diff --git a/core/src/main/java/org/keycloak/TokenVerifier.java b/core/src/main/java/org/keycloak/TokenVerifier.java
index 0b2047bcfa..1f1d54c301 100755
--- a/core/src/main/java/org/keycloak/TokenVerifier.java
+++ b/core/src/main/java/org/keycloak/TokenVerifier.java
@@ -167,12 +167,15 @@ public class TokenVerifier<T extends JsonWebToken> {
     }
 
     /**
-     * Creates an instance of {@code TokenVerifier} from the given string on a JWT of the given class.
+     * Creates an instance of {@code TokenVerifier} for the given token.
      * The token verifier has no checks defined. Note that the checks are only tested when
      * {@link #verify()} method is invoked.
+     * <p>
+     * <b>NOTE:</b> The returned token verifier cannot verify token signature since
+     * that is not part of the {@link JsonWebToken} object.
      * @return
      */
-    public static <T extends JsonWebToken> TokenVerifier<T> create(T token) {
+    public static <T extends JsonWebToken> TokenVerifier<T> createWithoutSignature(T token) {
         return new TokenVerifier(token);
     }
 
diff --git a/services/src/main/java/org/keycloak/services/resources/LoginActionsService.java b/services/src/main/java/org/keycloak/services/resources/LoginActionsService.java
index 9723eb3b1d..a7abd4e3a0 100755
--- a/services/src/main/java/org/keycloak/services/resources/LoginActionsService.java
+++ b/services/src/main/java/org/keycloak/services/resources/LoginActionsService.java
@@ -544,7 +544,7 @@ public class LoginActionsService {
             
             session.getContext().setClient(authSession.getClient());
 
-            TokenVerifier.create(token)
+            TokenVerifier.createWithoutSignature(token)
               .withChecks(handler.getVerifiers(tokenContext))
               .verify();