[Unity-idm-discuss] Possible Bug Report

[Laura H. <l....@fz...>]

Hi Krzysztof, Hi Roman,
we may have found a bug, but we are not quite sure. We have two oAuth clients, one of which has been changed to client_credentials (sys:oauth:allowedGrantFlows = client).
However, the iss field is now missing from the tokens. Is this the expected behaviour?
Here is the token that comes back with the normal client:
{
   ‘sub": “3cac4792-0611-4f82-85b3-e1a61c8afea4”,
   ‘aud": “rucio-punch-frontend”,
   ‘scope": “eduperson_entitlement profile openid”,
   ‘iss": “https://login.helmholtz.de/oauth2”,
   ‘exp": 1732637686,
   ‘iat": 1732633686,
   ‘jti": “4e42bf02-b4f7-4da3-a062-92eda5bcc7f9”,
   ‘client_id": ’rucio-punch-frontend’
}
And here is the token with client_credentials:
{
   ‘sub": “rucio-punch”,
   ‘exp": 1732637649,
   ‘iat": 1732633649,
   ‘jti": “c0cb7984-e6f4-485f-8e29-ba319a270cf2”,
   ‘client_id": “rucio-punch”,
   ‘scope": ’openid offline_access profile eduperson_entitlement’
}
Kind regards,
Laura

-- 
Juelich Supercomputing Centre
Institute for Advanced Simulation
Forschungszentrum Juelich GmbH
52425 Juelich, Germany
E-Mail: l....@fz...
Phone: +49 2461 61-6576
Fax: +49 2461 61-6656

-----------------------------------------------------------------------
-----------------------------------------------------------------------
Forschungszentrum Juelich GmbH
52425 Juelich
Sitz der Gesellschaft: Juelich
Eingetragen im Handelsregister des Amtsgerichts Dueren Nr. HR B 3498
Vorsitzender des Aufsichtsrats: MinDir Stefan Müller
Geschaeftsfuehrung: Prof. Dr.-Ing. Wolfgang Marquardt (Vorsitzender),
Karsten Beneke (stellv. Vorsitzender), Dr. Ir. Pieter Jansens,
Prof. Dr. Astrid Lambrecht, Prof. Dr. Frauke Melchior
-----------------------------------------------------------------------
-----------------------------------------------------------------------