JWT

De Banane Atomic
Aller à la navigationAller à la recherche

Description

JSON Web Token

Access token

Access tokens are credentials used to access protected resources.
The token is generated after a user successfully authenticates and authorizes access.
It does not contain any information about the user itself besides their ID (sub).
It only contains authorization information about which actions the application is allowed to perform at the API (scope).
This is what makes it useful for securing an API, but not for authenticating a user.
An access token is put in the Authorization header of your request, then the API verifies the token and grant access regarding the scope.

Content token

aud AUDience https://*.onmicrosoft.com/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx xxx=AppId
iss ISSuer https://sts.windows.net/yyyyyyyy-yyyy-yyyy-yyyy-yyyyyyyyyyyy/ yyy=
iat Issued AT date de la demande. Nombre de secondes depuis Epoch (1970-01-01T00:00:00Z UTC)
nbf Not BeFore date avant laquelle le token ne doit pas être utilisé
exp EXPiration time date à partir de laquelle le token ne sera plus accepté
acr Authentication Context class Reference 0 : l'authentification ne respecte pas la norme ISO/IEC 29115
aio
amr Authentication Method pwd
appid APPlication ID Application ID dans Azure AD Applications
appidacr APPlication Authentication Context class Reference
  • 0 : client publique
  • 1 : si le client ID et le client secret sont utilisés
deviceid
oid Object ID ID unique de l'utilisateur
onprem_sid
scp Scope user_impersonation
sub Subject autre ID unique de l'utilisateur
tid Tenant ID
uti