txn
Registry Context
The `txn` claim is an optional string containing a unique transaction identifier. It can correlate multiple related JWTs.
Technical Summary
RFC 8417 defines `txn` for both Security Event Tokens and non-SET JWT profiles. RFC 7519's general JWT processing rules also require unique claim names and require unrecognized claims to be ignored.
When Used
When related JWTs need to be correlated using a shared transaction identifier.
Normative Requirements
Unspecified actor
RFC 8417 - Section 2.2
Include the `txn` claim as a string value representing a unique transaction identifier..
An OPTIONAL string value that represents a unique transaction identifier.
JWT implementations
RFC 7519 - Section 4
Ignore claims that are not understood in the absence of application-specific processing requirements..
Condition: When no applicable specification defines processing requirements for the claim.
all claims that are not understood by implementations MUST be ignored
JWT parsers
RFC 7519 - Section 4
Reject JWTs with duplicate Claim Names or use a JSON parser that returns only the lexically last duplicate member name..
Condition: When processing a JWT Claims Set.
JWT parsers MUST either reject JWTs with duplicate Claim Names or use a JSON parser that returns only the lexically last duplicate member name.
Validation Guidance
Allow `txn` to be absent because its use is optional.
When present, verify that `txn` is a string representing a transaction identifier.
Reject the JWT or apply lexically-last-member handling if duplicate `txn` claim names occur.
Ignore `txn` when it is not understood and no applicable profile defines processing rules for it.
Reference
Details
- Entry Id
txn- Claim Name
txn- Claim Description
Transaction Identifier- Change Controller
IESG- Reference
RFC8417 - Section 2.2