The Json Web Token, or JWT, is a terse representation of a pair of JSON objects: the header, and the payload. The JWT can be encoded as a Json Web Signature (JWS), in which case the header is encoded to base64 with the URL alphabet, and without padding characters, the payload is also encoded to base64, and the concatenation of the encoding of the header, a dot, and the encoding of the payload is signed with some cryptography algorithm. In the following, we will only be interested by public-key cryptography. The concatenation of header, dot, payload, dot and signature in base64 is the encoding of the JWT.
|• Tokens issued by an OIDC provider|
|• Date verification for tokens|
|• Single-use tokens|
|• ID tokens|
|• Access tokens|
|• DPoP proofs|
|• Authorization codes|