Menu
▾
▴
Re: [Unity-idm-discuss] OIDC Problem
|
From: Krzysztof B. <kb...@un...> - 2017-08-21 07:04:38
|
Hi Sander, Sorry for late answer - forgot little bit about it. W dniu 02.08.2017 o 16:22, Sander Apweiler pisze: > Hi Krzysztof, > > I got a report about using OIDC client. Unity seems to reserve a > mandatory attribute if not all requested scopes are available. Please > see the message below. In that case we did not define the scope > profile. > > WaTTS is requesting the scope 'email profile openid' (double checked in > the browser log) > > b2access displays the user that only 'email openid' was requested, > which > is wrong. > > User is returned to WaTTS without any 'scope' attribute (also double > checked with browser log), which MUST be present if it is not as > requested: Yes, that should be the case. In the next release it will be fixed, i.e. Unity will always include effective scope with access token response (any OAuth flow) when those are different then requested. Thanks for the report Krzysztof |
