[keycloak-dev] ID Token claims in Access Token and Refresh Token

Stian Thorgersen stian at redhat.com
Wed Dec 3 02:55:24 EST 2014

Previous message: [keycloak-dev] Login with Access Token
Next message: [keycloak-dev] ID Token claims in Access Token and Refresh Token
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

As AccessToken and RefreshToken extends IDToken they contain the ID Token claims. If I've read the spec correctly those claims should only be in the ID Token. There should also be a separate UserInfo endpoint which we're missing.

Is there a reason why AccessToken extends IDToken, or can we remove that?

Previous message: [keycloak-dev] Login with Access Token
Next message: [keycloak-dev] ID Token claims in Access Token and Refresh Token
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the keycloak-dev mailing list