Jan Kasik created WFWIP-293:
-------------------------------
Summary: Current implementation of MP-JWT doesn't require claims which
should be required
Key: WFWIP-293
URL:
https://issues.redhat.com/browse/WFWIP-293
Project: WildFly WIP
Issue Type: Bug
Components: MP JWT
Reporter: Jan Kasik
Assignee: Darran Lofthouse
Chapter 4.1 of MP-JWT 1.1 recommends minimal set of JWT claims which should be required.
Current implementation doesn't check for following claims and returns 200/OK if they
are missing:
* {{upn}}
* {{jti}}
* {{groups}}
* {{iat}}
* {{sub}}
--
This message was sent by Atlassian Jira
(v7.13.8#713008)