JSON Web Token (JWT) RFC7519

2021-02-01 11:14

阅读:393

标签:com   tin   art   jwt   tip   ref   case   cci   abi   

JSON Web Token (JWT)

Abstract

   JSON Web Token (JWT) is a compact, URL-safe means of representing
   claims to be transferred between two parties.  The claims in a JWT
   are encoded as a JSON object that is used as the payload of a JSON
   Web Signature (JWS) structure or as the plaintext of a JSON Web
   Encryption (JWE) structure, enabling the claims to be digitally
   signed or integrity protected with a Message Authentication Code
   (MAC) and/or encrypted.

 

4.1.7. "jti" (JWT ID) Claim



   The "jti" (JWT ID) claim provides a unique identifier for the JWT.
   The identifier value MUST be assigned in a manner that ensures that
   there is a negligible probability that the same value will be
   accidentally assigned to a different data object; if the application
   uses multiple issuers, collisions MUST be prevented among values
   produced by different issuers as well.  The "jti" claim can be used
   to prevent the JWT from being replayed.  The "jti" value is a case-
   sensitive string.  Use of this claim is OPTIONAL.

 

JSON Web Token (JWT) RFC7519

标签:com   tin   art   jwt   tip   ref   case   cci   abi   

原文地址:https://www.cnblogs.com/chucklu/p/13181808.html


评论


亲,登录后才可以留言!