Documentation

JwtClaims

mcp auth jwt

A general-purpose set of JWT claims for an ES256 access token, as a typed alternative to hand-concatenating JSON. Unlike makeClientAssertion (which is fixed to RFC 7523 client-assertion shape with iss==sub==clientId), this lets the issuer, subject, audience and scope vary independently. String claims are populated into the payload via Json, so they are escaped rather than interpolated. Empty iss/aud/sub/scope/kid are omitted; the time claims (iat/nbf/exp) are emitted only when non-zero.

@safe
struct JwtClaims {
string iss;
string aud;
string sub;
string scope_;
long iat;
long nbf;
long exp;
string kid;
}

Members

Variables

aud
string aud;

aud — intended audience / resource (omitted if empty).

exp
long exp;

exp — expiry (seconds since epoch; omitted if 0).

iat
long iat;

iat — issued-at (seconds since epoch; omitted if 0).

iss
string iss;

iss — token issuer (omitted if empty).

kid
string kid;

JWS kid header parameter (omitted if empty).

nbf
long nbf;

nbf — not-before (seconds since epoch; omitted if 0).

scope_
string scope_;

scope — space-delimited granted scopes (omitted if empty).

sub
string sub;

sub — subject the token represents (omitted if empty).

mcp auth jwt functionsmanifest constantsstructs
Page generated by adrdox