iSHARE Developer Portal
Other resources
Version 2.1 (current version)
Version 2.1 (current version)
  • Welcome to the iSHARE Developer Portal
  • Introduction
    • Getting started
      • Test certificates
      • Test participants
      • Postman collections
    • Release info
    • Help & support
    • Specific technical standards
      • JSON Web Token (JWT)
      • OAuth 2.0
      • OpenID Connect 1.0
      • PKI
      • TLS
      • XACML 3.0
      • Caching
      • DID
      • UTC
      • X.509
      • HTTP response codes
    • UI Guidelines
    • Conformance test tool
  • Roles
    • Roles
  • All roles (common endpoints)
    • Access token (M2M)
    • Capabilities
  • Authorisation Registry Role
    • Getting started
    • Access token (M2M)
    • Capabilities
    • Delegation
    • Delegation Policy
  • Entitled Party
    • Getting started
  • Identity Provider
    • Getting started
    • Authorize
    • Login
    • Access token
    • User info
    • Capabilities
  • Participant Registry role
    • Getting started
    • Access token (M2M)
    • Capabilities
    • Parties
    • Parties (single party)
    • Trusted list
    • Versions
    • Data Spaces
    • Create Entitled Party / Service Consumer
  • Service Consumer Role
    • Getting started
  • Service Provider Role
    • Getting started
      • Service
    • Access token (M2M)
    • Capabilities
    • Return
  • Reference
    • iSHARE JWT
      • Client Assertion
    • Authentication
    • Authorization
    • Authorisation rules
Powered by GitBook
LogoLogo

  • Cookie Policy

  • Privacy Policy

  • Imprint

  • Contact Us

Copyright © 2024 iSHARE Foundation

On this page
  1. Introduction
  2. Specific technical standards

JSON Web Token (JWT)

PreviousSpecific technical standardsNextOAuth 2.0

Last updated 2 months ago

A JSON Web Token (JWT) is used when non-repudiation between parties is required. A statement, of which the data is encoded in JSON, is digitally signed to protect the authenticity and integrity of the statement.

iSHARE uses signed JWTs in the following ways:

  1. In a request for an OAuth Access Token or an OpenID Connect ID token the client sends a signed JWT. The client is authenticated based on the verification of the JWT's signature.

  2. Delegation evidence is presented as a signed JWT. The signature of the Authorization Registry or Entitled Party provides proof to other parties.

  3. In a response from a server iSHARE metadata is presented as a signed JWT. The signature is used to bind the iSHARE metadata (such as license information) in the JWT to the content of the response.

  4. A service from an iSHARE Service Provider MAY require a request to be signed.

On the generic requirements for a signed iSHARE JWT are specified.

this page