Jti field doesn't work

Hi Auth0 Team!

I have a problem with the field ‘jit’ in jwt token. I used this your example for getting a result.

but it does not work for me.

The documentation says that this field is allowed

I tested different options to get the field in pure form

Could you help me?

Thanks in advance!

Any updates? Seems Auth0 documentation doesn’t provide right approach to assign jwt id to token

bump! I too have the same issue, we’re using the auth0-java and need to validate jti’s aren’t blacklisted. Anyone?

no answer here too setting jti in tokens with Auth0 Management API v2

Just got response from the Auth0 support team, this is no longer supported by Auth0

Hi There,
To my knowledge, we no longer recommend blacklisting token. This is a legacy feature. Instead, we recommend to keep the access token expiry short and renew the token using Silent Authentication when necessary. When user logout, auth0 clears the server session immediately and the token should expire within a short period.
As said, It is not possible to set the JTI in the access token as it is not part of OIDC standard claim. You can attach the claim as the custom claim (namespace format). https://auth0.com/docs/api-auth/tutorials/adoption/scope-custom-claims
Tanver Hasan
Developer Support Engineer

Thank you for information. It really useful for me!

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.