Test Summary

Test Results

Expand All Collapse All
All times are UTC
2020-07-15 13:51:29 INFO
TEST-RUNNER
Test instance PS1YjmPbLX created
baseUrl
https://www.certification.openid.net/test/a/0015800000jeox1AAA
variant
{
  "client_auth_type": "mtls",
  "fapi_profile": "openbanking_uk",
  "fapi_response_mode": "plain_response"
}
alias
0015800000jeox1AAA
description
planId
Swmue5OvTo85q
config
{
  "server": {
    "discoveryUrl": "https://api.ob.business.hsbc.co.uk/.well-known/openid-configuration"
  },
  "client": {
    "client_id": "a7c8a199-a747-484f-aab3-fc383e7e0c10",
    "scope": "openid accounts",
    "jwks": {
      "keys": [
        {
          "kty": "RSA",
          "alg": "PS256",
          "kid": "AJ5cA_0bYqlluK0ApjptWjUgkJs",
          "n": "s_ghKALWz1Q6pzU-FcWHJ4Wg_WHPbN2XbMLkyGIc8aCFnkF6YcSDaIgoCfO6DLn2DsQAxDnbX6wGfnLg-jBQ9yPTnXRhv9BFB7r-wipt8haz4Q7BrVGl_K3EiGbRwFrCsE9xLGR_uZhZ1Wgai_kR2AG6IPBqfoa_xBkNRubEtVIdMNNVfpgrjh28IqcIW3n-TvVyLWmenKNN6mkRsWJXAW4OFjue8s0eh0Qr_bIfXafkJTb-moTKyh2W7owph55egU_1-S0Qug9af_upTJKdT4AHvFzd4leLhv0t07G9kJdM65CpWc10hBvHLwALsrEopyFDEjFaWxvbPmvF8OOpCw",
          "e": "AQAB",
          "d": "GqMLJUTmTmGFHOKAgfBuhKb-oQItFUvm8a4W9qGu7wR3Qmkml_niCUK9yltMmj2b8auJAYIeuhZYD7cpHV6xXSLsW02yehV1YiOHOW3WQBKkJRduCx0emDuP7zBoszO7xSS893kYfnvSMAfshfMjdPksd1ueJ4QCNiAPGwNk8gEplKtV28yFW_w10MKTqahBhmKPlgryEXo-iXWYmk_3j6Q3xrX0tcdUEh4JoU1fZTWq-31JAOsigVgZC3_k7dwHQJKGB4ik-eSzN_9lksJWO5jQPhbgwmFAHtsSC88E8poFR85Ialbu8FbTvL7mBb5tmaCIh1b6PlyS45IRIfQ8AQ",
          "p": "6ZbDeMrzFFFAWEuROs1w61RpP_8Zd8r9IuFBM2LVAjWud_07d6tRPDAqEQnE-YYZEXq8VN9g5RCEB2aCs6CQxVB1iqo4Nspa_DgEtKmDRswfZ4qjQATeF3JzIZFXHR6ZQAzhzh1R65RlFh_IBmE2gFXV8efdqknoI8uEpyzJbYE",
          "q": "xTxmXD_hcc0HJaK2rQi02m4_L4abGe24v12AEWdYZIkkNQEYxA2h1uaeEhpGBE8jI7X6mONAhW9sUJ_Dxmdlt68QgaJjrudSDlk1aOo25j6SqzPBCWebzWMaOobxx1tSnNCndfsnXUA29BsUDhA6EVrzN58Y2FvDd0KiKpbHNIs",
          "dp": "075m00ilsPU2btORgsxYX_rUrb6BR6YqcUPf5sTgcnBXB032ajRSH01J1MgWVlrIvp-TuRwEqaCfDlZOhKY4laSp6FkFPCWS9K-TFHHVHohKr4FtGstOx9JnqzYk0bC7GuSSjFTnvbV3LOcCW0YkMZGdrvuQZJ06YbhLN3_R2AE",
          "dq": "dBSvPb3PBnYfrbPNBZupLSFTiLoVELaLU_1IgXWsXUclixiBJenMBTmncIoMCT82NC9HNLIS6DWCrxTIWT3DbM7YzSLwviCgd5djSsMF2o6bLa2A__L9jGy2JBoFtEn4HhjjZhmRul0vuo0xSXGda1d265Z0PeoL6WXLIXup9C8",
          "qi": "J-cinRm-Eh_IddQhVeEAInmjqpFLPpJlAdAkrLdzktGq6l-TPeQh5G53VY-dl-hnfDfHWPoh7LLphEBFBSrVC9TGsFtpvycKCBdDcTQgGZLXwVid_WO_DdMwvEhCuoEDtyC_2BWkliF1OHTZUIxw2gNYjkzDegZTVH-AQLXKdeI"
        }
      ]
    }
  },
  "mtls": {
    "key": "-----BEGIN PRIVATE KEY-----\nMIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDD5g/JAs4Sq3os\nY88M4s3se5mDQekODFu0GSHdbPumJbDu0GRwXu1d35TA0ymR5aL1wr4hxEqzBCiM\nfsIjnxvKXd6vYXRfNGG9gVBeBfXnsz64Se9M2kVczPu6h+5dWdmfhAC2vhHhVkQV\nJZx0vKnCynOE0P5xBshtURdjLXC0KLyskHVBQWr8fcsbOXKHh+0yGpaDuArVIw2Z\nGKvaD3p2knipd4GHpQF84cstyeKQqHO6DR2gFSRbJQf66hbGAhtjL7IiT7WRHlbd\nRL4U39WLXR5yGhb2BE8qLgSA2SKeYHpezG2bqUfx7W7W9B0VRQSMY+Wxrn3NqX+R\npZkNGhuxAgMBAAECggEAcy+oYnJCx1mKqeU6DoKhwIZgmnw70+XSWhBZCECXq3cI\nFTP1itlWStc3OTYwgDf9XPJYJ7Sqk55DVXEHKDja91/Am3D7IyvCuNH7dn2cvNN5\ncpUOnyrMlCd3cJOSxdMaEiBk5w7VpqC5wZFu8HkqfH3b9OGKat0pJpYC4W8LkPJH\nMW1C6AYEDRJa4bQj6NuHn4TsTKazZWsA+VkaAPIu6fJd8z9GVGwmmLQGt+K+hI8V\n6gsAu6LG2/C7zGcj6SCLcx9DsRXWSO8K9znd4POla+dTIKVEtjTI3Jg5NvqMZc98\nDYutBoYGVWM6OEAd2jXPn65UTjVO4zFPKxl1QOeSAQKBgQDuvbPrtZUAlQts7lUd\nVGc/mv54pNuA3hwwPiM8k/Ts8qMRAlSb93vVz58xXu/ALUpWDNwSkKd5WYdsxH3q\nxpkrLG4bwYVV9KV08GVQmQ6H8PAC6w9gbg9UgxT8xsnVZJIaKA0ndrBZTmYBLXsB\nDu1GeiyD4gO1GnlV2at47IHDUQKBgQDSD32K2IYaaVFFbbsB4Rs9nDweZD0+y4su\n/Gkec3TUZg076nb74vyHBfbTDCB9r2cpNV3hYe2kNksNNf27O3t7jYvbiFrFIRIN\nJspO0cCBoUbyuXf1u34R7amXA9k+Fwd521msjm9Dh+pqk4qRQdKSXkGIfCgYm+ie\nZikXY5L6YQKBgGAo/rg5CkwSvGhi0tuebHvdFRRI6rTMQbRYwt6ahbOOw4mNU8EC\nfNmQ6AD9yTmxxFhGk7nSk/I30mlH96PB3F3cZnk9iFQn1yDz1wsQqx6sODAkt6vS\niNA0gBaUhyUxffuVGD9F+h/uiP1+cSXq+j1B5n40YePnRuoCY6OwN1ARAoGADLIk\n+1RU3pnI8LJOIDHzzIh51bhnPzlcIy3cSJvfzsqQODPWlyjD7IE+xsiv2gjU6lew\nYePiUg95/8VonX1d3DzU3CLkoY97INJcXeEtimgt+pOdHXwEhZ7gpiD0a11G9WV9\niQFe1i0LzP8328mnqXMK8O3YGoypxZEVILXC92ECgYBi9WbaNoElxoXdrie8wPPF\nZRp6xs2gZGj4Px/HjuT9hY2nKl9NIcqogAyVuVmAp82N4YBwzW0bZ+KSn1aVnPLg\nfXEy3f3OglfiI4I7/cBA9xwC6fLO1uQ1aD3bQTSiukqGAQhS3mTGInr5WpPeGsWN\nHozKBohROHw/n1Ugz8ejLQ\u003d\u003d\n-----END PRIVATE KEY-----",
