Ch 11-(2020-03-23) JWT expiration set from 4 hrs to 2 hrs.
Changes made on 2020-03-23 are delineated below.
Additions are underlined in Green. Deletions are underlined in Red. Modifications are underlined in Blue.
Change occurred on https://cardinaldocs.atlassian.net/wiki/spaces/CC/pages/196850 & https://cardinaldocs.atlassian.net/wiki/spaces/CC/pages/131806#GettingStarted-Step1:JWTCreation.
Optional Claims
The following claims are available for use but are not currently required for a valid JWT:
Claim Names | Description |
|---|---|
ReferenceId | This is a merchant supplied identifier that can be used to match up data collected from Cardinal Cruise and Centinel. Centinel can then use data collected to enable rules or enhance the authentication request. |
ObjectifyPayload | A boolean flag that indicates how Centinel Api should consume the Payload claim. When set to true, this tells Centinel Api the Payload claim is an object. When set to false, the Payload claim is a stringified object. Some Jwt libraries do not support passing objects as claims, this allows those who only allow strings to use their libraries without customization |
exp | Expiration - The numeric epoch time that the JWT should be consider expired. This value is ignored if its larger than 2 hrs. By default we will not consider any JWT older than 2 hrs. |