API Token Format and Claims

The API token is a JSON Web Token (JWT). To learn more about the JWT token format, read the Introduction to JSON Web Tokens.

The CDO API token provides the following set of claims:

• id - user/device uid

• parentId - tenant uid

• ver - the version of the public key (initial version is 0, for example, cdo_jwt_sig_pub_key.0)

• subscriptions - Security Services Exchange subscriptions (optional)

• client_id - "api-client"

• jti - token id