[OPENAM-14770] OAuth2 token tracking IDs not logged when calling /introspect endpoint Created: 12/Apr/19 Updated: 24/Apr/19
|Component/s:||audit logging, oauth2|
|Remaining Estimate:||Not Specified|
|Time Spent:||Not Specified|
|Original Estimate:||Not Specified|
Calls to the OAuth2 /introspect endpoint generate an access audit event but the audit tracking ID of the access token or refresh token presented is not included in this audit event.
Due to this, we cannot correlate the audit event for the call to the /introspect with other audit events relating to the presented token.
|Comment by Craig McDonnell [ 17/Apr/19 ]|
No. Ivaylo Bahtchevanov [X] is keen to make use of these tracking IDs for the data science work but this issue won't block the SaaS beta. That said, I think it should be easy to resolve