oauth2.dev

iss

IESG

Registry Context

The `iss` claim identifies the principal that issued the JWT. It is optional and, when used, has a case-sensitive string value containing a `StringOrURI` value.

Technical Summary

`iss` is the registered JWT Issuer claim defined by RFC 7519 Section 4.1.1. Its value is a case-sensitive string containing a `StringOrURI` value, and use of the claim is OPTIONAL.

When Used

Use it to identify the principal that issued the JWT.

Normative Requirements

JWT producer

OPTIONAL
1
  1. RFC 7519 - Section 4.1.1

    Use the `iss` claim..

    Condition: When creating a JWT.

    Use of this claim is OPTIONAL.

Validation Guidance

error

If `iss` is present, verify that its value is a string containing a `StringOrURI` value and treat comparisons as case-sensitive.

info

Treat absence of `iss` as valid because use of the claim is optional.

Reference

Details

Entry Id
iss
Claim Name
iss
Claim Description
Issuer
Change Controller
IESG
Reference
RFC7519 - Section 4.1.1