JWT Access Token

The decoded access token is comprised of three parts separated by dots: 

header.payload.signature

Component	Description
JWT header	A JSON object containing the JWT protocol identifier and the signature scheme. The header is converted to a JavaScript Object Signing and Encryption (JOSE) header as UTF-8 octets and then encoded as a Base64 string. Example: CODEBLOCK { "typ":"JWT", "alg":"HS256" } CODEBLOCK END
JWT payload	A JSON object that contains the JWT claims set (asserted information about the user) or other information. Encoded as a Base64 string. The DNN JWT claims set includes the following: is the session id, which is fixed for the lifetime of the renewal token. is the list of roles assigned to the user. Used in authorization to determine which areas of the site the user can access. is the portal alias of the site that issued the token. is the expiration time of the access token. The token is rejected after this time (plus a small grace period). Expressed as Unix time. is the "not-before" time. The token is rejected before this time. Expressed as Unix time. Example: CODE BLOCK { "sid":"eecb9bf34bbb4c8eb87dbba3aa1523c6", "role":["Administrators","Registered Users","Subscribers"], "iss":"testsitece.lvh.me", "exp":1450834762, "nbf":1450830862 } CODEBLOCK END
JWT signature	The hash/encryption of the header and payload. The encryption method is stated in the header. Encoded as a Base64 string.

The new access token is valid for one hour.

 

---

Environment

• DNN Platform
• Evoq Content
• Evoq Engage

 

---

Parent Topic

• JWT Authentication

Related Tasks

• Set Up JWT Authentication for Your Site

Related Information

• JWT User Credentials
• Server Response with JWT
• Page Request with JWT
• JWT Authentication Handler
• About JWT Authentication