    "cert": "-----BEGIN CERTIFICATE-----\nMIIGMzCCBRugAwIBAgIEWf+FWzANBgkqhkiG9w0BAQsFADBEMQswCQYDVQQGEwJH\nQjEUMBIGA1UEChMLT3BlbkJhbmtpbmcxHzAdBgNVBAMTFk9wZW5CYW5raW5nIElz\nc3VpbmcgQ0EwHhcNMTkxMTA2MDgzMTEwWhcNMjExMTA2MDkwMTEwWjBgMQswCQYD\nVQQGEwJHQjEZMBcGA1UEChMQSFNCQyBVSyBCYW5rIFBsYzEZMBcGA1UEYRMQUFNE\nR0ItRkNBLTc2NTExMjEbMBkGA1UEAxMSMDAxNTgwMDAwMTZpNDRKQUFRMIIBIjAN\nBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw+YPyQLOEqt6LGPPDOLN7HuZg0Hp\nDgxbtBkh3Wz7piWw7tBkcF7tXd+UwNMpkeWi9cK+IcRKswQojH7CI58byl3er2F0\nXzRhvYFQXgX157M+uEnvTNpFXMz7uofuXVnZn4QAtr4R4VZEFSWcdLypwspzhND+\ncQbIbVEXYy1wtCi8rJB1QUFq/H3LGzlyh4ftMhqWg7gK1SMNmRir2g96dpJ4qXeB\nh6UBfOHLLcnikKhzug0doBUkWyUH+uoWxgIbYy+yIk+1kR5W3US+FN/Vi10echoW\n9gRPKi4EgNkinmB6Xsxtm6lH8e1u1vQdFUUEjGPlsa59zal/kaWZDRobsQIDAQAB\no4IDDzCCAwswDgYDVR0PAQH/BAQDAgeAMIGLBggrBgEFBQcBAwR/MH0wEwYGBACO\nRgEGMAkGBwQAjkYBBgMwZgYGBACBmCcCMFwwNTAzBgcEAIGYJwECDAZQU1BfUEkG\nBwQAgZgnAQMMBlBTUF9BSQYHBACBmCcBBAwGUFNQX0lDDBtGaW5hbmNpYWwgQ29u\nZHVjdCBBdXRob3JpdHkMBkdCLUZDQTAgBgNVHSUBAf8EFjAUBggrBgEFBQcDAQYI\nKwYBBQUHAwIwggFSBgNVHSAEggFJMIIBRTCCAUEGCysGAQQBqHWBBgEBMIIBMDA1\nBggrBgEFBQcCARYpaHR0cDovL29iLnRydXN0aXMuY29tL3Byb2R1Y3Rpb24vcG9s\naWNpZXMwgfYGCCsGAQUFBwICMIHpDIHmVGhpcyBDZXJ0aWZpY2F0ZSBpcyBzb2xl\nbHkgZm9yIHVzZSB3aXRoIE9wZW4gQmFua2luZyBMaW1pdGVkIGFuZCBhc3NvY2lh\ndGVkIE9wZW4gQmFua2luZyBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Np\nb24gb3IgdXNlIGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIE9wZW4gQmFu\na2luZyBMaW1pdGVkIENlcnRpZmljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1\nbWVudHMgdGhlcmVpbi4wcgYIKwYBBQUHAQEEZjBkMCYGCCsGAQUFBzABhhpodHRw\nOi8vb2IudHJ1c3Rpcy5jb20vb2NzcDA6BggrBgEFBQcwAoYuaHR0cDovL29iLnRy\ndXN0aXMuY29tL3Byb2R1Y3Rpb24vaXNzdWluZ2NhLmNydDA/BgNVHR8EODA2MDSg\nMqAwhi5odHRwOi8vb2IudHJ1c3Rpcy5jb20vcHJvZHVjdGlvbi9pc3N1aW5nY2Eu\nY3JsMB8GA1UdIwQYMBaAFJ9Jv042p6zDDyvIR/QfKRvAeQsFMB0GA1UdDgQWBBSV\nMH4pucCvv1fh9uCqjd8NifLutjANBgkqhkiG9w0BAQsFAAOCAQEAWsgAUN4+7KbG\nzA4qGWdcJmuzEKKivazwUETyW85+WxJUFw0AMbBTqvwH9MPjU9hbkM7JnMDhwz4b\ncGpIJJyKRo8oJx9sAa6jaEMFPfHiyhiZNhBRAekblmHcyQ1FxGj3x1kYl8aU7a8W\n5U7s78ie3dgm6CMtzNkzO2PKO0akngRu/2Qgtc6gyxuBLvJhUblbXYHfw5zcEMTv\nqtLyv62vJN24FaR33nOmagtkUinK6K6fsHuep0se/5OYVImbmbX8/29K2XOP69JQ\ngsCxED30orTNDiRdS8nJYpNG7pyBKFnn4mG46UNH2AB7nBlWdqhnTtvuWWUpUtnE\n2KYV75CW3A\u003d\u003d\n-----END CERTIFICATE-----"
  },
  "resource": {
    "resourceUrl": "https://api.ob.business.hsbc.co.uk/obie/open-banking/v3.1/aisp/",
    "institution_id": "00158000016i44JAAQ"
  },
  "alias": "0015800000jeox1AAA",
  "client2": {
    "client_id": "0bb806ff-407b-4c22-b1c7-95340f841482",
    "scope": "openid accounts",
    "jwks": {
      "keys": [
        {
          "kty": "RSA",
          "alg": "PS256",
          "kid": "Vkh-Ct02Zjn_tq7tRLCY-yXBFJs",
          "n": "ypGvsPLXBWFKso71qpEGiP67A8wrHqulH3xbB1yo0FBdP0KfFIUTj4kiANEntXo00J88WjwPKLQ6GwhmsxCaVBSTMfV1ZTRMX-wGbYVPFMbW5As6sbGWGQpQ0jslPgPew0TJRuzYA8rFK3njkHH4B-E4QYnShDyXCuwH0Ifi7KsFA4imykpPcBKUalORRFmB60DWHbmEMf5ooJdqh4mtibg4YcS3QSzoItJVzU2yzVsyQqvlbrIK9-bjepFnNOpJ5z1rxzxIPDRt5fzzIbiRKib1lCH3aBbE9F72JvSZEEWxohm4Pd6-h4mPtKTw2Bz6bPjkk66k9N0WMkZFqe09_w",
          "e": "AQAB",
          "d": "XjrC9ZchOtl1O_aQhNWNqrCEIlIZRN0npKveVGBgDvczSTgedBcrcDukW6jvxdWhN-K62mbRzmd4GBciXu28PJyNlFHQWFGprX1HyC6ZCNsuH0qx9PLdFazcx87Hlj-Kol8fGiUWnzz11zGOECVT8aZs2t_X07ezs1r0j6aGgvx-MKTii4ZvezF01ivGhdWeC2luP53FHGNtwb-52HpAChQ0Jlj2AsQFJgh_1EErh9fZMojh03Z0PiizRlj_N4oMg0SULCA2OrnPoJO7d49BSeLqOg6GQCfCcB_rer-gWtNyd9qunALksLU9VQID1ezPJmPPMmroCJ1HBTLe79UfkQ",
          "p": "-st95wdpFTIiqnCyeLgrmzlzB6SPZ01FJFJLPWW5AGte3oZ32RjKMzTScjQpZ6gffrPfrEHpwyQaAUe7O943-LVlB-elpVc8K1fGCF0zSCO9OoXqxtY-0mQFMAYeBLLzi4iY9MI-_5gzTziLvSMpMJ4fVVvaK82NttBoQRPv2Ss",
          "q": "zsX2zcxPZD-TPbueVfOu5sUWqhIUQcozVCZqLMLKX7nunpNTe1uCEB-26u5drrZLF-KvossRrOirB8r5_u3jPUg03alwfighicLnj-6ARfnD1S4Eq0PqoonhusCyWCbxELE_0KTgLklSrJ-BxluVNXwg321afYYwQVl8199unH0",
          "dp": "OUCVGFWPvp_4W_JoO7jHc6MUyGzfs9Rm8Vi8BmMfbaIVQTVvTKclGbV4SUvxG9G8ht8nM5rEc6DdMueeLZeYLXWzf695GBqnCLn74lLsbw6Bl0eVBhlItBzTNlhfJ_F2OadQS6fAW_bx16bv95h8QbYHLyRN1OwS6uX-tsSHX4s",
          "dq": "rWO77h8hhAL7yYyG3bSWOdWTh9HZQsH4ANyltBsz8MnNmxQXsR2vFy5BCQgRbuxWVBU3CuAWVlRU9xfyQx_gqgberfHj7yZf2VGjNELfNc6XtS_9olA1dU8CBsSHyPv-seywgpl_k9DQjwjCnj82A7-vISxl8VSRKnuMAMnPy1E",
          "qi": "C7qyQO3RFiic8eADHunBZHHRiqcH4FWAmBFzBg_87PZIS66Jfyj6hktK9lQUlXNpBMO4zAq-2nm2ihKBUYeMiOeOKq9mqLAAUCJgmrrsgl0aa26-jFFf81JQZpYWXqpLoV5oHxkbz2DzA2EtLHcVL998ICK6q_1d4Tbr_YLaVfM"
        }
      ]
    }
  },
  "mtls2": {
