cancel
Showing results for 
Search instead for 
Did you mean: 

APM OAUTH2 JWT Token claims not included

Marvin
Cirrostratus
Cirrostratus

Hi All,

 

I have a F5 as oauth authorization server with logon page and with AD query and we recieve the user information from AD which are then stored in oauth claims variables. Inside the oauth profile and client applicaiton we have defined the claims (user information) to be used. The purpose it to receive the JWT with claim information included.

 

With that we test and receive the authorization code and afterwards use this authorization code to retrieve the JWT from the F5 oauth authorization server. The problem is that the F5 does not reply with the claims information inside the JWT. Only the access token and refresh token are present.

 

So first request we do is authorization code retrieval

 

https://myoauthserver/f5-oauth2/v1/authorize?response_type=code&state=&client_id=0b51e9d9af7a6340929...

 

>> result is that we receive the authorization code

 

With this in Postman we send the following as a POST with form data (including the authorization code) but we dont receive claim information inside the JWT. The logs of the APM session indicate the oauth claim information has been collected but none of that is included inside the JWT response payload. There are no error messages inside the APM logs.

 

 How do we make sure that claim information is included in the JWT response payload?

 

Version is 13.1

 

 

0691T000008cm8kQAA.jpg

0 REPLIES 0