JWT Claims Reference: iss, sub, exp, and Every Standard Claim
Every registered JWT claim defined in RFC 7519: what it means, when to use it, and how validators interpret each field.
Published:
Tags: security, jwt, reference
JWT Claims Reference: iss, sub, aud, exp, iat, and More JWT claims are the payload content — the data the token carries about the user, the session, and the token itself. The JWT specification (RFC 7519) defines a set of registered claims with standardized names and semantics. Using these correctly is essential for interoperability and security. Overview of Registered Claims All registered claims are optional by the spec, but several are mandatory in practice. RFC 7519 defines seven registered claims: | Claim | Name | Type | Description | |-------|------|------|-------------| | | Issuer | String/URI | Who created the token | | | Subject | String | Who the token is about | | | Audience | String or Array | Intended recipient(s) | | | Expiration Time | NumericDate | When the token expires |…
All articles · theproductguy.in