In a JSON Web Token (JWT), thesub(subject) claim represents the unique identifier of the user. It is a standard claim defined in the JWT specification (RFC 7519) and is used to identify the principal (user) that is the subject of the token. Thesubclaim is mandatory in many identity protocols, including OpenID Connect (OIDC), where it serves as the UID of the user.
Option A: Incorrect. Thekid(key ID) is used to identify the cryptographic key used to sign the token, not the user.
Option B: Incorrect. Theidclaim is not a standard JWT claim and is not used to represent the UID of the user.
Option C: Incorrect. TheuserKeyis not a standard JWT claim and does not represent the UID of the user.
Option D: Correct. Thesubclaim is the standard attribute in a JWT that represents the UID of the user.
References:
JSON Web Token (JWT) RFC 7519
OpenID Connect Core Specification
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit