Overview #

Iss (issuer) is an Abbreviation or Parameter

OAuth 2.0 #

Iss (issuer) in the Access Token identifies the Digital Identity that issued the Access Token.

RFC 9207 further defines Iss and that in the Authorization Response to the client, including error responses, an Authorization Server supporting this specification MUST indicate its identity by including the iss parameter in the Authorization Response

OpenID Connect#

Iss (issuer) OPTIONAL Reserved Claim Name for JSON Web Token Claims identifies the principal that issued the JSON Web Token.

The processing of this claim is generally application specific.

The "Iss" value is a case-sensitive string containing a StringOrURI value.

More Information#

There might be more information for this subject on one of the following:

• Act (Actor) Claim
• Apple ID
• Authorization_response_iss_parameter_supported
• Best Practices OpenID Connect
• Frontchannel_logout_session_required
• Frontchannel_logout_session_supported
• Identity Token
• Identity Token Claims
• Identity Token Validation
• Initiate_login_uri
• Iss
• Issuer
• JSON Web Token Claims
• JSON Web Tokens
• Login_hint_token
• Logout Token
• May_act (May Act For) Claim
• OAuth 2.0 Authorization Server Issuer Identification
• OAuth 2.0 Security Best Current Practice
• OpenID Connect Back-Channel Logout
• OpenID Connect Federation
• OpenID Connect Front-Channel Logout
• Openid-configuration
• Proof-of-Possession Key Semantics for JSON Web Tokens (JWTs)
• Reserved Claim Name
• Self-Issued OpenID Provider