oauth2.dev

iat

IESG

Registry Context

`iat` is an optional introspection-response field that reports when the token was originally issued.

Technical Summary

RFC 7662 defines `iat` as an optional top-level member of the token introspection response. Its value is an integer timestamp measured in seconds since 1970-01-01 UTC, indicating when the token was originally issued.

When Used

When reporting a token's original issuance time in an introspection response.

Normative Requirements

Authorization servers

MUST
1
  1. RFC 7519 - Section 4.1.6

    The `iat` value MUST be a number containing a NumericDate value..

    Condition: If `iat` is included in the introspection response.

    Its value MUST be a number containing a NumericDate value.

OPTIONAL
1
  1. RFC 7662 - Section 2.2

    Inclusion of the `iat` member in the introspection response is OPTIONAL..

    iat OPTIONAL.

Validation Guidance

error

Flag `iat` values that are not integer timestamps as invalid under the RFC 7662 field definition.

error

Flag `iat` values that do not represent seconds since 1970-01-01 UTC as invalid under the RFC 7662 field definition.

info

Allow `iat` to be absent from the introspection response.

Reference

Details

Entry Id
iat
Name
iat
Description
Issuance timestamp of the token
Change Controller
IESG
Reference
RFC7662 - Section 2.2