    "cert": "-----BEGIN CERTIFICATE-----\nMIIGHjCCBQagAwIBAgIEWf+vhDANBgkqhkiG9w0BAQsFADBEMQswCQYDVQQGEwJH\nQjEUMBIGA1UEChMLT3BlbkJhbmtpbmcxHzAdBgNVBAMTFk9wZW5CYW5raW5nIElz\nc3VpbmcgQ0EwHhcNMjAwNjE5MDc1MDQxWhcNMjIwNjE5MDgyMDQxWjBdMQswCQYD\nVQQGEwJHQjEWMBQGA1UEChMNSFNCQyBCYW5rIHBsYzEZMBcGA1UEYRMQUFNER0It\nRkNBLTExNDIxNjEbMBkGA1UEAxMSMDAxNTgwMDAwMGplb3gxQUFBMIIBIjANBgkq\nhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA45S4jkoqOUkDvmx0fQcmAj0ccly2605u\n886xNABzTl1nMwP9Pg/FiPV8e8OzQZ9xIgmgB+iVau/BDQsLKvjFVu3qOLSGbKLF\nw0M+BxS/0aoTDbVEUntWlhlwvRRNHdStf5aq/OScVgpnGHwctCxwlAbPFIIFfEpB\nxPsyXJDIosubJCaC/P/RlXJlZBlum8y59sppfJtrsRx4Im6kndCzYzfjdogOwWOU\nGbxSIKNFIRml/jozorngd3KfKQfAyDOwUlbEvwq6fTqdASzFeOAuPEcgUptoBZrK\nYHrQe9UMMEtOoi3+r8j5zcAGqWHQqm0ezExbFKgW//Hr9lBgK1BaHwIDAQABo4IC\n/TCCAvkwDgYDVR0PAQH/BAQDAgeAMHoGCCsGAQUFBwEDBG4wbDATBgYEAI5GAQYw\nCQYHBACORgEGAzBVBgYEAIGYJwIwSzAkMCIGBwQAgZgnAQIMBlBTUF9QSQYHBACB\nmCcBAwwGUFNQX0FJDBtGaW5hbmNpYWwgQ29uZHVjdCBBdXRob3JpdHkMBkdCLUZD\nQTAgBgNVHSUBAf8EFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwggFSBgNVHSAEggFJ\nMIIBRTCCAUEGCysGAQQBqHWBBgEBMIIBMDA1BggrBgEFBQcCARYpaHR0cDovL29i\nLnRydXN0aXMuY29tL3Byb2R1Y3Rpb24vcG9saWNpZXMwgfYGCCsGAQUFBwICMIHp\nDIHmVGhpcyBDZXJ0aWZpY2F0ZSBpcyBzb2xlbHkgZm9yIHVzZSB3aXRoIE9wZW4g\nQmFua2luZyBMaW1pdGVkIGFuZCBhc3NvY2lhdGVkIE9wZW4gQmFua2luZyBTZXJ2\naWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNlIGNvbnN0aXR1dGVz\nIGFjY2VwdGFuY2Ugb2YgdGhlIE9wZW4gQmFua2luZyBMaW1pdGVkIENlcnRpZmlj\nYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhlcmVpbi4wcgYIKwYB\nBQUHAQEEZjBkMCYGCCsGAQUFBzABhhpodHRwOi8vb2IudHJ1c3Rpcy5jb20vb2Nz\ncDA6BggrBgEFBQcwAoYuaHR0cDovL29iLnRydXN0aXMuY29tL3Byb2R1Y3Rpb24v\naXNzdWluZ2NhLmNydDA/BgNVHR8EODA2MDSgMqAwhi5odHRwOi8vb2IudHJ1c3Rp\ncy5jb20vcHJvZHVjdGlvbi9pc3N1aW5nY2EuY3JsMB8GA1UdIwQYMBaAFJ9Jv042\np6zDDyvIR/QfKRvAeQsFMB0GA1UdDgQWBBQoIn6Ety8TZj9GRDa5DN86OlSsODAN\nBgkqhkiG9w0BAQsFAAOCAQEAiSq13ZVHuzXghDE7hyNumLrQRdL2a5ZeSI791Hyu\nsBAdoISktL1pShtEa0PM1keEknkE0cfO/qKDMjayNCQk/YeqZ58SgH4zbWn0p01r\nW9T9tdbr2dtqAx8encOUT8nBHodpKIH1BeB/DmE/TKd5NlHsDfOXE4CakKGvJb3q\nzz4/XdDBCCaD8odSQcbcK9Ss8OHMKjHm5DOLgQO7JOSDZLDd1MWdi5VmatsUPdaE\nY/bc+jhPCVGCfxg6A08Ukee8dFLCPGOp/Db/VPU9knBTwBCRZKnurpfaODuOZSrD\nzMSQiX1h5MrJWGc21Fhm1lH46T9V95h9QzKIEmRGKVajRw\u003d\u003d\n-----END CERTIFICATE-----",
    "key": "-----BEGIN PRIVATE KEY-----\nMIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDjlLiOSio5SQO+\nbHR9ByYCPRxyXLbrTm7zzrE0AHNOXWczA/0+D8WI9Xx7w7NBn3EiCaAH6JVq78EN\nCwsq+MVW7eo4tIZsosXDQz4HFL/RqhMNtURSe1aWGXC9FE0d1K1/lqr85JxWCmcY\nfBy0LHCUBs8UggV8SkHE+zJckMiiy5skJoL8/9GVcmVkGW6bzLn2yml8m2uxHHgi\nbqSd0LNjN+N2iA7BY5QZvFIgo0UhGaX+OjOiueB3cp8pB8DIM7BSVsS/Crp9Op0B\nLMV44C48RyBSm2gFmspgetB71QwwS06iLf6vyPnNwAapYdCqbR7MTFsUqBb/8ev2\nUGArUFofAgMBAAECggEAVBEu75jj6g9Xq7MCgODwIGmUpYYsJ9XsVHGosc3syijk\no0q49ID89i/AkTNkdzw/nVQy4lj/QOZZyMioknIc65StLc85zM2AAjZHpnP6u6d4\nrFqmZ1WaUY4KQD5MklVq1bPBa/PC8GGdXcUTEVdNKtEtE6VIA3amvu4P13PAOaoM\nKecxmKVCu8sEAwf5FCw1rP7lQDVwz+PsOGiGCY/SnWOMJAMwPp4UverTzoVvNmrD\n7n3XMl5E0IIatAeij5Dr5ZCA1wmzOGO3fQPuIZsD1bETqITguG3hN5QaOWqsvBPz\nwcia2ANBH/ByJI4yUVIhYrSS033OvcOZyOMC2q02aQKBgQD6+NbrKj4HfNBhDZmb\ndLCVfHRfx8PUVK8vx2Fx7gXSRs+c2scvviFYZnFiH86hog+UIWopFa/5bdumScRD\nxjuip7bQLEyVlT8YeEBtGDSeSfISqB1FR+eWcWm/SyjKUrwrI2nWZdqACudI+7vi\nkgFAKTmee7v30J+DrkhcqzkEdQKBgQDoI+peLtTUixhDksj/70B/3y4IG8n4kdTR\nMqNiUE42uHRmNbyo5OKVE6RsKpDhKzRNC7ac1mO9//e85vrABvno3KC2Y5MMzka/\nHvC7bI3wMF/N1N6197dk5l7436l+55DlUcc08KY6iJ3yBcCBXLJaM+R6Vhr/GHS/\nbpE2BLeBwwKBgERk9Az6YhUgSploX2giEM1sMTq48gE3Ytaee0vVFfkMGyAf7xBv\nvB6fLF8VU/Zwd9ZilM/FfUN4UNesWrQtnariEcwBho1tMti0TLpuUkig1juHXRK4\nWcCB/9OF5APfMDCBYiJvd3BViFo3YCiKqZSWp4EtLziFvjLgmA/JCazRAoGAdO+q\nnrjugwZyOY/Wan4luoQ9Ft6QtgMX9i2Q+fREAfKWx+nn2Bg8PyY+3DHw+0wdM3Zk\nDcs9QTeQnvqnc1XQS8nftyCfsYKzRpEaaP883LIxgGjrqzRWkKAvVSStp/yUE8BH\nHdbflXq+PW1CVKfSO/gJ7sozHS8/mDLlORXVLqsCgYAVQu4z+4I7clJasneCjcnL\n62cO1vbdSUK1M4M22P9QnpfIERa+frcV40X1/Sl3J7RgmNWdKEwX1hc9B94oBL/O\nrZxwv9mnuXvlAatJooGfoW+RUjsfx4+BepYIxXuOIzvXxcN8+XP8Dr+45gkfG8T8\nv2uVzxSfNAh+BqtZgR6g8Q\u003d\u003d\n-----END PRIVATE KEY-----"
  }
}
testName
fapi-rw-id2-attempt-reuse-authorisation-code-after-one-second
2020-07-15 13:51:29 SUCCESS
CreateRedirectUri
Created redirect URI
redirect_uri
https://www.certification.openid.net/test/a/0015800000jeox1AAA/callback
2020-07-15 13:51:29
GetDynamicServerConfiguration
HTTP request
request_uri
https://api.ob.business.hsbc.co.uk/.well-known/openid-configuration
request_method
GET
request_headers
{
  "accept": "text/plain, application/json, application/cbor, application/*+json, */*",
  "content-length": "0"
}
request_body

                                
2020-07-15 13:51:29 RESPONSE
GetDynamicServerConfiguration
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "server": "nginx",
  "date": "Wed, 15 Jul 2020 13:51:29 GMT",
  "content-type": "application/json",
