Reserved claims

Reserved claims are the ones defined by the JWT standard. They are as follows:

• iat: Issued at the time
• iss: Issuer name
• sub: Subject text
• aud: Audience name
• exp: Expiration time

For example, the server, while generating a token, can set an exp claim in the payload. The client then uses that token to access API resources. The server validates the token each time. When the expiration time is passed, the server will no longer validate the token. The client needs to generate a new token by logging in again.