|
gptkbp:instanceOf
|
gptkb:standard
|
|
gptkbp:abbreviation
|
gptkb:JWT
|
|
gptkbp:can_be_signed_with
|
gptkb:RSA
gptkb:HMAC
gptkb:ECDSA
|
|
gptkbp:can_be_transmitted_via
|
URL
HTTP header
POST parameter
|
|
gptkbp:canBe
|
stateless
self-contained
|
|
gptkbp:category
|
crypt
web security
authorization protocol
|
|
gptkbp:claim_example
|
exp
sub
aud
iat
iss
jti
nbf
|
|
gptkbp:definedIn
|
gptkb:RFC_7519
|
|
gptkbp:firstPublished
|
2015
|
|
gptkbp:format
|
gptkb:JSON
|
|
gptkbp:header_is
|
Base64Url encoded
|
|
gptkbp:headerFile
|
gptkb:logic
signing algorithm
|
|
https://www.w3.org/2000/01/rdf-schema#label
|
JSON Web Token
|
|
gptkbp:maintainedBy
|
gptkb:IETF
|
|
gptkbp:payload_contains
|
claims
|
|
gptkbp:payload_is
|
Base64Url encoded
|
|
gptkbp:relatedStandard
|
gptkb:JOSE
gptkb:JWE
gptkb:JWS
|
|
gptkbp:signature_is
|
Base64Url encoded
|
|
gptkbp:signature_provides
|
integrity
authenticity
|
|
gptkbp:structure
|
header
signature
payload
|
|
gptkbp:used_in
|
gptkb:OAuth_2.0
gptkb:OpenID_Connect
web applications
APIs
|
|
gptkbp:usedFor
|
authentication
information exchange
|
|
gptkbp:vulnerableTo
|
algorithm confusion
token leakage
token replay
|
|
gptkbp:bfsParent
|
gptkb:IETF
gptkb:OpenID_Connect
|
|
gptkbp:bfsLayer
|
4
|