OpenAM - Use OAuth2 Access Token to get User Details?

点点圈 提交于 2020-01-14 03:16:06

问题


Is it possible to get user details (attributes belonging to the resource owner) from ForgeRock's OpenAM using an OAuth 2 access token?

I have a trusted SPA UI that is able to get an access token from OpenAM using the Resource Owner Password Credentials Grant type. However, that access token gives me no information about the resource owner. The token_info endpoint similarly gives me no information.

OpenAM seems to have endpoints for listing user attributes, but expects a JWT as means of authentication for the request.

How can I get user attributes from an access token?


回答1:


There is a userinfo endpoint that will return user attributes. In OpenAM 13.0, the data returned by the endpoint is scriptable. In prior versions it is mapped to scopes.

The sample client application is helpful to understand how this works:

https://github.com/ForgeRock/openid



来源:https://stackoverflow.com/questions/35060659/openam-use-oauth2-access-token-to-get-user-details

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!