Can anyone tell me how to get the info out of the IIQ Access Token?
The token I get back isnt a JWT but looks like a B64 encoded string. When I decode it I get another string that is kind of a JWT, but not really and I cant seem to parse it or get any further.
Are you referring to the OAuth token used to authenticate to the IIQ APIs?
Yes, the Bearer token returned from the …/identityiq/oauth2/token?grant_type=client_credentials
It should follow all the specs defined for a Client Credentials OAuth 2.0 Authorization flow as documented by IETF RFC 6749, with a resulting time-limited Bearer token as defined in IETF RFC 6750.
The tokens themselves are basically just randomly-generated strings that don’t mean anything inherently client-side - they’re used by the authorization server itself internally for request validation. While it’s certainly in-spec to use a JWT for issuing a Bearer token (or authorization token in general - which I believe is what the OIDC spec attempts to standardize on), it’s not defined or required by the core OAuth 2.0 spec.
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.