...
| Claim | Required | Description | Example value |
|---|---|---|---|
| iss | yes | Issuer. Should be set to the Client Id (Client Identifier) of the OIDC/OAuth2 client | oidc-client |
| sub | yes | Subject. Should be set to the Client Id (Client Identifier) of the OIDC/OAuth2 client | oidc-client |
| aud | yes | Audience. Should be set to the URL of the OpenID Provider/OAuth2 Authorization Server issuer URL. | https://auth.buypass.no/auth/realms/SECURITYDOMAIN |
| jti | yes | JWT ID. A unique identifier for the token, which can be used to prevent reuse of the token. These tokens MUST only be used once. Se also: JWT ID Claim | 461d5788-2a18-4e63-9e35-7097e02b0227 |
| exp | yes | Expiration time on or after which the JWT MUST NOT be accepted for processing. See also: Expiration Time Claim Date format should be in "NumericDate", ref JWT terminology. | 1510831578 |
| iat | yes | Time at which the JWT was issued. See also: Issued At Claim Date format should be in "NumericDate", ref JWT terminology. | 1510831518 |
...