@IS team: Do we support these in our current implementation? Thanks, Bhathiya
On Sat, May 13, 2017 at 11:34 AM, Bhathiya Jayasekara <[email protected]> wrote: > Hi Tharindu, > > In OIDC there are other standard scopes[1] in addition to 'openid'. These > scopes are there to request specific user claims. I think we can use them > here. So when generating tokens, these scopes should be used as per the > requirement. > > [1] http://openid.net/specs/openid-connect-core-1_0.html#ScopeClaims > > Thanks, > Bhathiya > > On Sat, May 13, 2017 at 12:18 AM, Tharindu Dharmarathna < > [email protected]> wrote: > >> Hi All, >> >> We had a use case on APIM to send the user claims in the JWT Header to >> the backend server. >> >> Currently APIM C4 architecture was Getting the user claims and generate >> JWT from Key manager node. >> >> As in C5 architecture, we have to get the user claims from the IS or the >> third party key manager. >> >> I had observed below two ways of getting user claims into the Gateway >> from IS. >> >> 1. Generate token with OpenID scope. >> 2. Call userinfo endpoint with above generated token >> 3. Call OAuth2TokenValidation Service and get the token. >> >> When considering [2] in order to receive user info we have to set the >> requested claims in service provider according to the App. >> >> And from Current C4 architecture, we don't mandate to send openid token >> as a scope. >> >> Is there any other alternative ways to achieve above task. >> >> Thanks >> >> *Tharindu Dharmarathna*Senior Software Engineer >> WSO2 Inc.; http://wso2.com >> lean.enterprise.middleware >> >> mobile: *+94779109091 <077%20910%209091>* >> > > > > -- > *Bhathiya Jayasekara* > *Associate Technical Lead,* > *WSO2 inc., http://wso2.com <http://wso2.com>* > > *Phone: +94715478185 <071%20547%208185>* > *LinkedIn: http://www.linkedin.com/in/bhathiyaj > <http://www.linkedin.com/in/bhathiyaj>* > *Twitter: https://twitter.com/bhathiyax <https://twitter.com/bhathiyax>* > *Blog: http://movingaheadblog.blogspot.com > <http://movingaheadblog.blogspot.com/>* > -- *Bhathiya Jayasekara* *Associate Technical Lead,* *WSO2 inc., http://wso2.com <http://wso2.com>* *Phone: +94715478185* *LinkedIn: http://www.linkedin.com/in/bhathiyaj <http://www.linkedin.com/in/bhathiyaj>* *Twitter: https://twitter.com/bhathiyax <https://twitter.com/bhathiyax>* *Blog: http://movingaheadblog.blogspot.com <http://movingaheadblog.blogspot.com/>*
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
