DefaultClaims returns the default claims of any token.

GenerateKeyID returns the SHA256 of a public key.

NewClaims returns the default claims with the given options added.

Parse parses the given token verifying the signature with the key.

ParseInsecure parses the given token.

WithAudience returns a Options that sets the audience to use in the token claims.

WithClaim is an Options function that adds a custom claim to the JWT.

WithConfirmationFingerprint returns an Options function that sets the cnf claim with the given CSR fingerprint.

WithFingerprint returns an Options function that the cnf claims with "x5rt#S256" representing the fingerprint of the CSR.

WithIssuer returns an Options function that sets the issuer to use in the token claims.

WithJWTID returns a Options that sets the jwtID to use in the token claims.

WithKid returns a Options that sets the header kid claims.

WithNebulaCert returns a Options that sets the nebula header.

WithRootCA returns an Options function that calculates the SHA256 of the given root certificate to be used in the token claims.

WithSANS returns an Options function that sets the list of required SANs in the token claims.

WithSHA returns an Options function that sets the SHA claim to the given value.

WithSSH returns an Options function that sets the step claim with the ssh property in the value.

WithSSHPOPFile returns a Options that sets the header sshpop claims.

WithStep returns an Options function that sets the step claim in the payload.

WithSubject returns an Options that sets the subject to use in the token claims.

WithValidity validates boundary inputs and sets the 'nbf' (NotBefore) and 'exp' (expiration) options.

WithX5CCerts returns a Options that sets the header x5c claims from a cert in memory.

WithX5CFile returns a Options that sets the header x5c claims.

WithX5CInsecureCerts returns a Options that sets the header x5cAllowInvalid claims using the cert in memory.

WithX5CInsecureFile returns a Options that sets the header x5cAllowInvalid claims.

Amazon Web Services.

Microsoft Azure.

ConfirmationClaim is the property name for a JWT claim that stores a JSON object used as Proof-Of-Possession.

DefaultAudience when generating tokens.

DefaultIssuer when generating tokens.

DefaultValidity token validity duration.

Google Cloud Platform.

Smallstep JWK.

Kubernetes Service Account.

MaxValidity token validity token duration.

MaxValidityDelay allowable delay between Now and beginning of token validity period.

MinValidity token validity token duration.

Nebula, a JWT with nebula header.

OpenID Connect.

RootSHAClaim is the property name for a JWT claim that stores the SHA256 of a root certificate.

SANSClaim is the property name for a JWT claim that stores the list of required subject alternative names.

StepClaim is the property name for a JWT claim the stores the custom information in the certificate.

Token types supported.

Smallstep JWK with x5c header.

AWSAmazonPayload represents the Amazon payload for a AWS token.

AWSInstanceIdentityDocument is the JSON representation of the instance identity document.

AzurePayload contains the information in the xms_mirid claim.

Claims represents the claims that a token might have.

GCPComputeEnginePayload represents the Google ComputeEngine payload in GCP.

GCPGooglePayload represents the Google payload in GCP.

JSONWebToken represents a JSON Web Token (as specified in RFC7519).

Payload represents public claim values (as specified in RFC 7519).

Token interface which all token types should attempt to implement.

Options is a function that set claims.

Type indicates the token Type.