JwtTypes Class
Abblix.Oidc.Server
Abblix.Oidc.Server.Common.Constants
JwtTypes Class
This class defines JWT (JSON Web Token) types used in various contexts.
public static class JwtTypes
Inheritance System.Object → JwtTypes
Fields
JwtTypes.AccessToken Field
The "AccessToken" JWT type is used to represent access tokens, typically used for authenticating and authorizing users in APIs.
public const string AccessToken = "at+jwt";
Field Value
JwtTypes.DPoPProof Field
The "DPoP proof" JWT type per RFC 9449 §4.2. The typ header MUST equal this
value so a relying party that trusts the same client across multiple JWT classes
(id_token, request_object, DPoP proof) cannot have one class replayed as another
per the RFC 8725 §3.11 token-class-confusion guidance.
public const string DPoPProof = "dpop+jwt";
Field Value
JwtTypes.IdToken Field
OpenID Connect ID Token. Indicates this token is an OpenID Connect ID Token. Used in the 'typ' header of ID tokens for explicit typing.
public const string IdToken = "id_token+jwt";
Field Value
JwtTypes.InitialAccessToken Field
The "InitialAccessToken" JWT type is used to authorize calls to the client registration endpoint per RFC 7591 Section 3.
public const string InitialAccessToken = "initial_access+jwt";
Field Value
JwtTypes.Jwt Field
Standard JSON Web Token type. Per RFC 7519 Section 5.1, this is the recommended value for the 'typ' header parameter.
public const string Jwt = "JWT";
Field Value
JwtTypes.LogoutToken Field
The "LogoutToken" JWT type is used in the context of OpenID Connect for single logout functionality.
public const string LogoutToken = "logout+jwt";
Field Value
JwtTypes.RefreshToken Field
The "RefreshToken" JWT type is used to represent refresh tokens, which allow obtaining new access tokens without reauthentication.
public const string RefreshToken = "refresh+jwt";
Field Value
JwtTypes.RegistrationAccessToken Field
The "RegistrationAccessToken" JWT type is used in OAuth 2.0 Dynamic Client Registration for securely registering clients.
public const string RegistrationAccessToken = "registration+jwt";
Field Value
JwtTypes.TokenIntrospection Field
The "token introspection response" JWT type per RFC 9701 §5. The typ header equals this value so a
signed introspection response cannot be replayed as a different JWT class (RFC 8725 §3.11).
public const string TokenIntrospection = "token-introspection+jwt";