Adding custom attribute to Bearer token response

By: Eduard Kruger user 01 Jun 2022 at 7:59 a.m. CDT

2 Responses
Eduard Kruger gravatar
Good day, We are looking to implement GLUU and move away from the basic OpenID implementation we are using now (we want to use GLUU company-wide). In our current implementation we have it set up as follows: When we request a bearer token in a specific module in our API, we pass in a custom field in the token request body (a guid/uuid value in this case), that we then use for any further requests in our workflow, as a means of securing the guid/uuid in transit. I've found this article on how to add an attribute to the bearer token response: [Custom Attributes](https://support.gluu.org/identity-management/8738/custom-info-in-client_credentials-flow/) But how would I go about having the item in the original token request be included in the generated token. Currently we override the default behaviour in our local OpenID server to do this. Thank you,
Gluu 4.4 Ubuntu 22.0 Oxd 4.1 Ubuntu 22.0
closed

Answers

By Yuriy Zabrovarnyy staff 01 Jun 2022 at 9:12 a.m. CDT

Copy
Yuriy Zabrovarnyy gravatar
There are two options to make custom field/data part of the access token itself: 1. use access token as JWT. In this case you can encode any data inside JWT (client's `accessTokenAsJwt=true` and `runIntrospectionScriptBeforeAccessTokenAsJwtCreationAndIncludeClaims=true`) 2. use `UpdateTokenType` and modify token code in both `TokenEntity` and `AccessToken` object. Note that in latest jans we support pure Java scripts (not only jython), see https://github.com/JanssenProject/jans/wiki/Interception-scripts--(or--Custom-scripts)#using-pure-java-scripts Introspection script sample: https://github.com/JanssenProject/jans/blob/4babe55a494c0edad899776f086d8c59368031f2/jans-linux-setup/jans_setup/static/extension/introspection/introspection.py#L11 UpdateTokenType sample: https://github.com/JanssenProject/jans/blob/4babe55a494c0edad899776f086d8c59368031f2/jans-linux-setup/jans_setup/static/extension/update_token/sample_script.py#L10 Hope it helps. Thanks, Yuriy Z

By Eduard Kruger user 02 Jun 2022 at 8:34 a.m. CDT

Copy
Eduard Kruger gravatar
Hi Yuriy, Thank you, this put me on the right path. The introspection part worked perfectly for our needs. Many thanks for the quick response. Kind regards,

Post an answer