04-Mar-2021
11:44
- last edited on
04-Jun-2023
21:01
by
JimmyPackets
Hello everyone,
I'm new with F5 products.
For a client I have to implement an OpenID Connect system, at the end of the authentication the user is redirect to an app with the id_token :
https://ip_adresse_of_server/openid-connect?token=*************
Inside the access profile, I changed the endings with Redirect and put this URL :
https://ip_address_of_server/openid-connect/?token=%{session.oauth.client.last.id_token}
But when the application get the token it looks like the token is encoded, the id_token begin with $CK$$ and ends with == ; On the server-side (the app (not managed by me)) the error is :
{"errorCode":-1,"errorMessage":"Invalid Compact JWS"}
What is weird is that inside the logs of F5 I can see the id_token and use it with jwt.io to decode it, and verify the signature (with the cert).
Thank you in advance !