CBOR Web Token (CWT) Claims Created 2018-03-22 Last Updated 2021-08-31 Available Formats [IMG] XML [IMG] HTML [IMG] Plain text Registries included below * CBOR Web Token (CWT) Claims * CWT Confirmation Methods CBOR Web Token (CWT) Claims Expert(s) Mike Jones, Hannes Tschofenig, Chuck Mortimore, Ludwig Seitz Reference [RFC8392] Note Registration requests should be sent to the mailing list described in [RFC8392]. Available Formats [IMG] CSV Range Registration Procedures Integer values from -256 to 255 Standards Action Integer values from -65536 to -257 Specification Required Integer values from 256 to 65535 Specification Required Integer values greater than 65535 Expert Review Strings of length 1 Standards Action Strings of length 2 Specification Required Strings of length greater than 2 Expert Review Claim Name Claim Description JWT Claim Name Claim Key Claim Value Type Change Controller Reference Reserved for less than [RFC8392] Private Use -65536 Unassigned -65536 to -261 hcert Health Certificate hcert -260 map [European_eHealth_Network] [Electronic Health Certificate Specification] EUPHNonce Challenge Nonce EUPHNonce -259 bstr [FIDO_Alliance] [FIDO Device Onboard Specification] Signing prefix for multi-app [FIDO Device Onboard EATMAROEPrefix restricted operating EATMAROEPrefix -258 bstr [FIDO_Alliance] Specification] environments EAT-FDO EAT-FDO may contain related EAT-FDO -257 array [FIDO_Alliance] [FIDO Device Onboard to FIDO Device Onboarding Specification] Unassigned -256 to -1 Reserved This registration reserves 0 [IESG] [RFC8392] the key value 0 iss Issuer iss 1 text string [IESG] [RFC8392] sub Subject sub 2 text string [IESG] [RFC8392] aud Audience aud 3 text string [IESG] [RFC8392] integer or exp Expiration Time exp 4 floating-point [IESG] [RFC8392] number integer or nbf Not Before nbf 5 floating-point [IESG] [RFC8392] number integer or iat Issued At iat 6 floating-point [IESG] [RFC8392] number cti CWT ID jti 7 byte string [IESG] [RFC8392] cnf Confirmation cnf 8 map [IESG] [RFC8747] scope The scope of an access token scope 9 byte string or [IESG] [RFC8693, Section 4.2] as defined in [RFC6749]. text string Unassigned 10 to 37 ace_profile The ACE profile a token is ace_profile 38 integer [IETF] [RFC-ietf-ace-oauth-authz-45, supposed to be used with. Section 5.10] cnonce The client-nonce sent to the cnonce 39 byte string [IETF] [RFC-ietf-ace-oauth-authz-45, AS by the RS via the client. Section 5.10] The expiration time of a exi token measured from when it exi 40 integer [IETF] [RFC-ietf-ace-oauth-authz-45, was received at the RS in Section 5.10.3] seconds. Unassigned 41 to 65535 CWT Confirmation Methods Registration Procedure(s) Specification Required Expert(s) Ludwig Seitz, Mike Jones Reference [RFC8747] Note Registration requests should be sent to the mailing list described in [RFC8747]. Available Formats [IMG] CSV Confirmation Method JWT Confirmation Confirmation Change Name Confirmation Method Description Confirmation Key Value Type Controller Reference Method Name COSE_Key COSE_Key Representing Public Key jwk 1 COSE_Key [IESG] [RFC8747, Section 3.2] structure COSE_Encrypt or COSE_Encrypt0 structure (with Encrypted_COSE_Key Encrypted COSE_Key jwe 2 an optional [IESG] [RFC8747, Section 3.3] corresponding COSE_Encrypt or COSE_Encrypt0 tag) kid Key Identifier kid 3 binary string [IESG] [RFC8747, Section 3.4] OSCORE_Input_Material carrying the osc parameters for using OSCORE osc 4 map [IETF] [RFC-ietf-ace-oscore-profile-19, per-message security with implicit key Section 3.2.1] confirmation Contact Information ID Name Contact URI Last Updated [European_eHealth_Network] European eHealth Network mailto:jakob&kirei.se 2021-04-15 [FIDO_Alliance] FIDO Alliance mailto:iana-request&fidoalliance.org 2021-03-05 [IESG] IESG mailto:iesg&ietf.org 2018-05-04 [IETF] IETF mailto:iesg&ietf.org