How to call /oauth2/userinfo , /oauth2/connect/checkSession , endSession

This topic has 4 replies, 4 voices, and was last updated 4 years, 7 months ago by sahoob.

  • Author
    Posts
  • #20727
     sahoob
    Participant

    HI,

    Can anyone help how to call these rest apis, on openam document only the endpoint mention. But there is nothing specified how to use them and what are the parameter it accept.

    /oauth2/userinfo
    /oauth2/connect/checkSession , endSession

    I got the Id_token and able to validate using idtokeninfo, but unable to find the option to get the userinfo from Id_token. Is there anyway we can able to find the access_token and refresh_token from Id_token

    if anyone point to any document or example it will be very helpful.

    Regards,
    Biswajit Sahoo

    #20881
     Scott Heger
    Participant

    OpenAM adheres to the specifications for OAuth/OpenID Connect and therefore you would need to consult the specification documentation of those to get the details on calling those endpoints.

    #20887
     ashok9k
    Participant

    Thanks for your reply. I’m working on the below use case where we are stuck.

    Use Case follows below
    Scenario : User authentication –> Select profile –> Include the selected profile in OIDC Token –> Present to Target System
    We have constructed the user authentication module in OpenAM, however we hanven’t connected to any backend system for profile reference.
    From the documentation I understand that for OIDC token, claims can be referenced to datastore defined in the OpenAM but in this case, we have to connect to legacy system to get the profile and include in OIDC token. Do you have any suggestions or solution for this?

    Thanks
    Ashok

    #20889
     grk
    Participant

    Try below for userinfor. You need to pass access_token as Authorization header to get userInfo.
    curl -X POST -H “Authorization: Bearer a126bbee-cc13-4c3e-a5fc-2eed641865bc” -d ” -k -v https://openam.example.com:8443/openam/oauth2/userinfo

    checkSession:
    checkSession was removed from latest versions. See below for workaround.
    https://bugster.forgerock.org/jira/browse/OPENAM-7094
    https://bugster.forgerock.org/jira/browse/OPENAM-11099

    curl -X GET https://openam.example.com:8443/openam/oauth2/connect/checkSession?id_token=id token

    endSessionL
    GET /openam/oauth2/connect/endSession?id_token_hint=id_token

    #21142
     sahoob
    Participant

    Thanks for the details

Viewing 5 posts - 1 through 5 (of 5 total)

You must be logged in to reply to this topic.

©2022 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?