9.1. OAuth Parameters Registration
9.1. OAuth Parameters Registration
Since the Request Object is a JWT, the core JWT claims cannot be used for any purpose in the Request Object other than for what JWT dictates. Thus, they have been registered as OAuth authorization request parameters to avoid future OAuth extensions using them with different meanings.
This specification adds the following values to the "OAuth Parameters" registry [IANA.OAuth.Parameters] established by [RFC6749].
| Name | Parameter Usage Location | Change Controller | Specification Document(s) |
|---|---|---|---|
iss | authorization request | IETF | This document and Section 4.1.1 of [RFC7519]. |
sub | authorization request | IETF | This document and Section 4.1.2 of [RFC7519]. |
aud | authorization request | IETF | This document and Section 4.1.3 of [RFC7519]. |
exp | authorization request | IETF | This document and Section 4.1.4 of [RFC7519]. |
nbf | authorization request | IETF | This document and Section 4.1.5 of [RFC7519]. |
iat | authorization request | IETF | This document and Section 4.1.6 of [RFC7519]. |
jti | authorization request | IETF | This document and Section 4.1.7 of [RFC7519]. |