In an on-list discussion, I suggested using the JWT Assertion grant as a method of id token renewal:
In order to fulfil the parsing requirements of the JWT Bearer Assertion, the id_token would need a 'prn' field representing the user. Right now, this is a role being fulfilled by the 'user_id' field, and adding a 'prn' field (which I've done in my testing environment) with the same information would be needlessly redundant. However, it's the only field missing from the id_token being usable in a JWT Bearer Assertion, and it would be useful to be able to treat the id_token like a generic JWT in many circumstances.
Alternatively, this begs the question of why does the id_token need a 'user_id' field if JWT already defines something for this? I believe the answer is that the id_token definition predates JWT having the 'prn' field, but I'm not positive. I also believe that 'user_id' reads much better than 'prn' (unless you're a SAML nerd). I've never been a fan of JWT's short names, either, but that's besides the point.
Note that this is a distinct request from