Layer7 OAuth Toolkit: preferred_username not set in JWT access token
Article ID: 196181
Updated On:
Products
CA API Gateway
API SECURITY
STARTER PACK-7
CA Microgateway
Issue/Introduction
When generating an access token as a JWT, the preferred_username claim is missing or blank,
Environment
Release : 9.4
Component : API GATEWAY
Cause
This occurs because the preferred_username claim is only set when a scope of openid is requested.
Resolution
To return the username you will need to ensure that the client is registered with and requests the scope of openid.
Optionally, the scope check can be removed or customized to another scope value defined in your organization.
Feedback
Yes
No
Powered by
