Validating xml with xsd in net
In this sense, the “bearer” is any party that can present the token.
Though authentication with Azure AD is required in order to receive a bearer token, steps must be taken to secure the token, to prevent interception by an unintended party.
A value of "0" indicates the end-user authentication did not meet the requirements of ISO/IEC 29115.
Example JWT Value: Provides object IDs that represent the subject's group memberships.
For more security considerations on bearer tokens, see RFC 6750 Section 5.
Many of the tokens issued by Azure AD are implemented as JSON Web Tokens, or JWTs.
Identifies the application that is using the token to access a resource.
The information contained in JWTs are known as "claims", or assertions of information about the bearer and subject of the token.
The claims in JWTs are JSON objects encoded and serialized for transmission.
Since the JWTs issued by Azure AD are signed, but not encrypted, you can easily inspect the contents of a JWT for debugging purposes.
Id_tokens are a form of sign-in security token that your app receives when performing authentication using Open ID Connect.
They are represented as JWTs, and contain claims that you can use for signing the user into your app.