JSON Web Token (JWT)

Glossary

Page created: 22 Sep 2020 |
Page updated: 3 Mar 2022
| 1 min read

An IETF standard container format for a JSON object used for the secure exchange of content, such as identity or entitlement information. To read the industry standard, see RFC 7519.

JSON Web Token (JWT)

JWT

Fast IDentity Online (FIDO)

Page created: 22 Sep 2020 |
Page updated: 21 Jul 2022
| 1 min read

A set of open technical specifications developed by the FIDO Alliance for strong authentication.

FIDO

fully-qualified domain name (FQDN)

Page created: 22 Sep 2020 |
Page updated: 7 Jul 2022
| 1 min read

A domain name that specifies its exact location in the DNS tree hierarchy.

fully-qualified domain name (FQDN)

FQDN

grant type

Page created: 22 Sep 2020 |
Page updated: 7 Jul 2022

The intermediate credentials that represent a resource owner authorization. Grant types are exchanged by the client with the OAuth authorization server in order to obtain an access token.

hardware security module (HSM)

Page created: 8 Nov 2022 |
Page updated: 8 Nov 2022
| 1 min read

A dedicated cryptographic processor designed to manage and protect digital keys. HSMs act as trust anchors that protect the cryptographic key lifecycle by securely managing, processing, and storing cryptographic keys inside a hardened, tamper-resistant device.

hardware security module (HSM)

HSM

HTTP cookie

Page created: 22 Sep 2020 |
Page updated: 21 Sep 2021

Information sent from a server to a web browser to identify a registered website user. Once the cookie is placed in the browser, it is sent back to the server to identify the user every time the user accesses the site.

HTTP header

Page created: 22 Sep 2020 |
Page updated: 21 Sep 2021

A section of an HTTP request or response that conveys additional information relevant to the client or server in the transaction.

HTTP request

Page created: 22 Sep 2020 |
Page updated: 21 Sep 2021

A client transaction sent over HTTP to the server specifying a request method (such as GET, POST, DELETE) to execute against a resource or resources on the server.

ID token

Page created: 22 Sep 2020 |
Page updated: 21 Sep 2021

A JSON Web Token (JWT) containing an assertion of a user's identity and profile information signed by an OAuth authorization server using JSON Web Signature (JWS) and sent to an OAuth client. The ID token can be encrypted using JSON Web Encryption (JWE). The client receives the ID token after a successful user authentication. The client can extract user information from the token for its purposes.

identity federation

Page created: 22 Sep 2020 |
Page updated: 7 Jul 2022

A trust agreement between or among organizations, implemented using accepted standards, to provide user-authentication tokens and other user or system attributes securely across domains, primarily to enable cross-domain SSO.

identity provider (IdP)

Page created: 22 Sep 2020 |
Page updated: 7 Jul 2022
| 1 min read

A service that manages identity information and provides authentication services to relying clients or service providers (SPs) within a federated or distributed network.

identity provider (IdP)

IdP

identity as a service (IDaaS)

Page created: 22 Sep 2020 |
Page updated: 7 Jul 2022
| 1 min read

Cloud-based authentication solutions for identity and access management (IAM).

identity as a service (IDaaS)

IDaaS

IdP-initiated SLO

Page created: 22 Sep 2020 |
Page updated: 21 Sep 2021

An identity federation transaction in which the single-logout (SLO) operation is initiated on the identity provider (IdP). For example, the user is signed on to the IdP and signs off, triggering an SLO operation on the IdP, which sends the SLO information to the service provider (SP).

IdP-initiated SSO

Page created: 22 Sep 2020 |
Page updated: 21 Sep 2021

An identity federation transaction in which the single sign-on (SSO) operation is initiated on the identity provider (IdP). For example, the user is signed on to the IdP and signs off, triggering an SSO operation on the IdP. The IdP sends the SSO information to the service provider (SP).

Internet Information Services (IIS)

Page created: 25 Mar 2021 |
Page updated: 21 Jul 2022
| 1 min read

Extensible web server software designed by Microsoft for use with the Windows N family.

IIS

inbound

Page created: 22 Sep 2020 |
Page updated: 7 Jul 2022

A direction of message flow coming into a service. The type of message depends service's identity access management role.

Internet Protocol (IP)

Page created: 22 Sep 2020 |
Page updated: 21 Jul 2022
| 1 min read

The method by which data is sent across the Internet from the source host to the destination host.

IP

Integrated Windows authentication (IWA)

Page created: 22 Sep 2020 |
Page updated: 21 Sep 2021
| 1 min read

Internet Information Services (IIS) authentication protocol for authenticated connections between IIS and other Microsoft services.

Integrated Windows authentication (IWA)

IWA

Java database connectivity (JDBC)

Page created: 22 Sep 2020 |
Page updated: 21 Sep 2021
| 1 min read

A Java API that allows Java programs to interact with databases.

Java database connectivity (JDBC)

JDBC

Java Development Kit (JDK)

Page created: 22 Sep 2020 |
Page updated: 21 Sep 2021
| 1 min read

A development environment for building applications and components using Java.

Java Development Kit (JDK)

JDK

Java KeyStore (JKS)

Page created: 22 Sep 2020 |
Page updated: 21 Sep 2021
| 1 min read

A repository of security certificates and corresponding private keys.

Java KeyStore (JKS)

JKS

Java Management Extensions (JMX)

Page created: 22 Sep 2020 |
Page updated: 21 Sep 2021
| 1 min read

Java technology that provides tools for managing and monitoring applications, devices, system objects, and service-oriented networks.

Java Management Extensions (JMX)

JMX

Java Runtime Environment (JRE)

Page created: 22 Sep 2020 |
Page updated: 21 Sep 2021
| 1 min read

A software layer that provides the class libraries and resources needed for a Java program to run.

Java Runtime Environment (JRE)

JRE

Java Virtual Machine (JVM)

Page created: 22 Sep 2020 |
Page updated: 21 Sep 2021
| 1 min read

A virtual machine that allows a computer to run Java programs and programs that are compiled to Java bytecode.

Java Virtual Machine (JVM)

JVM

Javascript Object Notation (JSON)

Page created: 22 Sep 2020 |
Page updated: 21 Jul 2022
| 1 min read

An open, lightweight data-interchange format that uses human-readable text to store and transmit data.

JSON

JSON Web Algorithms (JWA)

Page created: 22 Sep 2020 |
Page updated: 21 Sep 2021
| 1 min read

Registers cryptographic algorithms to be used with JSON Web Signature (JWS), JSON Web Encryption (JWE), and JSON Web Key (JWK).

JSON Web Algorithms (JWA)

JWA

JSON Web Encryption (JWE)

Page created: 22 Sep 2020 |
Page updated: 21 Sep 2021
| 1 min read

A signed and encrypted instance of a JSON Web Token (JWT) based on IETF standard syntax and used for the exchange of encrypted content.

JSON Web Encryption (JWE)

JWE

JSON Web Signature (JWS)

Page created: 22 Sep 2020 |
Page updated: 21 Sep 2021
| 1 min read

A signed instance of a JSON Web Token (JWT) based on IETF standard syntax and used for the exchange of signed content.

JSON Web Signature (JWS)

JWS