  "content-length": "1277",
  "connection": "keep-alive",
  "last-modified": "Thu, 17 Oct 2019 11:35:13 GMT",
  "x-amz-server-side-encryption": "AES256",
  "x-amz-version-id": "ZCiXX5kMz2ACaJV0IenjMhDAXipkHDl2",
  "accept-ranges": "bytes",
  "etag": "\"bb1ca9ba397570781516520d1b47d19e\"",
  "x-cache": "Hit from cloudfront",
  "via": "1.1 476ccb26a8fdc626a87cc406cd1197bf.cloudfront.net (CloudFront)",
  "x-amz-cf-pop": "DUB2-C1",
  "x-amz-cf-id": "R9Roe60qLXlBH4axiZlyyeDy5P0havPItbwE_5VknlqpYaFkgbDwmg\u003d\u003d",
  "age": "51217",
  "x-xss-protection": "1; mode\u003dblock",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "strict-transport-security": "max-age\u003d31536000; includeSubDomains"
}
response_body
{
  "version": 1.0,
  "issuer": "https://api.ob.business.hsbc.co.uk",
  "authorization_endpoint": "https://ob.business.hsbc.co.uk/obie/open-banking/v1.1/oauth2/authorize",
  "registration_endpoint": "https://api.ob.business.hsbc.co.uk/obie/open-banking/v3.2/oauth2/register",
  "token_endpoint": "https://api.ob.business.hsbc.co.uk/obie/open-banking/v1.1/oauth2/token",
  "jwks_uri": "https://ob.business.hsbc.co.uk/jwks/public.jwks",
  "scopes_supported": ["accounts", "payments", "openid", "fundsconfirmations"],
  "claims_supported": ["sub","iss","auth_time","acr","openbanking_intent_id"],
  "response_types_supported": ["code id_token", "code"],
  "grant_types_supported": ["authorization_code", "client_credentials", "refresh_token"],
  "subject_types_supported": ["pairwise"],
  "id_token_signing_alg_values_supported": ["PS256"],
  "request_object_signing_alg_values_supported": ["PS256"],
  "token_endpoint_auth_methods_supported": ["private_key_jwt", "tls_client_auth"],
  "claims_parameter_supported": true,
  "request_parameter_supported": true,
  "request_uri_parameter_supported": false,
  "token_endpoint_auth_signing_alg_values_supported": ["PS256"],
  "acr_values_supported": ["urn:openbanking:psd2:sca"],
  "tls_client_certificate_bound_access_tokens": true
}
2020-07-15 13:51:29
GetDynamicServerConfiguration
Downloaded server configuration
server_config_string
{
  "version": 1.0,
  "issuer": "https://api.ob.business.hsbc.co.uk",
  "authorization_endpoint": "https://ob.business.hsbc.co.uk/obie/open-banking/v1.1/oauth2/authorize",
  "registration_endpoint": "https://api.ob.business.hsbc.co.uk/obie/open-banking/v3.2/oauth2/register",
  "token_endpoint": "https://api.ob.business.hsbc.co.uk/obie/open-banking/v1.1/oauth2/token",
  "jwks_uri": "https://ob.business.hsbc.co.uk/jwks/public.jwks",
  "scopes_supported": ["accounts", "payments", "openid", "fundsconfirmations"],
  "claims_supported": ["sub","iss","auth_time","acr","openbanking_intent_id"],
  "response_types_supported": ["code id_token", "code"],
  "grant_types_supported": ["authorization_code", "client_credentials", "refresh_token"],
  "subject_types_supported": ["pairwise"],
  "id_token_signing_alg_values_supported": ["PS256"],
  "request_object_signing_alg_values_supported": ["PS256"],
  "token_endpoint_auth_methods_supported": ["private_key_jwt", "tls_client_auth"],
  "claims_parameter_supported": true,
  "request_parameter_supported": true,
  "request_uri_parameter_supported": false,
  "token_endpoint_auth_signing_alg_values_supported": ["PS256"],
  "acr_values_supported": ["urn:openbanking:psd2:sca"],
  "tls_client_certificate_bound_access_tokens": true
}
2020-07-15 13:51:29 SUCCESS
GetDynamicServerConfiguration
Successfully parsed server configuration
version
1.0
issuer
https://api.ob.business.hsbc.co.uk
authorization_endpoint
https://ob.business.hsbc.co.uk/obie/open-banking/v1.1/oauth2/authorize
registration_endpoint
https://api.ob.business.hsbc.co.uk/obie/open-banking/v3.2/oauth2/register
token_endpoint
https://api.ob.business.hsbc.co.uk/obie/open-banking/v1.1/oauth2/token
jwks_uri
https://ob.business.hsbc.co.uk/jwks/public.jwks
scopes_supported
[
  "accounts",
  "payments",
  "openid",
  "fundsconfirmations"
]
claims_supported
[
  "sub",
  "iss",
  "auth_time",
  "acr",
  "openbanking_intent_id"
]
response_types_supported
[
  "code id_token",
  "code"
]
grant_types_supported
[
  "authorization_code",
  "client_credentials",
  "refresh_token"
]
subject_types_supported
[
  "pairwise"
]
id_token_signing_alg_values_supported
[
  "PS256"
]
request_object_signing_alg_values_supported
[
  "PS256"
]
token_endpoint_auth_methods_supported
[
  "private_key_jwt",
  "tls_client_auth"
]
claims_parameter_supported
true
request_parameter_supported
true
request_uri_parameter_supported
