Hi All, I think we need to add them in introspection result, since they were anyway present in AuthenticationResponse inside JWT.
@Gayan, How about the acr, amr ? Cheers, Ruwan On Mon, Aug 21, 2017 at 11:08 AM, Gayan Gunawardana <ga...@wso2.com> wrote: > Hi Indunil, > > Form token introspection response I can get below attributes. > > {"scope":"openid","active":true,"token_type":"Bearer"," > exp":1503061170,"iat":1503057570,"client_id":" > oRbEK6KkycbSLGxt3JHciaitPzoa","username":"admin@carbon.super"} > > But some of optional attributes are not included in introspection response > > sub > OPTIONAL. Subject of the token, as defined in JWT [RFC7519 > <https://tools.ietf.org/html/rfc7519>]. > Usually a machine-readable identifier of the resource owner who > authorized this token. > > aud > OPTIONAL. Service-specific string identifier or list of string > identifiers representing the intended audience for this token, as > defined in JWT [RFC7519 <https://tools.ietf.org/html/rfc7519>]. > > iss > OPTIONAL. String representing the issuer of this token, as > defined in JWT [RFC7519 <https://tools.ietf.org/html/rfc7519>]. > > Do we have any limitation to support above attributes ? > > > [1] https://tools.ietf.org/html/rfc7662 > > Thanks, > Gayan > -- > Gayan Gunawardana > Senior Software Engineer; WSO2 Inc.; http://wso2.com/ > Email: ga...@wso2.com > Mobile: +94 (71) 8020933 >
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev