openid / HEART / issues / #3 - "sub" in JWT — Bitbucket

Issue #3 resolved

Justin Richer created an issue 2016-03-11

Do we want to require sub in all JWTs? This could be privacy-leaking since it references a person not a software component.

Either make it optional or remove reference entirely.

Either way, the example doesn't include it.

Comments (1)

Justin Richer reporter
- changed status to resolved
- 2016-05-01T05:09:13+00:00
Log in to comment

Assignee: –

Type: bug

Priority: major

Status: resolved

Component: –

Votes: 0

Watchers: 1

Jira: the preferred issue tracker for Bitbucket. Join the team!