[Openid-specs-ab] JWT claims in signed UserInfo responses

Vladimir Dzhuvinov / NimbusDS vladimir at nimbusds.com
Wed Nov 6 09:56:06 UTC 2013


Hi guys,

For UserInfo responses encoded as JWTs - which of the standard JWT
claims, apart from the mandatory "sub", do you choose to include?

http://tools.ietf.org/html/draft-ietf-oauth-json-web-token-12#section-4.1

It appears to me that in order for the UserInfo to be suitable for
passing around as a JWT it should include at least the "iss" claim.

Thanks,

Vladimir

--
Vladimir Dzhuvinov : www.NimbusDS.com : vladimir at nimbusds.com


More information about the Openid-specs-ab mailing list