Challenge Task: Go to jwt.io and paste a standard Auth0 ID Token (or use the default example). Look at the purple “Payload” section. Identify the mandatory OIDC fields.
Submission Requirement: List the standard fields (e.g., iss, sub, aud, exp, iat) + an explanation of what each one represents.
The standard fields are as follows:
iss (Issuer): This identifies the authorization server that issued the token. It helps to ensure the token is valid and came from a trusted source.
sub (Subject) This is the identifier of the user who is authenticated. It ensures that the token is intended for a specific subject (user).
aud (Audience) This identifies the audience that the token is meant for. It ensures the token is not used inappropriately or by unauthorized services.
exp (Expiration Time) This is the expiry time of the token. After this time, the token is considered invalid and will not be accepted for authentication.
iat (Issued At) This is the time when the token was created. It helps to track the age of the token and assess whether it’s still valid based on other fields like exp.