diff --git a/api/rest.go b/api/rest.go
index 9cf441a..eb031e6 100644
--- a/api/rest.go
+++ b/api/rest.go
@@ -386,6 +386,12 @@ func (api *RestApi) stopJob(rw http.ResponseWriter, r *http.Request) {
 	go func() {
 		defer api.OngoingArchivings.Done()
 
+		if _, err := api.JobRepository.FetchMetadata(job); err != nil {
+			log.Errorf("archiving job (dbid: %d) failed: %s", job.ID, err.Error())
+			api.JobRepository.UpdateMonitoringStatus(job.ID, schema.MonitoringStatusArchivingFailed)
+			return
+		}
+
 		// metricdata.ArchiveJob will fetch all the data from a MetricDataRepository and create meta.json/data.json files
 		jobMeta, err := metricdata.ArchiveJob(job, context.Background())
 		if err != nil {
diff --git a/auth/auth.go b/auth/auth.go
index 2bf7462..9ec40c8 100644
--- a/auth/auth.go
+++ b/auth/auth.go
@@ -375,17 +375,17 @@ func (auth *Authentication) ProvideJWT(user *User) (string, error) {
 		return "", errors.New("environment variable 'JWT_PRIVATE_KEY' not set")
 	}
 
+	now := time.Now()
 	claims := jwt.MapClaims{
 		"sub":   user.Username,
 		"roles": user.Roles,
+		"iat":   now.Unix(),
 	}
 	if auth.JwtMaxAge != 0 {
-		claims["exp"] = time.Now().Add(auth.JwtMaxAge).Unix()
+		claims["exp"] = now.Add(auth.JwtMaxAge).Unix()
 	}
 
-	tok := jwt.NewWithClaims(jwt.SigningMethodEdDSA, claims)
-
-	return tok.SignedString(auth.jwtPrivateKey)
+	return jwt.NewWithClaims(jwt.SigningMethodEdDSA, claims).SignedString(auth.jwtPrivateKey)
 }
 
 func GetUser(ctx context.Context) *User {