/goconf v0.0.0-20120228082610-dcc070983490
-	github.com/golang-jwt/jwt v3.2.2+incompatible
+	github.com/golang-jwt/jwt/v4 v4.4.2
 	github.com/google/uuid v1.3.0
 	github.com/gorilla/mux v1.8.0
 	github.com/gorilla/securecookie v1.1.1
diff --git a/go.sum b/go.sum
index 9975b43..ca66882 100644
--- a/go.sum
+++ b/go.sum
@@ -130,8 +130,8 @@ github.com/gogo/protobuf v1.2.1/go.mod h1:hp+jE20tsWTFYpLwKvXlhS1hjn+gTNwPg2I6zV
 github.com/gogo/protobuf v1.3.1/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o=
 github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q=
 github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q=
-github.com/golang-jwt/jwt v3.2.2+incompatible h1:IfV12K8xAKAnZqdXVzCZ+TOjboZ2keLg81eXfW3O+oY=
-github.com/golang-jwt/jwt v3.2.2+incompatible/go.mod h1:8pz2t5EyA70fFQQSrl6XZXzqecmYZeUEB8OUGHkxJ+I=
+github.com/golang-jwt/jwt/v4 v4.4.2 h1:rcc4lwaZgFMCZ5jxF9ABolDcIHdBytAFgqFPbSJQAYs=
+github.com/golang-jwt/jwt/v4 v4.4.2/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0=
 github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=
 github.com/golang/groupcache v0.0.0-20190129154638-5b532d6fd5ef/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
 github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
diff --git a/mcu_proxy.go b/mcu_proxy.go
index f109f60..befac70 100644
--- a/mcu_proxy.go
+++ b/mcu_proxy.go
@@ -41,7 +41,7 @@ import (
 	"time"
 
 	"github.com/dlintw/goconf"
-	"github.com/golang-jwt/jwt"
+	"github.com/golang-jwt/jwt/v4"
 	"github.com/gorilla/websocket"
 
 	clientv3 "go.etcd.io/etcd/client/v3"
@@ -951,8 +951,8 @@ func (c *mcuProxyConnection) sendHello() error {
 		msg.Hello.ResumeId = c.sessionId
 	} else {
 		claims := &TokenClaims{
-			jwt.StandardClaims{
-				IssuedAt: time.Now().Unix(),
+			jwt.RegisteredClaims{
+				IssuedAt: jwt.NewNumericDate(time.Now()),
 				Issuer:   c.proxy.tokenId,
 			},
 		}
diff --git a/proxy/proxy_server.go b/proxy/proxy_server.go
index 72a2feb..d5de159 100644
--- a/proxy/proxy_server.go
+++ b/proxy/proxy_server.go
@@ -39,7 +39,7 @@ import (
 	"time"
 
 	"github.com/dlintw/goconf"
-	"github.com/golang-jwt/jwt"
+	"github.com/golang-jwt/jwt/v4"
 	"github.com/google/uuid"
 	"github.com/gorilla/mux"
 	"github.com/gorilla/securecookie"
@@ -890,7 +890,7 @@ func (s *ProxyServer) NewSession(hello *signaling.HelloProxyClientMessage) (*Pro
 	}
 
 	minIssuedAt := time.Now().Add(-maxTokenAge)
-	if issuedAt := time.Unix(claims.IssuedAt, 0); issuedAt.Before(minIssuedAt) {
+	if issuedAt := claims.IssuedAt; issuedAt != nil && issuedAt.Before(minIssuedAt) {
 		statsTokenErrorsTotal.WithLabelValues("expired").Inc()
 		return nil, TokenExpired
 	}
diff --git a/proxy/proxy_server_test.go b/proxy/proxy_server_test.go
index 70a128f..69c4acc 100644
--- a/proxy/proxy_server_test.go
+++ b/proxy/proxy_server_test.go
@@ -31,7 +31,7 @@ import (
 	"time"
 
 	"github.com/dlintw/goconf"
-	"github.com/golang-jwt/jwt"
+	"github.com/golang-jwt/jwt/v4"
 	"github.com/gorilla/mux"
 	signaling "github.com/strukturag/nextcloud-spreed-signaling"
 )
@@ -96,8 +96,8 @@ func TestTokenInFuture(t *testing.T) {
 	server, key := newProxyServerForTest(t)
 
 	claims := &signaling.TokenClaims{
-		StandardClaims: jwt.StandardClaims{
-			IssuedAt: time.Now().Add(time.Hour).Unix(),
+		RegisteredClaims: jwt.RegisteredClaims{
+			IssuedAt: jwt.NewNumericDate(time.Now().Add(time.Hour)),
 			Issuer:   TokenIdForTest,
 		},
 	}
diff --git a/proxy/proxy_tokens_etcd.go b/proxy/proxy_tokens_etcd.go
index 2779bf1..cbee803 100644
--- a/proxy/proxy_tokens_etcd.go
+++ b/proxy/proxy_tokens_etcd.go
@@ -31,7 +31,7 @@ import (
 	"time"
 
 	"github.com/dlintw/goconf"
-	"github.com/golang-jwt/jwt"
+	"github.com/golang-jwt/jwt/v4"
 
 	signaling "github.com/strukturag/nextcloud-spreed-signaling"
 )
diff --git a/proxy/proxy_tokens_static.go b/proxy/proxy_tokens_static.go
index 8ee7fb8..a7179d4 100644
--- a/proxy/proxy_tokens_static.go
+++ b/proxy/proxy_tokens_static.go
@@ -29,7 +29,7 @@ import (
 	"sync/atomic"
 
 	"github.com/dlintw/goconf"
-	"github.com/golang-jwt/jwt"
+	"github.com/golang-jwt/jwt/v4"
 )
 
 type tokensStatic struct {