oauth2.dev

attest

IESG

Registry Context

`attest` is an attestation level as defined in SHAKEN framework claim.

Technical Summary

Personal Assertion Token (PaSSporT) Extension for Signature-based Handling of Asserted information using toKENs (SHAKEN) Section 11.1 defines `attest` for JWT claim sets with the registry description: Attestation level as defined in SHAKEN framework.

When Used

Used in JWTs that follow Personal Assertion Token (PaSSporT) Extension for Signature-based Handling of Asserted information using toKENs (SHAKEN) Section 11.1.

Validation Guidance

info

When processing `attest`, apply the syntax and semantics from Personal Assertion Token (PaSSporT) Extension for Signature-based Handling of Asserted information using toKENs (SHAKEN) Section 11.1.

info

Treat `attest` as profile-specific unless the JWT explicitly follows the referenced specification.

Reference

Details

Entry Id
attest
Claim Name
attest
Claim Description
Attestation level as defined in SHAKEN framework
Change Controller
IESG
Reference
RFC8588