¶ What is ID token
Update Time: 2022-04-20 11:18:51
In OIDC Protocol, There are three type of Token: id_token, access_token and refresh_token.
ID Token is the most important part that OpenID Connect OIDC (opens new window) added from OAuth 2.0 (opens new window). ID Token contains user's identity information. It can be used to verify user's identity when front end calling backend for resources.
In general ID Token is JWT Token, it's including user's identity key/value pairs. Eg:
{
"iss": "https://server.example.com",
"sub": "24400320",
"aud": "s6BhdRkqt3",
"nonce": "n-0S6_WzA2Mj",
"exp": 1311281970,
"iat": 1311280970,
"auth_time": 1311280969,
"acr": "urn:mace:incommon:iap:silver"
}
ID Token is a JWT Token means:
id_token include user's identity information. There is no need for another request for user info The integrity of id_token can be verified. How to verify ID Token.
¶ ID Token Claims Example
| Claim | Claim |
|---|---|
| sub | birthdate |
| name | zoneinfo |
| given_name | locale |
| family_name | phone_number |
| middle_name | phone_number_verified |
| nickname | address |
| preferred_username | formatted |
| profile | street_address |
| picture | locality |
| website | region |
| postal_code | |
| email_verified | country |
| gender | updated_at |