I have a F5 as oauth authorization server with logon page and with AD query and we recieve the user information from AD which are then stored in oauth claims variables. Inside the oauth profile and client applicaiton we have defined the claims (user information) to be used. The purpose it to receive the JWT with claim information included.
With that we test and receive the authorization code and afterwards use this authorization code to retrieve the JWT from the F5 oauth authorization server. The problem is that the F5 does not reply with the claims information inside the JWT. Only the access token and refresh token are present.
So first request we do is authorization code retrieval
>> result is that we receive the authorization code
With this in Postman we send the following as a POST with form data (including the authorization code) but we dont receive claim information inside the JWT. The logs of the APM session indicate the oauth claim information has been collected but none of that is included inside the JWT response payload. There are no error messages inside the APM logs.
How do we make sure that claim information is included in the JWT response payload?