Text from the page:
the extent of which is determined and controlled by the Customer in thier sole discretion.
Categories of Data Subjects
Customer may
Text from the page:
of an ID token:
Open menu
Here’s a quick description of the fields:
iss (Issuer):
Indicates the issuer of the token, in this case, "https
Text from the page:
it’s important to balance security, user experience, and admin / implementor experience. All IAM needs to be easily intelligible to
Text from the page:
provides the expiration time.
`iat` specifies when it was created.
`iss` functions as a signature, telling us the entity that issued it
Text from the page:
policies like refresh token rotation after a certain time period.
`iss` (Issuer):
This is the signature of the issuing entity, which
Text from the page:
roadmap (stay tuned for more details in the coming weeks).
Perhaps themost interesting thing we learned is the
merging of worlds between
Text from the page:
When an API or microservice receives a JWT, it first checks the
iss
claim to ensure the token was issued by a trusted OIDC provider
Text from the page:
token expires
iat (Issued At)
: Time at which the token was issued
iss (Issuer)
: The entity that issued the token
rexp
: The access
Text from the page:
modified the registration handler, you’ll need to allow your users to to sign in with Descope with a button on the Salesforce login
Text from the page:
using Descope as a federated IdP, the users will not automatically merge together. This means that if a user logs in with Descope and
Text from the page:
expiry time can help minimize the risk, there’s still a window of time where a token is valid after the user’s session has ended. By
Text from the page:
lookup, and the blacklist needs to be maintained, cleaned up, and synched.
The performance hit can be justified for use cases where
Text from the page:
Descope authentication flow first, and when logged in, it renders a questions list. The questions list component sends a request to the