Adding Extra Fields to Access Token in WSO2 Identity Server
I am working with WSO2 Identity Server and I need to add additional fields to the access token returned from the /oauth2/token endpoint. The current structure of the access token is as follows:
{
"sub": "XXXXXX-XXXXX-XXXX-XXX-XXXXXXXXXX",
"aut": "APPLICATION_USER",
"aud": "QVwR39k12Fqu",
"nbf": 1234581515,
"azp": "WVwR39k12Fqu_YTGKJHNlk",
"scope": "default",
"iss": "https://localhost:9443/oauth2/token",
"exp": 153566545,
"iat": 55585552,
"jti": "89852_defsdfcsddf",
"client_id": "Ussswtttt"
}
I would like to add extra fields from user information to this token. Is there a configuration or extension point in WSO2 Identity Server that allows me to include additional information in the access token? If so, could you provide guidance on how to achieve this?
Additional Context: WSO2 Identity Server version: 6.0.0
You can get this done as follows:
Hope you have a local claim for the user attribute.
Add an OIDC claim mapping for your local claim
Go to the created oauth/oidc based service provider -> Claim Configurations-> add the local claim you want in the JWT as a
Requested ClaimsGo to
OIDC Scopessection of - >List. Selectopenidscope. Click Add Claims and give the OIDC claim you created in step 2
Now try the token retrieval with scope=openid. If the user has a value to the particular claim, you can get it in the JWT access token and ID token
- Deploying CApp to Service Catalog fails on malformed JSON error
- Error while launching run and debug: Build process failed - wso2 micro integrator with Visual Studio
- WSO2 Error while building Passthrough stream java.lang.StringIndexOutOfBoundsException
- Extracting binary as base64 String results in incomplete file?
- WSO2 Microintegrator: Error - Mediator from connector File not recognized
- WSO2 - Failure when building the Data Mapper
- WSO2 Micro Integrator: How to handle "application/json; odata.metadata=minimal" content-type from backend?
- WSO2 has not a bin directory
- WSO2 Large File Handling
- Is Endpoint Security Authentication in WSO2 APIM Done per API or per request?
- Can I use the dashboard the WSO2 DAS from other application java
- Adding HTTP security headers to WSO2 APIM (4.1.0) via deployment.toml config
- Compatibility Issue: WSO2 MI 4.1 with MongoDB Connector v2.0.0 and MongoDB 6.x Driver
- How to Access Fields in application/vnd.oracle.adf.resourceitem+json Response in WSO2 Integration Studio?
- WSO2 Multiple Gateway deployment production/sandbox endpoints
- Is there a way to run three instances of WSO2 AM in one localhost?
- CORS Configuration not working in WSO2 API Manager for Oauth2/token API
- WSO2 - Identity server 6.1.0 - Force user to change his password on first login
- OSGI Bundling issue while upgrading WSO2 APIM 3.2 to 4.3
- WSO2 API Manager 4.2 with AWS ALB : Problems with mTLS Authentication Setup
- WSO2 API Manager (wso2am-4.3.0) - Error When Invoking APIs After Disabling OpenAPI Validations
- WSO2 Kafka Consume messages from topic issue
- WSO2 API Manager (wso2am-4.3.0) - How to Disable OpenAPI Validation When Importing Swaggers?
- "keytool error: java.io.IOException: Invalid keystore format"
- wso2 api manager elk based analytics
- How to enable TLS 1.1 in wso2 APIM 4.2
- WSO2 API Manager (wso2am-2.1.0) - How to implement passwordless authentication using WSO2 APIM and Microsoft Authenticator App?
- WSO2 API Manager (wso2am-2.1.0) - BufferOverflowException
- How to - create api to test simple http backend
- Issue with WSO2 API-Manager 4.3.0: ERR_CONNECTION_RESET at localhost:9443