Data Elements in the Response To the Access Token (OPENID)

Article Id: 102778

Status: Published

Updated On: 20-06-2018 05:45

Products:

CA Single Sign On Secure Proxy Server (SiteMinder) , AXIOMATICS POLICY SERVER , CA Single Sign On SOA Security Manager (SiteMinder) , CA Single Sign-On , CA Single Sign-On

Issue/Introduction:

Question --> Is it possible to to pass data elements in the response to the Access Token request as such ?
{
"access_token": "i8hweunweunweofiwweoijewiwe",
"token_type": "bearer",
"expires_in": 3600,
"scope": "patient/Observation.read patient/Patient.read",
"state": "98wrghuwuogerg97",
"intent": "client-ui-name",
"patient": "123",
"encounter": "456"
}

Environment:

Release:
Component: SMAPC

Resolution:

As of CA SSO 12.8 release, the customization of claims in ID Token is not possible.
SSO 12.8 has implicit flow support which generate id token as part of Authorization code flow. You can always choose user info as part of id token, you will be able to get the user info in id token as part of implicit flow.