Auth0 Android JWT library — private claim spec

chrisbtoo · July 16, 2019, 11:15pm

I’m being sent a JWT with a private claim whose value is in the form of a JSON object. jwtdecode’s Claim class has methods to pull the value as one of several primitives, or as an array of objects, but no method to pull it as a single object.

I’m unable to find any documentation which specifies valid formats for private claim values, and I’m wondering why the developers didn’t include such a method. Was it an oversight, or is there some spec I can point to that will allow me to tell the sender they’re doing it wrong?

chrisbtoo · July 17, 2019, 1:32pm

I see this issue on github, and its associated pull request. Hopefully the authors decide to merge it.

konrad.sopala · July 17, 2019, 1:49pm

Hey there @chrisbtoo!

I’ll reach out to repo maintainers to relay that info and let them know about issues and related PR!

chrisbtoo · July 22, 2019, 10:36pm

Seems they’ve been stubbornly refusing to merge it for over a year, even though the JWT spec clearly says it’s a valid Claim format. I hereby criticize that idea.

konrad.sopala · February 27, 2020, 3:01pm

Hey there it seems from the conversation that it should be available from 1.4 which is available here:

Topic		Replies	Views
Verify JWT token received from auth0 JWT.io jwt , auth0	4	21874	January 12, 2020
Need help converting Javascript JWT parsing into Java using Auth0 libs JWT.io jwt , javascript , java , java-jwt-support-doc	1	3266	August 4, 2020
Java-jwt 2 to 3 migration guide? JWT.io jwt , auth0	0	1460	February 16, 2023
Problem validating JWT with X509 cert/pubkey from /jwks JWT.io api , certificate , jwt-validation	12	23144	November 8, 2022
How can I read the claims from the access token payload in java? Help claims	3	3834	March 2, 2018

Auth0 Android JWT library — private claim spec

Related topics