How to set jti claim in JWT token generated by Spring authorization server?

Question

I am trying to integrate Spring Authorization server and was trying to generate the JWT token using client_credentials grant type. But while token introspection, I can observe that the token has following claims information:

{ "sub": "testClientAK2", "aud": "testClientAK2", "nbf": 1694598773, "scope": [ "System", "SelfManage" ], "iss": "http://localhost:9000", "exp": 1694599773, "iat": 1694598773 } and there is no jti set in the claims.

On debugging, I could observe that the method public Jwt generate(OAuth2TokenContext context) in JwtGenerator does not set the claim jti.

Is there any way to set the same in the token? Also, what is the difference between JwtGenerator and OAuth2AccessTokenGenerator in spring authorization server?

Thanks in advance

Answer 1

You can customize claims of the JWT according to example in the reference docs. Note that if you're only customizing claims, you only need to publish a OAuth2TokenCustomizer<JwtEncodingContext> @Bean (no need to publish a OAuth2TokenGenerator as well).

You can read about OAuth2TokenGenerator in the reference docs as well, which states:

The provided implementations are OAuth2AccessTokenGenerator, OAuth2RefreshTokenGenerator, and JwtGenerator. The OAuth2AccessTokenGenerator generates an "opaque" (OAuth2TokenFormat.REFERENCE) access token, and the JwtGenerator generates a Jwt (OAuth2TokenFormat.SELF_CONTAINED).