ID token Size in OIDC implementation
search cancel

ID token Size in OIDC implementation

book

Article ID: 219940

calendar_today

Updated On:

Products

SITEMINDER

Issue/Introduction

 

Is there is any OIDC token size limitations on policy server end beyond which the data can not be passed in claims in id_token , if the  attribute can contain 50-100 entries.

 

Environment

Release : 12.8

Component : SITEMINDER -POLICY SERVER

Resolution

As per the JWT documentation RFC there is not upper limit for the token size but with respect to HTTP  Header cannot cross more then 8 KB in size as per the type of the webserver, like each webserver can handle the different header size limits.

Please refer the below RFC for more infromation.

https://www.rfc-editor.org/rfc/rfc7519.txt