Token Payload Insights

Explore the Fields within the Token Payloads

In the previous section, we've reviewed the token structure and the process of decoding the payload into JSON.

Now, let's dive into the specifics of the payload JSON fields. Both tokens share common fields such as token ID, issue and expiration dates, issuer, and more:

Field name

Description

Value example

exp

Expiration time (seconds since Unix epoch)

1643666400

iat

Issued at (seconds since Unix epoch)

1640988000

auth_time

Time when authentication occurred

1640988000

jti

JWT ID (a unique identifier for this token)

33fe7266-d966-4e48-b563-9ecae7c1e751

iss

The issuer who created and signed this token

aud

Target audience (who the tokens are for)

sub

Who the token refers to (User ID)

916e0e2e-46d9-4b80-8856-dd9fedb1b723

typ

The type of a token

'Refresh' for refresh token 'Bearer' for access token

azp

Authorized party (clientID to which the token was issued)

client-service-app

scope

Scopes

openid email keys auth

sid

Session ID

995c78ad-ebfe-4aaf-97bd-1948ec19d371

The content of access tokens can vary based on the parameters specified during the authorization flow, allowing clients to request specific user information.

For example, access tokens may contain additional user-specific data, including email addresses and wallet details. Here are some common examples (specific fields related to specific flows are detailed in their respective sections):

Field Name

Description

Value example

wallet_address

User wallet address

0x…

wallet_chain_id

Wallet chain ID

email_verified

Represents either user verified email

true

email

User email

user@gmail.com

In the following sections, we will delve into the processes of obtaining both the access and refresh tokens.

PreviousToken Structure NextToken Retrieval

Last updated 1 year ago

Token Payload Insights

Explore the Fields within the Token Payloads

In the previous section, we've reviewed the token structure and the process of decoding the payload into JSON.

Now, let's dive into the specifics of the payload JSON fields. Both tokens share common fields such as token ID, issue and expiration dates, issuer, and more:

Field name

Description

Value example

exp

Expiration time (seconds since Unix epoch)

1643666400

iat

Issued at (seconds since Unix epoch)

1640988000

auth_time

Time when authentication occurred

1640988000

jti

JWT ID (a unique identifier for this token)

33fe7266-d966-4e48-b563-9ecae7c1e751

iss

The issuer who created and signed this token

aud

Target audience (who the tokens are for)

sub

Who the token refers to (User ID)

916e0e2e-46d9-4b80-8856-dd9fedb1b723

typ

The type of a token

'Refresh' for refresh token 'Bearer' for access token

azp

Authorized party (clientID to which the token was issued)

client-service-app

scope

Scopes

openid email keys auth

sid

Session ID

995c78ad-ebfe-4aaf-97bd-1948ec19d371

The content of access tokens can vary based on the parameters specified during the authorization flow, allowing clients to request specific user information.

Field Name

Description

Value example

wallet_address

User wallet address

0x…

wallet_chain_id

Wallet chain ID

email_verified

Represents either user verified email

true

email

User email

user@gmail.com

In the following sections, we will delve into the processes of obtaining both the access and refresh tokens.

PreviousToken Structure NextToken Retrieval

Last updated 1 year ago