The payload of a JSON web token contains the claims. Claims are statements about the entity being authenticated (for example, the entity may be a user). There are three types of claims:

• Registered
• Public
• Private

Registered claims are claims that have been predefined. They are not required but represent common claims that may be useful. Some examples of registered claims include:

• Issuer (iss): Issuer of the token
• Subject (sub): Subject of the token; claims are typically statements about the subject
• Audience (aud): Intended recipients of the token
• JWT ID (jti): Unique identifier for the token
• Issued at (iat): Timestamp representing when the token was issued; it can be used to determine the age of the token
• Expiration time (exp): ...