By: kesavan dhilip user 11 May 2018 at 10:03 a.m. CDT

3 Responses
kesavan dhilip gravatar
Hi, I have enabled the 2 Factor authentication and got Access token. But I am getting acr value as null in the introspection API. { "active": true, "scopes": [ "openid", "profile", "uma_protection", "email" ], "client_id": "xxxxxxxxxxxxxxxxx", "username": "xxxxxxxxxx", "token_type": "bearer", "exp": 1526050430682, "iat": 1526046830682, "sub": null, "aud": "xxxxxxxxxxxxxx", "iss": "xxxxxxxxxxxxxx", "jti": null, **"acr_values": null** } Is there any other way I can get the acr_values??

By Aliaksandr Samuseu staff 11 May 2018 at 10:05 a.m. CDT

Aliaksandr Samuseu gravatar
Hi, Kesavan. We'll investigate and get back to you.

By Michael Schwartz Account Admin 11 May 2018 at 10:35 a.m. CDT

Michael Schwartz gravatar
Of course the `acr_values` claim would be present in the id_token, which could be sent to your API by the client. But that looks like a bug if the `openid` claim is present, and you say you specified `acr_values` in the request.

By Aliaksandr Samuseu staff 11 May 2018 at 3:49 p.m. CDT

Aliaksandr Samuseu gravatar
I've created [report](https://github.com/GluuFederation/oxAuth/issues/803) for this issue. Thank you for letting us know, Kesavan, good find. I'm closing the ticket, you can track its status on Github from now on.