Closed iperdomo closed 5 years ago
A JWT in OpenID Connect can have other claims that are time related, we need to validate them if present.
exp
nbf
iat
A JWT in OpenID Connect can have other claims that are time related, we need to validate them if present.
exp
(expiration time): The current time MUST be before the time represented by the exp Claim.nbf
(not before) - start of the validity periodiat
(issued at) - The iat Claim can be used to reject tokens that were issued too far away from the current time