Layer7 API Management

Expand all | Collapse all

openid scope

  • 1.  openid scope

    Posted 06-29-2018 12:13 AM

    Hi There,am using the openid scope and i got the following jwt token which was decoded value pasted below.Am just wondering about the sub value which seems different because it supposed to be admin because i logged in with admin credentials.Pls advise how to decode the sub value,is there something else i got to do?

    "at_hash": "pePEiJA6EZ3nAuX-nv61bw",
    "sub": "863XMdOIZgz5vXarT9CmMDBdwUYtw4-MGxZ2EKtWuUc",
    "aud": "1cde994e-f35c-4a4f-a20f-12a1c99d8469",
    "acr": "0",
    "azp": "1cde994e-f35c-4a4f-a20f-12a1c99d8469",
    "auth_time": 1530244844,
    "iss": "",
    "exp": 1530331250,
    "iat": 1530244850,
    "nonce": "ekixqj036g4"

  • 2.  Re: openid scope

    Posted 12-18-2018 04:17 PM


    I have just added a response to this ticket thread:

    Unsupported type for the scope openid 



  • 3.  Re: openid scope

    Posted 01-01-2019 07:47 PM


    I added a comment to Unsupported type for the scope openid as well.

    In addition to my comment, the return of the /userinfo endpoint will look like,

       "region": "Space",
       "country": "NONE"}

    As mentioned, the user attributes are dummy values by default,

    but the 'sub', 'preferred_username' and 'user_role' are real,

    see the comments of /userinfo endpoint


    You can use the 'preferred_username' field.