Shibboleth IDP for OAuth2
Florian Ritterhoff
ritterhoff.florian at hm.edu
Tue Aug 9 18:41:54 UTC 2022
Yep. Thats prop the issue. How can I configure that a resource server is
used/identified :) ?
Florian Ritterhoff
Am 09.08.2022 um 20:40 schrieb Cantor, Scott via users:
>> Is there maybe any special setting that I could check?
> I suspect you're issuing a first-party (OP only) token here. If the audience set is empty, the OP is only issuing tokens to itself, which means a) they shouldn't need be JWTs and b) they definitely don't need any custom claims.
>
> If a resource server is identified and is an acceptable token audience, then the code behaves very differently and will include other claims, allow for encryption, etc.
>
> -- Scott
>
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4816 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://shibboleth.net/pipermail/users/attachments/20220809/ed951b1a/attachment.p7s>
More information about the users
mailing list