Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions

F5 APM Oauth authorisation server openID userinfo

AlexS_yb
Cirrocumulus
Cirrocumulus

‎01-Jun-2022 23:54

Hi

Wondering how I add a AZP field to a userinfo request.

I have audiences added and seems like the developer lib they are using need a AZP if there are multiple entires in a audience field on a userinfo request !

I would rather send JWK than json's

 

Labels:
0 Kudos
1 REPLY 1

AlexS_yb
Cirrocumulus
Cirrocumulus
In response to Mollie255

‎02-Jun-2022 01:54

This is what we have been working off

https://openid.net/specs/openid-connect-core-1_0.html#IDTokenValidation 

 

point #4

If the ID Token contains multiple audiences, the Client SHOULD verify that an azp Claim is present.

F5 APM is sending userinfo JSON/JWT with aud with multiple values - but no AZP 

 

0 Kudos
Copyright © 2023 Khoros, LLC