This document specifies conventions for creating JSON Web Token (JWT) documents that support selective disclosure of claim values.
Written in markdown for the mmark processor.
This is a GitHub repository for a draft specification in the IETF OAuth WG. For the latest published version of this IETF draft, please see https://datatracker.ietf.org/doc/html/draft-fett-selective-disclosure-jwt
For the current version in this repository, see main.md.
All examples in the document are created from actual running code. To run this code, install sd_jwt:
pip3 install .
You can read the inline documentation:
sd_jwt -h
You can then run the code (from the root of this repository):
sd_jwt sd_jwt/examples/simple.yml
sd_jwt sd_jwt/examples/simple_structured.yml
sd_jwt sd_jwt/examples/complex.yml
You can create your custom setting file creating a folder with a copy of
sd_jwt/demo_settings.py renamed to settings.py
and a __init__.py in it. Then run sd_jwt specifying the custom settings path:
sd_jwt sd_jwt/examples/simple.yml --settings-path ./custom_settings/
To update the examples in main.md, use the provided script:
./update-all-examples.sh
It calls the demos with the switch --replace-examples-in to replace the example code in
main.md and --no-randomness to ensure that the examples are always
generated in the same way (this minimizes the changes that need to be tracked).
The code creates a backup before modifying main.md in main.bak.
From the root of this repository, run
docker run -v `pwd`:/data danielfett/markdown2rfc main.md(see https://github.com/oauthstuff/markdown2rfc)
compile using mmark and xml2rfc: mmark main.md > draft.xml; xml2rfc --html draft.xml
- Python: Reference/Demo Implementation
- Kotlin: SD-JWT-Kotlin
- Rust: sd_jwt
- TypeScript: sd-jwt