false
token_endpoint_auth_signing_alg_values_supported
[
  "PS256"
]
acr_values_supported
[
  "urn:openbanking:psd2:sca"
]
tls_client_certificate_bound_access_tokens
true
2020-07-15 13:51:29 INFO
AddMTLSEndpointAliasesToEnvironment
The mtls_endpoint_aliases is not present in the server configuration
server
{
  "version": 1.0,
  "issuer": "https://api.ob.business.hsbc.co.uk",
  "authorization_endpoint": "https://ob.business.hsbc.co.uk/obie/open-banking/v1.1/oauth2/authorize",
  "registration_endpoint": "https://api.ob.business.hsbc.co.uk/obie/open-banking/v3.2/oauth2/register",
  "token_endpoint": "https://api.ob.business.hsbc.co.uk/obie/open-banking/v1.1/oauth2/token",
  "jwks_uri": "https://ob.business.hsbc.co.uk/jwks/public.jwks",
  "scopes_supported": [
    "accounts",
    "payments",
    "openid",
    "fundsconfirmations"
  ],
  "claims_supported": [
    "sub",
    "iss",
    "auth_time",
    "acr",
    "openbanking_intent_id"
  ],
  "response_types_supported": [
    "code id_token",
    "code"
  ],
  "grant_types_supported": [
    "authorization_code",
    "client_credentials",
    "refresh_token"
  ],
  "subject_types_supported": [
    "pairwise"
  ],
  "id_token_signing_alg_values_supported": [
    "PS256"
  ],
  "request_object_signing_alg_values_supported": [
    "PS256"
  ],
  "token_endpoint_auth_methods_supported": [
    "private_key_jwt",
    "tls_client_auth"
  ],
  "claims_parameter_supported": true,
  "request_parameter_supported": true,
  "request_uri_parameter_supported": false,
  "token_endpoint_auth_signing_alg_values_supported": [
    "PS256"
  ],
  "acr_values_supported": [
    "urn:openbanking:psd2:sca"
  ],
  "tls_client_certificate_bound_access_tokens": true
}
2020-07-15 13:51:29 SUCCESS
CheckServerConfiguration
Found required server configuration keys
required
[
  "authorization_endpoint",
  "token_endpoint",
  "issuer"
]
2020-07-15 13:51:29 SUCCESS
ExtractTLSTestValuesFromServerConfiguration
Extracted TLS information from authorization server configuration
registration_endpoint
{
  "testHost": "api.ob.business.hsbc.co.uk",
  "testPort": 443
}
authorization_endpoint
{
  "testHost": "ob.business.hsbc.co.uk",
  "testPort": 443
}
token_endpoint
{
  "testHost": "api.ob.business.hsbc.co.uk",
  "testPort": 443
}
userinfo_endpoint
2020-07-15 13:51:29
FetchServerKeys
Fetching server key
jwks_uri
https://ob.business.hsbc.co.uk/jwks/public.jwks
2020-07-15 13:51:29
FetchServerKeys
HTTP request
request_uri
https://ob.business.hsbc.co.uk/jwks/public.jwks
request_method
GET
request_headers
{
  "accept": "text/plain, application/json, application/cbor, application/*+json, */*",
  "content-length": "0"
}
request_body

                                
2020-07-15 13:51:29 RESPONSE
FetchServerKeys
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "content-type": "binary/octet-stream",
  "content-length": "2740",
  "connection": "keep-alive",
  "date": "Wed, 15 Jul 2020 10:57:39 GMT",
  "last-modified": "Mon, 20 Jan 2020 15:53:54 GMT",
  "etag": "\"7a29613942e52cf77a681e0598cdd257\"",
  "x-amz-server-side-encryption": "AES256",
  "x-amz-version-id": "nu9pEf1SixyXJvQfut04vPYAmak0rILv",
  "accept-ranges": "bytes",
  "server": "AmazonS3",
  "x-cache": "Hit from cloudfront",
  "via": "1.1 e8082db8b3cd380fb1a7e784ec7460b9.cloudfront.net (CloudFront)",
  "x-amz-cf-pop": "MIA3-C2",
  "x-amz-cf-id": "cmkQqsFHdcTqEH8sJYz94yqA_CVTC6_MUH3bkJ6HQ15BewMEZEld0A\u003d\u003d",
  "age": "10431"
}
response_body
{
	"keys" : [{
			"kty" : "RSA",
			"x5t#S256" : "N9ma6qWKxCnw3WlJi8-sjy6-K-0zZllYAKZYWYQBCac",
			"e" : "AQAB",
			"use" : "sig",
			"kid" : "external",
			"x5c" : ["MIIGXzCCBUegAwIBAgIQC9gB6Oun1vt7she1GImF\/zANBgkqhkiG9w0BAQsFADBNMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5EaWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMjAwMTIwMDAwMDAwWhcNMjAwOTI2MTIwMDAwWjCBlzELMAkGA1UEBhMCR0IxDzANBgNVBAcTBkxvbmRvbjEvMC0GA1UEChMmSFNCQyBHcm91cCBNYW5hZ2VtZW50IFNlcnZpY2VzIExpbWl0ZWQxGTAXBgNVBAsTEEhEUyBPcGVuIEJhbmtpbmcxKzApBgNVBAMTIlBTRDItRXh0ZXJuYWwtU2lnbmF0dXJlLmhzYmMuY28udWswggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCUZllOaY7S7Ml8WTw6UfqpRRFTnN\/5wA6UruvE4hpi+0ena0r6\/NOYUvysGKCHbGGjIlxfbulOk1vG3isEu5Jd7oQq9rLA1Dycr5tsTEmf3d5LAnrxf5UKe7VmvFPqbimomh251gOcN0Gb3hJyKCFsspYMDYD+eYXEumn9L3UL6PzdzN2LCvkuuPfqfMfF8ttheDbzv+I0EV630RPN3nHTVjOXPgvTvK5STKKv1z5qUGA9M83A8NGtY7XgICMoc\/bd2We5gUtBu3RrvOJsdsE0l4wqju4HqfCyPzAavBFhipfymcxPebhnQ++nhbWbQ6NPqS95NVcOCRAOdzRNZuppAgMBAAGjggLuMIIC6jAfBgNVHSMEGDAWgBQPgGEcgjFh1S8o541GOLQs4cbZ4jAdBgNVHQ4EFgQUoyXF9vfBfUV1641lfcljK+RZVOUwLQYDVR0RBCYwJIIiUFNEMi1FeHRlcm5hbC1TaWduYXR1cmUuaHNiYy5jby51azAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMGsGA1UdHwRkMGIwL6AtoCuGKWh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9zc2NhLXNoYTItZzYuY3JsMC+gLaArhilodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vc3NjYS1zaGEyLWc2LmNybDBMBgNVHSAERTBDMDcGCWCGSAGG\/WwBATAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMAgGBmeBDAECAjB8BggrBgEFBQcBAQRwMG4wJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBGBggrBgEFBQcwAoY6aHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0U0hBMlNlY3VyZVNlcnZlckNBLmNydDAJBgNVHRMEAjAAMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHcApLkJkLQYWBSHuxOizGdwCjw1mAT5G9+443fNDsgN3BAAAAFvwwL8uwAABAMASDBGAiEAhvsrEmj6p1XrK9vinMfOHLuC3rKOq5QshRXDakP1Vo8CIQDrdunYFLP0mpJPwz4AcPP9KwCP9lUw6x7uqF7WB1LPYwB1AF6nc\/nfVsDntTZIfdBJ4DJ6kZoMhKESEoQYdZaBcUVYAAABb8MC\/GYAAAQDAEYwRAIgZ7Rgk3\/LeNnJuHymSbB0j8RM86r\/By8rQ7ZLIrbMELwCIGIXrLCtJqoOXHpUFYyZktms22fdmgtoIYumdSt1fYAfMA0GCSqGSIb3DQEBCwUAA4IBAQAHL1sC8cnIQG+wQpRo3V02\/ZSRLNbFI1g++Y0pgQfu1xqHaJVDB9ZYF8EeBTD7abt22d6XNjJ6qm5b1CJyeoA9fK\/b3QycGNP8CF3P+EUxdaVE6pfnQbbare80nO97iA3ZJrztaI6rJQgNhDtN8IA5fvsjxbgivuIt7MKS0tkDfFyquE3WUb7q4Is8G4J1tR2Po9z3JPkukKTe3ulke2DiFMTvZDtZRaRbgtKUBVBaABkhA1eBcqK6DdW\/xBd54cmyGFrVQT123o9BYvqATPaDwGWZtKbRSlfPbo7qDyzXj\/IQDvooBqwOHEc6SQ+cTn09KW1Ql34fXSwBfPcF1i\/G"],
			"n" : "lGZZTmmO0uzJfFk8OlH6qUURU5zf-cAOlK7rxOIaYvtHp2tK-vzTmFL8rBigh2xhoyJcX27pTpNbxt4rBLuSXe6EKvaywNQ8nK-bbExJn93eSwJ68X-VCnu1ZrxT6m4pqJodudYDnDdBm94ScighbLKWDA2A_nmFxLpp_S91C-j83czdiwr5Lrj36nzHxfLbYXg287_iNBFet9ETzd5x01Yzlz4L07yuUkyir9c-alBgPTPNwPDRrWO14CAjKHP23dlnuYFLQbt0a7zibHbBNJeMKo7uB6nwsj8wGrwRYYqX8pnMT3m4Z0Pvp4W1m0OjT6kveTVXDgkQDnc0TWbqaQ"
		}
	]
}
2020-07-15 13:51:29
FetchServerKeys
Found JWK set string
jwk_string
{
	"keys" : [{
			"kty" : "RSA",
			"x5t#S256" : "N9ma6qWKxCnw3WlJi8-sjy6-K-0zZllYAKZYWYQBCac",
			"e" : "AQAB",
			"use" : "sig",
			"kid" : "external",
			"x5c" : ["MIIGXzCCBUegAwIBAgIQC9gB6Oun1vt7she1GImF\/zANBgkqhkiG9w0BAQsFADBNMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5EaWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMjAwMTIwMDAwMDAwWhcNMjAwOTI2MTIwMDAwWjCBlzELMAkGA1UEBhMCR0IxDzANBgNVBAcTBkxvbmRvbjEvMC0GA1UEChMmSFNCQyBHcm91cCBNYW5hZ2VtZW50IFNlcnZpY2VzIExpbWl0ZWQxGTAXBgNVBAsTEEhEUyBPcGVuIEJhbmtpbmcxKzApBgNVBAMTIlBTRDItRXh0ZXJuYWwtU2lnbmF0dXJlLmhzYmMuY28udWswggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCUZllOaY7S7Ml8WTw6UfqpRRFTnN\/5wA6UruvE4hpi+0ena0r6\/NOYUvysGKCHbGGjIlxfbulOk1vG3isEu5Jd7oQq9rLA1Dycr5tsTEmf3d5LAnrxf5UKe7VmvFPqbimomh251gOcN0Gb3hJyKCFsspYMDYD+eYXEumn9L3UL6PzdzN2LCvkuuPfqfMfF8ttheDbzv+I0EV630RPN3nHTVjOXPgvTvK5STKKv1z5qUGA9M83A8NGtY7XgICMoc\/bd2We5gUtBu3RrvOJsdsE0l4wqju4HqfCyPzAavBFhipfymcxPebhnQ++nhbWbQ6NPqS95NVcOCRAOdzRNZuppAgMBAAGjggLuMIIC6jAfBgNVHSMEGDAWgBQPgGEcgjFh1S8o541GOLQs4cbZ4jAdBgNVHQ4EFgQUoyXF9vfBfUV1641lfcljK+RZVOUwLQYDVR0RBCYwJIIiUFNEMi1FeHRlcm5hbC1TaWduYXR1cmUuaHNiYy5jby51azAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMGsGA1UdHwRkMGIwL6AtoCuGKWh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9zc2NhLXNoYTItZzYuY3JsMC+gLaArhilodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vc3NjYS1zaGEyLWc2LmNybDBMBgNVHSAERTBDMDcGCWCGSAGG\/WwBATAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMAgGBmeBDAECAjB8BggrBgEFBQcBAQRwMG4wJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBGBggrBgEFBQcwAoY6aHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0U0hBMlNlY3VyZVNlcnZlckNBLmNydDAJBgNVHRMEAjAAMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHcApLkJkLQYWBSHuxOizGdwCjw1mAT5G9+443fNDsgN3BAAAAFvwwL8uwAABAMASDBGAiEAhvsrEmj6p1XrK9vinMfOHLuC3rKOq5QshRXDakP1Vo8CIQDrdunYFLP0mpJPwz4AcPP9KwCP9lUw6x7uqF7WB1LPYwB1AF6nc\/nfVsDntTZIfdBJ4DJ6kZoMhKESEoQYdZaBcUVYAAABb8MC\/GYAAAQDAEYwRAIgZ7Rgk3\/LeNnJuHymSbB0j8RM86r\/By8rQ7ZLIrbMELwCIGIXrLCtJqoOXHpUFYyZktms22fdmgtoIYumdSt1fYAfMA0GCSqGSIb3DQEBCwUAA4IBAQAHL1sC8cnIQG+wQpRo3V02\/ZSRLNbFI1g++Y0pgQfu1xqHaJVDB9ZYF8EeBTD7abt22d6XNjJ6qm5b1CJyeoA9fK\/b3QycGNP8CF3P+EUxdaVE6pfnQbbare80nO97iA3ZJrztaI6rJQgNhDtN8IA5fvsjxbgivuIt7MKS0tkDfFyquE3WUb7q4Is8G4J1tR2Po9z3JPkukKTe3ulke2DiFMTvZDtZRaRbgtKUBVBaABkhA1eBcqK6DdW\/xBd54cmyGFrVQT123o9BYvqATPaDwGWZtKbRSlfPbo7qDyzXj\/IQDvooBqwOHEc6SQ+cTn09KW1Ql34fXSwBfPcF1i\/G"],
			"n" : "lGZZTmmO0uzJfFk8OlH6qUURU5zf-cAOlK7rxOIaYvtHp2tK-vzTmFL8rBigh2xhoyJcX27pTpNbxt4rBLuSXe6EKvaywNQ8nK-bbExJn93eSwJ68X-VCnu1ZrxT6m4pqJodudYDnDdBm94ScighbLKWDA2A_nmFxLpp_S91C-j83czdiwr5Lrj36nzHxfLbYXg287_iNBFet9ETzd5x01Yzlz4L07yuUkyir9c-alBgPTPNwPDRrWO14CAjKHP23dlnuYFLQbt0a7zibHbBNJeMKo7uB6nwsj8wGrwRYYqX8pnMT3m4Z0Pvp4W1m0OjT6kveTVXDgkQDnc0TWbqaQ"
