Adding a claim containing a JSON in the Groovy OIDC Claims script

Tagged: , ,

This topic has 0 replies, 1 voice, and was last updated 3 years, 6 months ago by Henri.C.Lefevre.

  • Author
    Posts
  • #24990
     Henri.C.Lefevre
    Participant

    Hello,

    I am trying to enrich my OIDC Claims Script in OpenAM 13.5 to add the act claim.
    This claim is itself a table of claims (subclaims).

    I have found an example of a script implementing the may_act claim but in this example the scope/claims logic present in the default script has been removed :

    https://forum.forgerock.com/2018/04/token-exchange-and-delegation/
    https://github.com/javedmshah/token-exchange-microservice/blob/master/OIDCClaimsSetActor.groovy

    I tried two different things which sadly are failing :
    – I tried to put a Groovy list as claim value but this fails during the scopes/claim logic
    – I tried to add the claim just before the return, this almost works : /userinfo endpoint returns the claim in the right format but JWT returned are not correctly formatted and cannot be read (Invalid Signature).

    I did not went into much details but I am mainly looking for a solution to handle claims containing subclaims starting from the defaut Groovy OIDC claims script.

    Thank you in advance for the help,

    Henri

Viewing 1 post (of 1 total)

You must be logged in to reply to this topic.

©2022 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?