Layer7 API Management

Expand all | Collapse all

openid scope

  • 1.  openid scope

    Posted 06-29-2018 12:13 AM

    Hi There,am using the openid scope and i got the following jwt token which was decoded value pasted below.Am just wondering about the sub value which seems different because it supposed to be admin because i logged in with admin credentials.Pls advise how to decode the sub value,is there something else i got to do?

    {
    "at_hash": "pePEiJA6EZ3nAuX-nv61bw",
    "sub": "863XMdOIZgz5vXarT9CmMDBdwUYtw4-MGxZ2EKtWuUc",
    "aud": "1cde994e-f35c-4a4f-a20f-12a1c99d8469",
    "acr": "0",
    "azp": "1cde994e-f35c-4a4f-a20f-12a1c99d8469",
    "auth_time": 1530244844,
    "iss": "https://ssg93.mydmn.com:8443/connect",
    "exp": 1530331250,
    "iat": 1530244850,
    "nonce": "ekixqj036g4"
    }



  • 2.  Re: openid scope

    Posted 12-18-2018 04:17 PM

    Hello!

    I have just added a response to this ticket thread:

    Unsupported type for the scope openid 

    Regards,

    Sascha



  • 3.  Re: openid scope

    Posted 01-01-2019 07:47 PM

    Hello,

    I added a comment to Unsupported type for the scope openid as well.

    In addition to my comment, the return of the /userinfo endpoint will look like,

    {
    "sub":"Cxzv0mnBaOQIoh8qkC76pMxsqsjqiDXpZhP4_BbaOPk",
    "name":"Darth",
    "family_name":"Vader",
    "nickname":"Master-of-the-dark-force",
    "preferred_username":"admin",
    "email":"darth.vader@deathstar.space",
    "phone_number":"+1-555-123-1234",
    "address":{
       "region": "Space",
       "country": "NONE"}
    }

    As mentioned, the user attributes are dummy values by default,

    but the 'sub', 'preferred_username' and 'user_role' are real,

    see the comments of /userinfo endpoint

     

    You can use the 'preferred_username' field.