Skip to content
Advertisement

In a Python Flask JWT, what is `sub`?

Here is an example JWT generated using the Flask-JWT-Extended library in Python 3:

{
    exp: 1628670229,
    fresh: false,
    iat: 1628666629,
    jti: "4ded281c-90a1-4a46-9360-2cbb7ac47926",
    nbf: 1628666629,
    sub: "17884f96-d4d5-43bd-9add-734340b761ac",
}

I can find documentation on all of these key/value pairs, except for sub. What is it?

Advertisement

Answer

According to the JWT spec, sub is a Subject claim:

The “sub” (subject) claim identifies the principal that is the subject of the JWT. The claims in a JWT are normally statements about the subject. The subject value MUST either be scoped to be locally unique in the context of the issuer or be globally unique. The processing of this claim is generally application specific. The “sub” value is a case-sensitive string containing a StringOrURI value. Use of this claim is OPTIONAL.

Flask-JWT-Extended’s documentation says it’s the default key used to store the identity (user ID).

JWT_IDENTITY_CLAIM
The claim in a JWT that is used as the source of identity. Default: "sub"

User contributions licensed under: CC BY-SA
8 People found this is helpful
Advertisement