Skip to main content

JSON Web Tokens (JWT)

Structure

alg = algorithm use
- uses an agreed upon subset of crypto algorithms
kid = key identifier i.e. which key to use from the JWKS
typ = type, usually "JWT"

Standard Claims

iss = Issuer
aud = Audience, e.g. the consuming site
iat = "Issued at", in Unix Epoch Time
exp = "Expired at", in Unix Epoch Time
sub = Subject, e.g. the ID of the current user
additional app-defined claims

References

jwt.io
JSON Web Token Claims in the auth0 docs
List of registered claims on iana.org

Structure
- Header
- Standard Claims
References