Whats the meaning of the kid claim in a JWT token

Whats the meaning of the kid claim in a JWT token?

Whats the meaning of the kid claim in a JWT token?

kid is an optional header claim which holds a key identifier, particularly useful when you have multiple keys to sign the tokens and you need to look up the right one to verify the signature.

n

Once a signed JWT is a JWS, consider the definition from the RFC 7515:

n

n

4.1.4. kid (Key ID) Header Parameter

n

The kid (key ID) Header Parameter is a hint indicating which keynwas used to secure the JWS. This parameter allows originators tonexplicitly signal a change of key to recipients. The structure of thenkid value is unspecified. Its value MUST be a case-sensitivenstring. Use of this Header Parameter is OPTIONAL.

n

When used with a JWK, the kid value is used to match a JWK kidnparameter value.

n

The kid (key ID) claim is an optional header claim, used to specify the key for validating the signature.

n

It is described here: http://self-issued.info/docs/draft-jones-json-web-token-01.html#ReservedHeaderParameterName

Whats the meaning of the kid claim in a JWT token?

Related posts on JWT Token  :

Leave a Reply

Your email address will not be published.