Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

What's the meaning of the "kid" claim in a JWT token?

Tags:

token

jwt

I generated a JWT and there are some claims which I understand well, but there is a claim called kid in header. Does anyone know what it means?

I generated the token using auth0.com

like image 249
tylkonachwile Avatar asked May 09 '17 10:05

tylkonachwile

People also ask

What is the kid in JWT?

Key Id mainly refers to a Secret that can be retrieved and used to validate the signed JWT. - Mostly it is just a random guid that is stored as a secret Id. It should be provided by the generator of the JWT so that a Validator can retrieve the correct secret based on the "kid" to validate the signed JWT token.

What is claim in JWT token?

In a JWT, a claim appears as a name/value pair where the name is always a string and the value can be any JSON value. Generally, when we talk about a claim in the context of a JWT, we are referring to the name (or key). For example, the following JSON object contains three claims ( sub , name , admin ):

What is kid in public key?

kid" (Key ID) Parameter The "kid" (key ID) parameter is used to match a specific key. This is used, for instance, to choose among a set of keys within a JWK Set during key rollover. The structure of the "kid" value is unspecified.

What is oauth kid?

The name of the key (key id), which is an identifier generated by the resource server. It is RECOMMENDED that the authorization server generates this key id by computing a hash over the access_token, for example using SHA-1, and to encode it in a base64 format. (

1 Answers

kid is an optional header claim which holds a key identifier, particularly useful when you have multiple keys to sign the tokens and you need to look up the right one to verify the signature.

Once a signed JWT is a JWS, consider the definition from the RFC 7515:

4.1.4. "kid" (Key ID) Header Parameter

The kid (key ID) Header Parameter is a hint indicating which key was used to secure the JWS. This parameter allows originators to explicitly signal a change of key to recipients. The structure of the kid value is unspecified. Its value MUST be a case-sensitive string. Use of this Header Parameter is OPTIONAL.

When used with a JWK, the kid value is used to match a JWK kid parameter value.

like image 74
cassiomolin Avatar answered Sep 19 '22 14:09

cassiomolin
Sign in to Comment

Related questions

Error: Uncaught SyntaxError: Unexpected token <
Using a string path to set nested array data
How to not-analyze in ElasticSearch?
WARNING: Can't verify CSRF token authenticity in case of API development
how to generate a unique token which expires after 24 hours?
Authenticating requests from mobile (iPhone) app to ASP.Net Web API (Feedback requested on my design)
tokens in visual studio: HACK, TODO... any other? [closed]
Laravel: What is "remember_token" in the "users" DB table?
Conflict between System.IdentityModel.Tokens and Microsoft.IdentityModel.Tokens
syntax error near unexpected token `$'in\r''
gitlab - Push to a repository using access_token
Is setting Roles in JWT a best practice?
Where to store the refresh token on the Client?
How can a Jenkins user authentication details be "passed" to a script which uses Jenkins API to create jobs?
-bash: syntax error near unexpected token `newline'
How to handle 401 (Authentication Error) in axios and react?
C# unsupported grant type when calling web api
How to get a Token from a Lucene TokenStream?
Best practices to invalidate JWT while changing passwords and logout in node.js? [closed]
syntax error: unexpected token <

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!