misleading information on jwt fields · dwyl/learn-json-web-tokens#94

(1 comment) (3 reactions) (0 assignees)JavaScript (4,175 stars) (267 forks)batch import

enhancementhelp wanted

Description

sub: subject of the token (rarely used)

Sub should be your userID, and you should use it as such.

those fields are used in openId and it is a good idea to at least mention it and update at least the mandatory fields.

sub REQUIRED. Subject Identifier. A locally unique and never reassigned identifier within the Issuer for the End-User, which is intended to be consumed by the Client, e.g., 24400320 or AItOawmwtWwcT0k51BayewNvutrJUqsvl6qs7A4. It MUST NOT exceed 255 ASCII characters in length. The sub value is a case sensitive string.

your users will change names and such, but the ID will stay constant. This is a very very very important field.

Contributor guide

Tech stack: javascript
Domain: documentation
Issue type: documentation
Difficulty: 2
Estimated time: under 1 hour
Activity status: fresh
Clarity: clear
Prerequisites: basic understanding of JWT
Newbie friendliness: 90
Research direction: Locate the file containing the misleading 'sub: subject of the token (rarely used)' line (likely in a documentation file such as README.md). Replace it with an accurate description based on the OpenID Connect specification, emphasizing that 'sub' is a REQUIRED field representing a unique identifier for the user. Ensure the update includes the full spec quote provided in the issue. No code changes are needed; this is a pure documentation fix.