Overview#
Issuer (
iss) is generally the Issuer of the item.
The
Authoritative source is referred to as the Issuer
OAuth 2.0#
In authorization responses to the client, including error responses, an authorization server supporting this specification
MUST indicate its identity by including the
iss parameter in the response.
OAuth Clients that support this specification MUST extract the value of the iss parameter from Authorization Response they receive if the parameter is present. OAuth Clients MUST then decode the value from its "application/x-www-form-urlencoded" form according to Appendix B of RFC 6749 and compare the result to the issuer identifier of the Authorization Server where the Authorization Request was sent to.
Disc authorization_response_iss_parameter_supported Boolean parameter indicating whether the authorization server provides the iss parameter in the Authorization Response.
Discovery Mechanism
Issuer is a
OPTIONAL Openid-configuration URL using the
HTTPS scheme with no query or fragment component that the
OpenID Connect Identity Provider (IDP) asserts as its Issuer Identifier.
If Issuer discovery is supported, this value MUST be identical to the Issuer value returned by WebFinger. This also MUST be identical to the iss JWT Claim Value in Identity Token issued from this Issuer.
Issuer within
X.509 Certificates is referred to as the
Certificate Issuer
Issuer is an
entity that creates a
Verifiable Claim, associates it with a particular
subject, and transmits it to a
holder.
There might be more information for this subject on one of the following: