Skip to main content

JwtTypes Class

Abblix.Oidc.Server

Abblix.Oidc.Server.Common.Constants

JwtTypes Class

This class defines JWT (JSON Web Token) types used in various contexts.

public static class JwtTypes

Inheritance System.Object → JwtTypes

Fields

JwtTypes.AccessToken Field

The "AccessToken" JWT type is used to represent access tokens, typically used for authenticating and authorizing users in APIs.

public const string AccessToken = "at+jwt";

Field Value

System.String

JwtTypes.DPoPProof Field

The "DPoP proof" JWT type per RFC 9449 §4.2. The typ header MUST equal this value so a relying party that trusts the same client across multiple JWT classes (id_token, request_object, DPoP proof) cannot have one class replayed as another per the RFC 8725 §3.11 token-class-confusion guidance.

public const string DPoPProof = "dpop+jwt";

Field Value

System.String

JwtTypes.IdToken Field

OpenID Connect ID Token. Indicates this token is an OpenID Connect ID Token. Used in the 'typ' header of ID tokens for explicit typing.

public const string IdToken = "id_token+jwt";

Field Value

System.String

JwtTypes.InitialAccessToken Field

The "InitialAccessToken" JWT type is used to authorize calls to the client registration endpoint per RFC 7591 Section 3.

public const string InitialAccessToken = "initial_access+jwt";

Field Value

System.String

JwtTypes.Jwt Field

Standard JSON Web Token type. Per RFC 7519 Section 5.1, this is the recommended value for the 'typ' header parameter.

public const string Jwt = "JWT";

Field Value

System.String

JwtTypes.LogoutToken Field

The "LogoutToken" JWT type is used in the context of OpenID Connect for single logout functionality.

public const string LogoutToken = "logout+jwt";

Field Value

System.String

JwtTypes.RefreshToken Field

The "RefreshToken" JWT type is used to represent refresh tokens, which allow obtaining new access tokens without reauthentication.

public const string RefreshToken = "refresh+jwt";

Field Value

System.String

JwtTypes.RegistrationAccessToken Field

The "RegistrationAccessToken" JWT type is used in OAuth 2.0 Dynamic Client Registration for securely registering clients.

public const string RegistrationAccessToken = "registration+jwt";

Field Value

System.String

JwtTypes.TokenIntrospection Field

The "token introspection response" JWT type per RFC 9701 §5. The typ header equals this value so a signed introspection response cannot be replayed as a different JWT class (RFC 8725 §3.11).

public const string TokenIntrospection = "token-introspection+jwt";

Field Value

System.String