« JWT » : différence entre les versions
De Banane Atomic
Aller à la navigationAller à la recherche
(Page créée avec « {| class="wikitable wtp wtmono1" |- | aud || AUDience || {{boxx|https://*.onmicrosoft.com/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx}} xxx=AppId |- | iss || ISSuer || {{boxx|https://sts.windows.net/yyyyyyyy-yyyy-yyyy-yyyy-yyyyyyyyyyyy/}} yyy= |- | iat || Issued AT || date de la demande. Nombre de secondes depuis Epoch (1970-01-01T00:00:00Z UTC) |- | nbf || Not BeFore || date avant laquelle le token ne doit pas être utilisé |- | exp || EXPiration time || date à part... ») |
Aucun résumé des modifications |
||
| Ligne 1 : | Ligne 1 : | ||
= Description = | |||
JSON Web Token | |||
== Access token == | |||
Access tokens are credentials used to access protected resources.<br> | |||
The token is generated after a user successfully authenticates and authorizes access.<br> | |||
It does not contain any information about the user itself besides their ID ({{boxx|sub}}).<br> | |||
It only contains authorization information about which actions the application is allowed to perform at the API ({{boxx|scope}}).<br> | |||
This is what makes it useful for securing an API, but not for authenticating a user. | |||
= Content token = | |||
{| class="wikitable wtp wtmono1" | {| class="wikitable wtp wtmono1" | ||
|- | |- | ||
Version du 7 mars 2024 à 13:02
Description
JSON Web Token
Access token
Access tokens are credentials used to access protected resources.
The token is generated after a user successfully authenticates and authorizes access.
It does not contain any information about the user itself besides their ID (sub).
It only contains authorization information about which actions the application is allowed to perform at the API (scope).
This is what makes it useful for securing an API, but not for authenticating a user.
Content token
| aud | AUDience | https://*.onmicrosoft.com/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx xxx=AppId |
| iss | ISSuer | https://sts.windows.net/yyyyyyyy-yyyy-yyyy-yyyy-yyyyyyyyyyyy/ yyy= |
| iat | Issued AT | date de la demande. Nombre de secondes depuis Epoch (1970-01-01T00:00:00Z UTC) |
| nbf | Not BeFore | date avant laquelle le token ne doit pas être utilisé |
| exp | EXPiration time | date à partir de laquelle le token ne sera plus accepté |
| acr | Authentication Context class Reference | 0 : l'authentification ne respecte pas la norme ISO/IEC 29115 |
| aio | ||
| amr | Authentication Method | pwd |
| appid | APPlication ID | Application ID dans Azure AD Applications |
| appidacr | APPlication Authentication Context class Reference |
|
| deviceid | ||
| oid | Object ID | ID unique de l'utilisateur |
| onprem_sid | ||
| scp | Scope | user_impersonation |
| sub | Subject | autre ID unique de l'utilisateur |
| tid | Tenant ID | |
| uti |
