Identity Token Validation


Identity Token Validation requires that the OAuth Client MUST validate the Id_token in the OAuth Token Response.

If any of the Verification procedures defined fail, any operations requiring the information that failed to correctly validate MUST be aborted and the information that failed to validate MUST NOT be used.

The OAuth Client can split the Id_token at the period (".") characters, take the second segment, and base64url decode it to obtain a JSON Object containing the Identity Token Claims, which MUST be validated as follows:

More Information#

There might be more information for this subject on one of the following: