[Openid-specs-ab] JWT claims in signed UserInfo responses
Vladimir Dzhuvinov / NimbusDS
vladimir at nimbusds.com
Wed Nov 6 09:56:06 UTC 2013
Hi guys,
For UserInfo responses encoded as JWTs - which of the standard JWT
claims, apart from the mandatory "sub", do you choose to include?
http://tools.ietf.org/html/draft-ietf-oauth-json-web-token-12#section-4.1
It appears to me that in order for the UserInfo to be suitable for
passing around as a JWT it should include at least the "iss" claim.
Thanks,
Vladimir
--
Vladimir Dzhuvinov : www.NimbusDS.com : vladimir at nimbusds.com
More information about the Openid-specs-ab
mailing list