Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-13195

OIDC - AM specific claims are not configurable

    Details

    • Type: Improvement
    • Status: Open
    • Priority: Minor
    • Resolution: Unresolved
    • Affects Version/s: 13.0.0, 14.0.0, 14.5.1, 6.0.0
    • Fix Version/s: None
    • Component/s: OpenID Connect
    • Labels:
    • Support Ticket IDs:

      Description

       

      We are currently returning a few AM specific claims in the decoded ID token payload, to mention a few:

      • tokenName
      • tokenType
      • realm
      • auditTrackingID
      • auth_time
      • azp (this is not AM-specifc but Optional based on the spec)

       They are not related to some kind of scope hence there is no way to edit/remove any of them at the moment. You have the option to add news ones though.

      In case the above claims are not necessary, we would want to give the option these claims to be removed from the ID token.

      This RFE is specific to OpenID Connect, there are similar RFEs for (stateless) OAuth2 token:

      https://bugster.forgerock.org/jira/browse/OPENAM-11445
      https://bugster.forgerock.org/jira/browse/OPENAM-8440

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              anastasios.kampas Tasos Kampas
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated: