Versions Compared

Old Version 4

changes.mady.by.user Janny Kinende

Saved on

compared with

New Version Current

changes.mady.by.user Matheus Srebro

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Published by Scroll Versions from space PDOIDC and version master

...

Note finally that the OIDC Provider form BankID supports signed Refresh Tokens in JWT format. The below table shows claims in the payload part of the JWT. Claims contained in the JWT header are not shown.

ClaimOriginExampleDescriptionComment
typKeycloakRefreshToken type

Either Refresh or Offline for Refresh Tokens.

See scope offline_access for Offline tokens. See session handling for further details.

aud
StandardtinfoSee Access Token
auth_timeStandard1510497762See ID Token
azpStandardoidc_testclientSee ID Token 
expStandard1510498063See session handling
iatStandard1510497763See session handling 
issStandard<oidc-baseurl>See ID Token 
jtiStandard7f22fd6a-3d46-4d5a-ae56-6de3c53e1873See ID Token 
nbfStandard0See ID Token 
nonceStandard<random value>See ID Token 
session_stateKeycloakabf823c2-9810-4133-9369-7bff1223d6c1See ID Token 
subStandard

e8c523ff-52a2-42e2-a7a5-f1d0fbb76204

See ID Token 
realm_accessKeycloak
{"roles:["profile","address","phone","email","nnin_altsub","nnin"]}
See Access Token
resource_accessKeycloak
{"tinfo:{"roles ["address","phone_number", "email", "nnin"]}}
See Access Token

...