Sign in

Type: IdTokenClaims

Standard OpenID Connect ID Token claims.

Indexable

[key: string]: unknown

Additional provider-specific claims.

Properties

PropertyTypeDescription
acr?stringAuthentication Context Class Reference. Indicates the assurance level of the authentication performed.
address?AddressPostal address.
amr?string[]Authentication Methods References. Lists the authentication methods used (for example: pwd, mfa, otp).
at_hash?stringAccess token hash. Used to validate access tokens returned alongside the ID token.
audstring | string[]Intended audience(s) of the token.
auth_time?numberTime when the end-user authentication occurred (Unix epoch seconds).
azp?stringAuthorized party - identifies the client to which the ID token was issued.
birthdate?stringBirthday.
c_hash?stringAuthorization code hash. Used to validate authorization codes returned with hybrid flows.
email?stringEmail address.
email_verified?booleanWhether the email address has been verified by the provider.
expnumberExpiration time of the token (Unix epoch seconds).
family_name?stringSurname(s) / last name.
gender?stringGender.
given_name?stringGiven name(s) / first name.
groups?Group[]Group memberships for the user.
iatnumberTime at which the token was issued (Unix epoch seconds).
issstringIssuer identifier - the authorization server that issued the token.
locale?stringLocale.
middle_name?stringMiddle name(s).
name?stringFull name of the user (e.g. "Jane Doe").
nbf?numberNot-before time (Unix epoch seconds).
nickname?stringCasual name used by the user.
nonce?stringNonce value used to associate the authentication request with the issued ID token and prevent replay attacks.
phone_number?stringPhone number (formatted in E.164 standard).
phone_number_verified?booleanWhether the phone number has been verified by the provider.
picture?stringURL of the user's profile picture.
preferred_username?stringPreferred username.
profile?stringURL of the user's profile page.
s_hash?stringState hash (used in some hybrid flow validations).
substringSubject identifier - a unique, stable identifier for the user within the issuer.
updated_at?numberTime the user's information was last updated (seconds since epoch).
website?stringURL of the user's website.
zoneinfo?stringTime zone name.
© 2024 MonoCloud. All rights reserved.