ID Token Structure

follow the JSON Web Token (JWT) standard, which means that their basic structure conforms to the typical JWT Structure, and they contain standard JWT Claims asserted about the token itself. Beyond what is required for , ID tokens also contain claims asserted about the authenticated user, which are pre-defined by the Connect (OIDC) protocol, and are thus known as standard OIDC claims. Some standard OIDC claims include:

name
nickname
picture
email
email_verified

For a full list of standard OIDC claims, see OIDC specification: Standard Claims. You can also create custom claims, which are claims that you define, control, and add to a token using Auth0 Actions. You control which OIDC claims are included in the ID token consumed by your application by including specific OpenID Connect Scopes in a parameter when you request tokens while authenticating users. To learn how to request an ID token, see Get ID Tokens.

Sample ID Token

This example shows the contents of an ID token. Notice that the value (located in the aud claim) is set to the application’s identifier, which means that only this specific application should consume the token. To learn more about the claims in this example, read JSON Web Token Claims.

{
  "iss": "http://my-domain.auth0.com",
  "sub": "auth0|123456",
  "aud": "my_client_id",
  "exp": 1311281970,
  "iat": 1311280970,
  "name": "Jane Doe",
  "given_name": "Jane",
  "family_name": "Doe",
  "gender": "female",
  "birthdate": "0000-10-31",
  "email": "janedoe@example.com",
  "picture": "http://example.com/janedoe/me.jpg"
}

Protect Your Application

Call APIs On User's Behalf

Protect Your Tenant

Compliance

Sample ID Token

Learn more

Protect Your Application

Call APIs On User's Behalf

Protect Your Tenant

Compliance

Documentation Index

​Sample ID Token

​Learn more

Sample ID Token

Learn more