Support JSON object values in individual claim request on Authorization request
In some scenarios we would like to send complex objects as expected values for individual claim requests (https://openid.net/specs/openid-connect-core-1_0.html#IndividualClaimsRequests). For example :
{
“id_token”: {
“transaction”:{
“essential”:false,
“values”:[
{
“display_data”:{
...
},
“additional_data”:{
...
}
}
]
}
}
}
OR
{
“id_token”: {
“transaction”:{
“essential”:false,
“value”: {
“display_data”:{
...
},
“additional_data”:{
...
}
}
}
}
}
Today, ClaimSetRequest.Entry expects the value to be a string (or array of strings).
Comments (9)
-
-
- changed status to open
-
Hi,
Looking at the example JSON, the value is a JSON array at the top-level. Is that intentional?
-
Account Deactivated Hey Yavor,
per OIDC specification, as JSON array is a valid json it should work, but a plain JSON object should work as well.
this should also work under thevalues
key, with an array of JSONs -
reporter - edited description
Updated description to reflect both options (value and values)
-
Thanks for getting back. We needed to collect this info to scope the necessary API changes and the work effort. Values beyond the basic strings haven’t occurred yet.
I’ll let you know if more questions come up.
-
Commit 4aaf897c:
Adds ClaimsSetRequest support for values of type Number, JSONObject and untyped. Deprecates ClaimsSetRequest.Entry.getValue (iss #333)
-
Commit 0a7a9e46:
Adds ClaimsSetRequest support for value lists of type JSONObject and untyped. Deprecates ClaimsSetRequest.Entry.getValues in favour of a new getValuesAsStringList (iss #333)
-
- changed status to resolved
Releasing as version 8.32 (2021-01-09).
Happy coding!
- Log in to comment