Overview#

Sub is a Claim used in various Tokens

OpenID Connect Identity Token#

OpenID Connect Identity Token Sub is a Subject Identifier is a locally unique and never re-assigned identifier within the Issuer for the Authenticated Entity, which is intended to be consumed by the OAuth Client. Two Subject Identifier types are defined by OpenID Connect: The OpenID Connect Provider's OpenID Connect Discovery document SHOULD list its supported Subject Identifier types in the subject_types_supported element. If there is more than one type listed in the array, the OAuth Client MAY elect to provide its preferred identifier type using the subject_type parameter during Registration.

Sub MUST NOT exceed 255 ASCII characters in length.

Sub sub value is a Case-sensitive string.

JSON Web Token#

The "sub" (subject) OPTIONAL Reserved Claim Name identifies the principal that is the subject of the JSON Web Token.

The JSON Web Token Claim in a JWT are normally statements about the subject.

The subject value MUST either be scoped to be locally unique in the context of the JSON Web Token issuer or be globally unique.

The processing of this JSON Web Token Claim is generally application specific.

The "Sub" value is a Case-sensitive string containing a StringOrURI value.

More Information#

There might be more information for this subject on one of the following:

Add new attachment

Only authorized users are allowed to upload new attachments.
« This page (revision-10) was last changed on 26-Sep-2016 00:01 by jim