From a3ce893b1083d6a4c0b2a60f48743ea13c47a93e Mon Sep 17 00:00:00 2001
From: Hwangjae Lee <meetrick@gmail.com>
Date: Tue, 27 Jan 2026 13:57:28 +0900
Subject: [PATCH] docs: fix duplicate 'iat' typo in JWT claim description

Remove duplicate 'iat:' prefix in the JWT payload description.

The list item describing JWT timestamp claims had a redundant 'iat:'
prefix before 'iat, exp:', making it grammatically incorrect.

Before: "- iat: iat, exp: Timestamps for..."
After:  "- iat, exp: Timestamps for..."

Signed-off-by: Hwangjae Lee <meetrick@gmail.com>
---
 src/ap2/types/mandate.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/ap2/types/mandate.py b/src/ap2/types/mandate.py
index c5506689..f8e12679 100644
--- a/src/ap2/types/mandate.py
+++ b/src/ap2/types/mandate.py
@@ -119,7 +119,7 @@ class CartMandate(BaseModel):
         2. Payload includes:
           - iss, sub, aud: Identifiers for the merchant (issuer)
             and the intended recipient (audience), like a payment processor.
-          - iat: iat, exp: Timestamps for the token's creation and its
+          - iat, exp: Timestamps for the token's creation and its
             short-lived expiration (e.g., 5-15 minutes) to enhance security.
           - jti: Unique identifier for the JWT to prevent replay attacks.
           - cart_hash: A secure hash of the CartMandate, ensuring