Skip to content

txn claim example values should be strings #273

New issue
New issue
Closed
#277
Closed
txn claim example values should be strings#273
#277
@TakahikoKawasaki

Description

@TakahikoKawasaki
TakahikoKawasaki
opened on Jun 22, 2025

The SSF specification includes txn claim example values like below. Their values are integers.

{
  "jti": "123456",
  "iss": "https://transmitter.example.com",
  "aud": ["receiver.example.com/web", "receiver.example.com/mobile"],
  "iat": 1493856000,
  "txn": 8675309,
  "sub_id": {
    "format": "opaque",
    "id": "72e6991badb44e08a69672960053b342"
  },
  "events": {
    "https://schemas.openid.net/secevent/ssf/event-type/verification": {
      "state": "VGhpcyBpcyBhbiBleGFtcGxlIHN0YXRlIHZhbHVlLgo="
    }
  }
}

However, since Section 2.2. Core SET Claims of RFC 8417: Security Event Token (SET), a family spec of SSF, explains the txn claim as "An OPTIONAL string value" as below:

"txn" (Transaction Identifier) Claim

An OPTIONAL string value that represents a unique transaction identifier. In cases in which multiple related JWTs are issued, the transaction identifier claim can be used to correlate these related JWTs. Note that this claim can be used in JWTs that are SETs and also in JWTs using non-SET profiles.

txn claim example values in the SSF specification should be changed from integers to strings.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions