Struct AuthClaims 

pub struct AuthClaims {

    pub issuer: Option<String>,
    pub subject: Option<String>,
    pub audience: Option<Audience>,
    pub expiration: Option<i64>,
    pub not_before: Option<i64>,
    pub issued_at: Option<i64>,
    pub jwt_id: Option<String>,
    pub scope: Option<String>,
    pub client_id: Option<String>,
    pub confirmation: Option<Value>,
    pub auth_time: Option<i64>,
    pub authorized_party: Option<String>,
    pub actor: Option<Value>,
    pub session_id: Option<String>,
    pub name: Option<String>,
    pub given_name: Option<String>,
    pub family_name: Option<String>,
    pub middle_name: Option<String>,
    pub nickname: Option<String>,
    pub preferred_username: Option<String>,
    pub profile: Option<String>,
    pub picture: Option<String>,
    pub website: Option<String>,
    pub email: Option<String>,
    pub email_verified: Option<bool>,
    pub gender: Option<String>,
    pub birthdate: Option<String>,
    pub zoneinfo: Option<String>,
    pub locale: Option<String>,
    pub phone_number: Option<String>,
    pub phone_number_verified: Option<bool>,
    pub address: Option<Address>,
    pub updated_at: Option<i64>,
    pub object_id: Option<String>,
    pub tenant_id: Option<String>,
    pub user_principal_name: Option<String>,
    pub roles: Option<Vec<String>>,
    pub groups: Option<Vec<String>>,
    pub application_id: Option<String>,
    pub unique_name: Option<String>,
    pub version: Option<String>,
}

Represents a combined set of JWT, OAuth 2.0, OIDC, and provider-specific claims.

Fields

issuer: Option<String>

Issuer - Identifies the authorization server that issued the token (JWT: iss).

subject: Option<String>

Subject - Unique identifier for the user or client (JWT: sub).

audience: Option<Audience>

Audience - Identifies the intended recipients, can be a string or array (JWT: aud).

expiration: Option<i64>

Expiration Time - Unix timestamp when the token expires (JWT: exp).

not_before: Option<i64>

Not Before - Unix timestamp when the token becomes valid (JWT: nbf).

issued_at: Option<i64>

Issued At - Unix timestamp when the token was issued (JWT: iat).

jwt_id: Option<String>

JWT ID - Unique identifier for the token to prevent reuse (JWT: jti).

scope: Option<String>

Scope - Space-separated list of scopes authorized for the token.

client_id: Option<String>

Client ID - ID of the OAuth client that obtained the token.

confirmation: Option<Value>

Confirmation - Provides key binding info (e.g., cnf.jkt for PoP tokens).

auth_time: Option<i64>

Authentication Time - Unix timestamp when the user was authenticated.

authorized_party: Option<String>

Authorized Party - The party to which the token was issued.

actor: Option<Value>

Actor - Used for delegated authorization (on behalf of another party).

session_id: Option<String>

Session ID - Links the token to a specific user session (for logout, etc.).

name: Option<String>

User’s full name.

given_name: Option<String>

User’s first name.

family_name: Option<String>

User’s last name.

middle_name: Option<String>

User’s middle name.

nickname: Option<String>

Casual name of the user.

preferred_username: Option<String>

Preferred username (often login name).

profile: Option<String>

URL of the user’s profile page.

picture: Option<String>

URL of the user’s profile picture.

website: Option<String>

URL of the user’s website.

email: Option<String>

User’s email address.

email_verified: Option<bool>

Whether the email has been verified.

gender: Option<String>

User’s gender.

birthdate: Option<String>

User’s date of birth (e.g., “YYYY-MM-DD”).

zoneinfo: Option<String>

User’s time zone (e.g., “America/New_York”).

locale: Option<String>

User’s locale (e.g., “en-US”).

phone_number: Option<String>

User’s phone number.

phone_number_verified: Option<bool>

Whether the phone number has been verified.

address: Option<Address>

User’s structured address.

updated_at: Option<i64>

Last time the user’s information was updated (Unix timestamp).

object_id: Option<String>

Object ID of the user or service principal (Entra ID).

tenant_id: Option<String>

Tenant ID (directory ID) (Entra ID).

user_principal_name: Option<String>

User Principal Name (login, e.g., user@domain) (Entra ID).

roles: Option<Vec<String>>

Assigned roles (Entra ID).

groups: Option<Vec<String>>

Azure AD groups (GUIDs) (Entra ID).

application_id: Option<String>

Application ID (same as client_id) (Entra ID).

unique_name: Option<String>

Unique name (e.g., user@domain) (Entra ID).

version: Option<String>

Token version (e.g., “1.0” or “2.0”) (Entra ID).

Trait Implementations

impl Clone for AuthClaims

fn clone(&self) -> AuthClaims

Returns a duplicate of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Debug for AuthClaims

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl<'de> Deserialize<'de> for AuthClaims

fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error>

where __D: Deserializer<'de>,

Deserialize this value from the given Serde deserializer.

impl Serialize for AuthClaims

fn serialize<__S>(&self, __serializer: __S) -> Result<__S::Ok, __S::Error>

where __S: Serializer,

Serialize this value into the given Serde serializer.