Overview#The "cnf" claim is a Reserved Claim Name used in the JWT to contain members used to identify the Proof-of-Possession Key Semantics for JSON Web Tokens (JWTs).
Other members of the "cnf" object may be defined because a Proof-of-Possession Key Semantics for JSON Web Tokens (JWTs) key may not be the only means of confirming the authenticity of the token. This is analogous to the SAML V2.0 [OASIS.saml-core-2.0-os] SubjectConfirmation element in which a number of different subject confirmation methods can be included (including proof-of-possession key information).
Specific applications of JSON Web Tokenss will require implementations to understand and process some confirmation members in particular ways. However, in the absence of such requirements, all confirmation members that are not understood by implementations MUST be ignored.
Values for the Confirmation Claim are in the JWT Confirmation Methods