This contains standard JWT claims to identify a session for the Dynamic user. For more details, see: https://www.iana.org/assignments/jwt/jwt.xhtml#claims

kid
string
required

Project environment jwt public key id, used to verify the jwt using the the jwks endpoint

aud
string
required

Audience: this will be the origin header, pertaining to the client site

iss
string
required

Issuer: current backend api host + environment id

sub
string
required

Dynamic user ID

sid
string
required

Dynamic session ID

environment_id
string
required

Dynamic environment ID

last_verified_credential_id
string
required

ID of the most recently used verified credential. This would refer to a value in the verified credentials list in the corresponding SdkUser

exp
number

Expiration timestamp

iat
number

Timestamp for when the JWT was issued at

scope
string

A whitespace-separate list of permissions associated with the JWT token issued. This conforms to the JWT standard for scope claims: https://datatracker.ietf.org/doc/html/rfc8693#section-4.2

verifiedCredentialsHashes
object

This contains the hashed string of the concatenated verified credential IDs grouped by credential format.

Was this page helpful?

MfaBackupCodeAcknowledgementMobileSettings