Authentication tokens
Stay organized with collections
Save and categorize content based on your preferences.
Bearer token (JWT: RFC 7516)
issued by the identity partner (IdP) to attest a user's identity.
| JSON representation |
{
"aud": string,
"email": string,
"exp": string,
"iat": string,
"iss": string,
...
}
|
| Fields |
aud |
string
The audience, as identified by the IdP. Should be checked against the local configuration.
|
email |
string (UTF-8)
The user's email address.
|
exp |
string
Expiration time.
|
iat |
string
Issuance time.
|
iss |
string
The token issuer. Should be validated against the trusted set of authentication issuers.
|
... |
Your KACLS is free to use any other claims (location, custom claim, etc) to evaluate the perimeter.
|
Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.
Last updated 2022-12-19 UTC.
[{
"type": "thumb-down",
"id": "missingTheInformationINeed",
"label":"Missing the information I need"
},{
"type": "thumb-down",
"id": "tooComplicatedTooManySteps",
"label":"Too complicated / too many steps"
},{
"type": "thumb-down",
"id": "outOfDate",
"label":"Out of date"
},{
"type": "thumb-down",
"id": "samplesCodeIssue",
"label":"Samples / code issue"
},{
"type": "thumb-down",
"id": "otherDown",
"label":"Other"
}]
[{
"type": "thumb-up",
"id": "easyToUnderstand",
"label":"Easy to understand"
},{
"type": "thumb-up",
"id": "solvedMyProblem",
"label":"Solved my problem"
},{
"type": "thumb-up",
"id": "otherUp",
"label":"Other"
}]
