Decode Okta ID_Token

bipinsmart · April 17, 2018, 5:22am

Hi ,
When I decode id_token received from Okta , its giving me payload details in claim . but when I extract kid from claims , its giving null. please assist.

JwtVerifier jwtVerifier = new JwtHelper()
.setIssuerUrl(issuerUrl)
.setAudience(audience) // defaults to ‘api://default’
.setConnectionTimeout(1000) // defaults to 1000ms
.setReadTimeout(1000) // defaults to 1000ms
.setClientId(clientID) // optional
.build();

		    Jwt jwt = jwtVerifier.decodeIdToken(jwtString, nounce);
			
		   System.out.println("kid: " + jwt.getClaims().get("kid") );

vijet · April 17, 2018, 1:58pm

Hi Bipin,

kid is not a claim that can be extracted from the jwt payload.
It is present in the jwt header to verify its signature and if you’re using okta jwt verifier, you don’t have to worry about kid or signature validation which is handled for you.

Take a look at the following standard claims supported by OIDC - http://openid.net/specs/openid-connect-core-1_0.html#StandardClaims

bipinsmart · April 18, 2018, 8:53am

Thanks a lot @vijet for clarification.

system · January 12, 2024, 9:51pm

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.

Post		Replies	Views
Accessing Claims through Java SDK OAuth/OIDC java	5	6027	September 13, 2017
Okta OpenID Connect Authentication for Red Hat Satellite/The Foreman OAuth/OIDC	2	3000	February 12, 2024
Kid in OIDC JWT doesn't match any in jwks_uri OAuth/OIDC	6	388	November 1, 2024
OAuth2.0 Decode Access Token using Golang Questions	2	6178	January 26, 2024
OIDC Token Signature Validation Fails OAuth/OIDC	9	7780	October 11, 2017

Decode Okta ID_Token

Related topics