iss - keycloak-user - Jboss List Archives

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

iss

Keycloak

SAML2 Identity provider Mappers

Fadi Abdin

Tuesday, 2 June 2015 Tue, 2 Jun '15

6:06 a.m.

Does anyone know how to control the "iss": value in the token ? Seems there is a problem , in the last version it was the realm name i.e "test" .. but now the full uri http:://server.8080/auth/realms/test and this is causing a problem for me

Attachments:

attachment.html (text/html — 313 bytes)

Reply

Show replies by date

Stian Thorgersen

Tuesday, 2 June Tue, 2 Jun

6:39 a.m.

----- Original Message -----

From: "Fadi Abdin" <fadiabdeen(a)gmail.com> To: "keycloak-user" <keycloak-user(a)lists.jboss.org> Sent: Tuesday, 2 June, 2015 1:06:22 PM Subject: [keycloak-user] iss Does anyone know how to control the "iss": value in the token ? Seems there is a problem , in the last version it was the realm name i.e "test" .. but now the full uri http:://server.8080/auth/realms/test and this is causing a problem for me

It should be full uri according to openid connect spec

_______________________________________________ keycloak-user mailing list keycloak-user(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/keycloak-user

Reply

Giriraj Sharma

6:46 a.m.

The "iss" field is one of the Claim used within the ID Token for all OAuth 2.0 flows used by OpenID Connect: iss : REQUIRED. Issuer Identifier for the Issuer of the response. The iss value is a case sensitive URL using the https scheme that contains scheme, host, and optionally, port number and path components and no query or fragment components. http://openid.net/specs/openid-connect-core-1_0.html#IDToken On Tue, Jun 2, 2015 at 5:09 PM, Stian Thorgersen <stian(a)redhat.com> wrote:

----- Original Message ----- > From: "Fadi Abdin" <fadiabdeen(a)gmail.com> > To: "keycloak-user" <keycloak-user(a)lists.jboss.org> > Sent: Tuesday, 2 June, 2015 1:06:22 PM > Subject: [keycloak-user] iss > > Does anyone know how to control the "iss": value in the token ? > > Seems there is a problem , in the last version it was the realm name i.e > "test" .. but now the full uri http:://server.8080/auth/realms/test and this > is causing a problem for me It should be full uri according to openid connect spec > > _______________________________________________ > keycloak-user mailing list > keycloak-user(a)lists.jboss.org > https://lists.jboss.org/mailman/listinfo/keycloak-user _______________________________________________ keycloak-user mailing list keycloak-user(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/keycloak-user

-- Giriraj Sharma about.me/girirajsharma <http://about.me/girirajsharma?promo=email_sig> Giriraj Sharma, Department of Computer Science National Institute of Technology Hamirpur Himachal Pradesh, India 177005

Reply

3480

days inactive

3480

days old

keycloak-user@lists.jboss.org

Manage subscription

2 comments

3 participants

tags (0)

participants (3)

Fadi Abdin
Giriraj Sharma
Stian Thorgersen