2.2.3.1 ID Token
The ID Token is a JSON Web Token (JWT) that contains claims about the authentication of an end user as described in [OIDCCore] section 2.
The OpenID Connect 1.0 Protocol Extensions extend ID Token by adding a number of claims. See [OIDCCore] section 2 for definitions of the standard claims. The extended claims are defined as follows.
upn: OPTIONAL. The user principal name (UPN) of the end user represented in this ID Token.
unique_name: REQUIRED. A locally unique identifier within the Issuer for the end user. This is like the sub claim ([OIDCCore] section 2), but the value provided is always consistent across all clients, like a public subject identifier ([OIDCCore] section 8).
pwd_exp: OPTIONAL. An integer that expresses the number of seconds until the expiration of the end user's password or a similar authentication secret, such as a PIN.
pwd_url: OPTIONAL. The URL at which the end user can change their password or similar authentication secret.