API Token Format and Claims

The API token is a JSON Web Token (JWT). To learn more about the JWT token format, read the Introduction to JSON Web Tokens.

The Security Cloud Control API token provides the following set of claims:

• id - user/device uid

• parentId - tenant uid

• ver - the version of the public key (initial version is 0, for example, cdo_jwt_sig_pub_key.0)

• subscriptions - Security Services Exchange subscriptions (optional)

• client_id - "api-client"

• jti - token id