		}
	]
}
2020-07-15 13:51:29 SUCCESS
FetchServerKeys
Found server JWK set
server_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "x5t#S256": "N9ma6qWKxCnw3WlJi8-sjy6-K-0zZllYAKZYWYQBCac",
      "e": "AQAB",
      "use": "sig",
      "kid": "external",
      "x5c": [
        "MIIGXzCCBUegAwIBAgIQC9gB6Oun1vt7she1GImF/zANBgkqhkiG9w0BAQsFADBNMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5EaWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMjAwMTIwMDAwMDAwWhcNMjAwOTI2MTIwMDAwWjCBlzELMAkGA1UEBhMCR0IxDzANBgNVBAcTBkxvbmRvbjEvMC0GA1UEChMmSFNCQyBHcm91cCBNYW5hZ2VtZW50IFNlcnZpY2VzIExpbWl0ZWQxGTAXBgNVBAsTEEhEUyBPcGVuIEJhbmtpbmcxKzApBgNVBAMTIlBTRDItRXh0ZXJuYWwtU2lnbmF0dXJlLmhzYmMuY28udWswggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCUZllOaY7S7Ml8WTw6UfqpRRFTnN/5wA6UruvE4hpi+0ena0r6/NOYUvysGKCHbGGjIlxfbulOk1vG3isEu5Jd7oQq9rLA1Dycr5tsTEmf3d5LAnrxf5UKe7VmvFPqbimomh251gOcN0Gb3hJyKCFsspYMDYD+eYXEumn9L3UL6PzdzN2LCvkuuPfqfMfF8ttheDbzv+I0EV630RPN3nHTVjOXPgvTvK5STKKv1z5qUGA9M83A8NGtY7XgICMoc/bd2We5gUtBu3RrvOJsdsE0l4wqju4HqfCyPzAavBFhipfymcxPebhnQ++nhbWbQ6NPqS95NVcOCRAOdzRNZuppAgMBAAGjggLuMIIC6jAfBgNVHSMEGDAWgBQPgGEcgjFh1S8o541GOLQs4cbZ4jAdBgNVHQ4EFgQUoyXF9vfBfUV1641lfcljK+RZVOUwLQYDVR0RBCYwJIIiUFNEMi1FeHRlcm5hbC1TaWduYXR1cmUuaHNiYy5jby51azAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMGsGA1UdHwRkMGIwL6AtoCuGKWh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9zc2NhLXNoYTItZzYuY3JsMC+gLaArhilodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vc3NjYS1zaGEyLWc2LmNybDBMBgNVHSAERTBDMDcGCWCGSAGG/WwBATAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMAgGBmeBDAECAjB8BggrBgEFBQcBAQRwMG4wJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBGBggrBgEFBQcwAoY6aHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0U0hBMlNlY3VyZVNlcnZlckNBLmNydDAJBgNVHRMEAjAAMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHcApLkJkLQYWBSHuxOizGdwCjw1mAT5G9+443fNDsgN3BAAAAFvwwL8uwAABAMASDBGAiEAhvsrEmj6p1XrK9vinMfOHLuC3rKOq5QshRXDakP1Vo8CIQDrdunYFLP0mpJPwz4AcPP9KwCP9lUw6x7uqF7WB1LPYwB1AF6nc/nfVsDntTZIfdBJ4DJ6kZoMhKESEoQYdZaBcUVYAAABb8MC/GYAAAQDAEYwRAIgZ7Rgk3/LeNnJuHymSbB0j8RM86r/By8rQ7ZLIrbMELwCIGIXrLCtJqoOXHpUFYyZktms22fdmgtoIYumdSt1fYAfMA0GCSqGSIb3DQEBCwUAA4IBAQAHL1sC8cnIQG+wQpRo3V02/ZSRLNbFI1g++Y0pgQfu1xqHaJVDB9ZYF8EeBTD7abt22d6XNjJ6qm5b1CJyeoA9fK/b3QycGNP8CF3P+EUxdaVE6pfnQbbare80nO97iA3ZJrztaI6rJQgNhDtN8IA5fvsjxbgivuIt7MKS0tkDfFyquE3WUb7q4Is8G4J1tR2Po9z3JPkukKTe3ulke2DiFMTvZDtZRaRbgtKUBVBaABkhA1eBcqK6DdW/xBd54cmyGFrVQT123o9BYvqATPaDwGWZtKbRSlfPbo7qDyzXj/IQDvooBqwOHEc6SQ+cTn09KW1Ql34fXSwBfPcF1i/G"
      ],
      "n": "lGZZTmmO0uzJfFk8OlH6qUURU5zf-cAOlK7rxOIaYvtHp2tK-vzTmFL8rBigh2xhoyJcX27pTpNbxt4rBLuSXe6EKvaywNQ8nK-bbExJn93eSwJ68X-VCnu1ZrxT6m4pqJodudYDnDdBm94ScighbLKWDA2A_nmFxLpp_S91C-j83czdiwr5Lrj36nzHxfLbYXg287_iNBFet9ETzd5x01Yzlz4L07yuUkyir9c-alBgPTPNwPDRrWO14CAjKHP23dlnuYFLQbt0a7zibHbBNJeMKo7uB6nwsj8wGrwRYYqX8pnMT3m4Z0Pvp4W1m0OjT6kveTVXDgkQDnc0TWbqaQ"
    }
  ]
}
2020-07-15 13:51:29 SUCCESS
CheckServerKeysIsValid
Server JWKs is valid
server_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "x5t#S256": "N9ma6qWKxCnw3WlJi8-sjy6-K-0zZllYAKZYWYQBCac",
      "e": "AQAB",
      "use": "sig",
      "kid": "external",
      "x5c": [
        "MIIGXzCCBUegAwIBAgIQC9gB6Oun1vt7she1GImF/zANBgkqhkiG9w0BAQsFADBNMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5EaWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMjAwMTIwMDAwMDAwWhcNMjAwOTI2MTIwMDAwWjCBlzELMAkGA1UEBhMCR0IxDzANBgNVBAcTBkxvbmRvbjEvMC0GA1UEChMmSFNCQyBHcm91cCBNYW5hZ2VtZW50IFNlcnZpY2VzIExpbWl0ZWQxGTAXBgNVBAsTEEhEUyBPcGVuIEJhbmtpbmcxKzApBgNVBAMTIlBTRDItRXh0ZXJuYWwtU2lnbmF0dXJlLmhzYmMuY28udWswggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCUZllOaY7S7Ml8WTw6UfqpRRFTnN/5wA6UruvE4hpi+0ena0r6/NOYUvysGKCHbGGjIlxfbulOk1vG3isEu5Jd7oQq9rLA1Dycr5tsTEmf3d5LAnrxf5UKe7VmvFPqbimomh251gOcN0Gb3hJyKCFsspYMDYD+eYXEumn9L3UL6PzdzN2LCvkuuPfqfMfF8ttheDbzv+I0EV630RPN3nHTVjOXPgvTvK5STKKv1z5qUGA9M83A8NGtY7XgICMoc/bd2We5gUtBu3RrvOJsdsE0l4wqju4HqfCyPzAavBFhipfymcxPebhnQ++nhbWbQ6NPqS95NVcOCRAOdzRNZuppAgMBAAGjggLuMIIC6jAfBgNVHSMEGDAWgBQPgGEcgjFh1S8o541GOLQs4cbZ4jAdBgNVHQ4EFgQUoyXF9vfBfUV1641lfcljK+RZVOUwLQYDVR0RBCYwJIIiUFNEMi1FeHRlcm5hbC1TaWduYXR1cmUuaHNiYy5jby51azAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMGsGA1UdHwRkMGIwL6AtoCuGKWh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9zc2NhLXNoYTItZzYuY3JsMC+gLaArhilodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vc3NjYS1zaGEyLWc2LmNybDBMBgNVHSAERTBDMDcGCWCGSAGG/WwBATAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMAgGBmeBDAECAjB8BggrBgEFBQcBAQRwMG4wJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBGBggrBgEFBQcwAoY6aHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0U0hBMlNlY3VyZVNlcnZlckNBLmNydDAJBgNVHRMEAjAAMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHcApLkJkLQYWBSHuxOizGdwCjw1mAT5G9+443fNDsgN3BAAAAFvwwL8uwAABAMASDBGAiEAhvsrEmj6p1XrK9vinMfOHLuC3rKOq5QshRXDakP1Vo8CIQDrdunYFLP0mpJPwz4AcPP9KwCP9lUw6x7uqF7WB1LPYwB1AF6nc/nfVsDntTZIfdBJ4DJ6kZoMhKESEoQYdZaBcUVYAAABb8MC/GYAAAQDAEYwRAIgZ7Rgk3/LeNnJuHymSbB0j8RM86r/By8rQ7ZLIrbMELwCIGIXrLCtJqoOXHpUFYyZktms22fdmgtoIYumdSt1fYAfMA0GCSqGSIb3DQEBCwUAA4IBAQAHL1sC8cnIQG+wQpRo3V02/ZSRLNbFI1g++Y0pgQfu1xqHaJVDB9ZYF8EeBTD7abt22d6XNjJ6qm5b1CJyeoA9fK/b3QycGNP8CF3P+EUxdaVE6pfnQbbare80nO97iA3ZJrztaI6rJQgNhDtN8IA5fvsjxbgivuIt7MKS0tkDfFyquE3WUb7q4Is8G4J1tR2Po9z3JPkukKTe3ulke2DiFMTvZDtZRaRbgtKUBVBaABkhA1eBcqK6DdW/xBd54cmyGFrVQT123o9BYvqATPaDwGWZtKbRSlfPbo7qDyzXj/IQDvooBqwOHEc6SQ+cTn09KW1Ql34fXSwBfPcF1i/G"
      ],
      "n": "lGZZTmmO0uzJfFk8OlH6qUURU5zf-cAOlK7rxOIaYvtHp2tK-vzTmFL8rBigh2xhoyJcX27pTpNbxt4rBLuSXe6EKvaywNQ8nK-bbExJn93eSwJ68X-VCnu1ZrxT6m4pqJodudYDnDdBm94ScighbLKWDA2A_nmFxLpp_S91C-j83czdiwr5Lrj36nzHxfLbYXg287_iNBFet9ETzd5x01Yzlz4L07yuUkyir9c-alBgPTPNwPDRrWO14CAjKHP23dlnuYFLQbt0a7zibHbBNJeMKo7uB6nwsj8wGrwRYYqX8pnMT3m4Z0Pvp4W1m0OjT6kveTVXDgkQDnc0TWbqaQ"
    }
  ]
}
2020-07-15 13:51:29 SUCCESS
ValidateServerJWKs
Valid server JWKs
2020-07-15 13:51:29 SUCCESS
CheckForKeyIdInServerJWKs
All keys contain kids
2020-07-15 13:51:29 SUCCESS
EnsureServerJwksDoesNotContainPrivateOrSymmetricKeys
Jwks does not contain any private or symmetric keys
2020-07-15 13:51:29 SUCCESS
FAPIEnsureMinimumServerKeyLength
Validated minimum key lengths for server_jwks
server_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "x5t#S256": "N9ma6qWKxCnw3WlJi8-sjy6-K-0zZllYAKZYWYQBCac",
      "e": "AQAB",
      "use": "sig",
      "kid": "external",
      "x5c": [
        "MIIGXzCCBUegAwIBAgIQC9gB6Oun1vt7she1GImF/zANBgkqhkiG9w0BAQsFADBNMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5EaWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMjAwMTIwMDAwMDAwWhcNMjAwOTI2MTIwMDAwWjCBlzELMAkGA1UEBhMCR0IxDzANBgNVBAcTBkxvbmRvbjEvMC0GA1UEChMmSFNCQyBHcm91cCBNYW5hZ2VtZW50IFNlcnZpY2VzIExpbWl0ZWQxGTAXBgNVBAsTEEhEUyBPcGVuIEJhbmtpbmcxKzApBgNVBAMTIlBTRDItRXh0ZXJuYWwtU2lnbmF0dXJlLmhzYmMuY28udWswggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCUZllOaY7S7Ml8WTw6UfqpRRFTnN/5wA6UruvE4hpi+0ena0r6/NOYUvysGKCHbGGjIlxfbulOk1vG3isEu5Jd7oQq9rLA1Dycr5tsTEmf3d5LAnrxf5UKe7VmvFPqbimomh251gOcN0Gb3hJyKCFsspYMDYD+eYXEumn9L3UL6PzdzN2LCvkuuPfqfMfF8ttheDbzv+I0EV630RPN3nHTVjOXPgvTvK5STKKv1z5qUGA9M83A8NGtY7XgICMoc/bd2We5gUtBu3RrvOJsdsE0l4wqju4HqfCyPzAavBFhipfymcxPebhnQ++nhbWbQ6NPqS95NVcOCRAOdzRNZuppAgMBAAGjggLuMIIC6jAfBgNVHSMEGDAWgBQPgGEcgjFh1S8o541GOLQs4cbZ4jAdBgNVHQ4EFgQUoyXF9vfBfUV1641lfcljK+RZVOUwLQYDVR0RBCYwJIIiUFNEMi1FeHRlcm5hbC1TaWduYXR1cmUuaHNiYy5jby51azAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMGsGA1UdHwRkMGIwL6AtoCuGKWh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9zc2NhLXNoYTItZzYuY3JsMC+gLaArhilodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vc3NjYS1zaGEyLWc2LmNybDBMBgNVHSAERTBDMDcGCWCGSAGG/WwBATAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMAgGBmeBDAECAjB8BggrBgEFBQcBAQRwMG4wJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBGBggrBgEFBQcwAoY6aHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0U0hBMlNlY3VyZVNlcnZlckNBLmNydDAJBgNVHRMEAjAAMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHcApLkJkLQYWBSHuxOizGdwCjw1mAT5G9+443fNDsgN3BAAAAFvwwL8uwAABAMASDBGAiEAhvsrEmj6p1XrK9vinMfOHLuC3rKOq5QshRXDakP1Vo8CIQDrdunYFLP0mpJPwz4AcPP9KwCP9lUw6x7uqF7WB1LPYwB1AF6nc/nfVsDntTZIfdBJ4DJ6kZoMhKESEoQYdZaBcUVYAAABb8MC/GYAAAQDAEYwRAIgZ7Rgk3/LeNnJuHymSbB0j8RM86r/By8rQ7ZLIrbMELwCIGIXrLCtJqoOXHpUFYyZktms22fdmgtoIYumdSt1fYAfMA0GCSqGSIb3DQEBCwUAA4IBAQAHL1sC8cnIQG+wQpRo3V02/ZSRLNbFI1g++Y0pgQfu1xqHaJVDB9ZYF8EeBTD7abt22d6XNjJ6qm5b1CJyeoA9fK/b3QycGNP8CF3P+EUxdaVE6pfnQbbare80nO97iA3ZJrztaI6rJQgNhDtN8IA5fvsjxbgivuIt7MKS0tkDfFyquE3WUb7q4Is8G4J1tR2Po9z3JPkukKTe3ulke2DiFMTvZDtZRaRbgtKUBVBaABkhA1eBcqK6DdW/xBd54cmyGFrVQT123o9BYvqATPaDwGWZtKbRSlfPbo7qDyzXj/IQDvooBqwOHEc6SQ+cTn09KW1Ql34fXSwBfPcF1i/G"
      ],
      "n": "lGZZTmmO0uzJfFk8OlH6qUURU5zf-cAOlK7rxOIaYvtHp2tK-vzTmFL8rBigh2xhoyJcX27pTpNbxt4rBLuSXe6EKvaywNQ8nK-bbExJn93eSwJ68X-VCnu1ZrxT6m4pqJodudYDnDdBm94ScighbLKWDA2A_nmFxLpp_S91C-j83czdiwr5Lrj36nzHxfLbYXg287_iNBFet9ETzd5x01Yzlz4L07yuUkyir9c-alBgPTPNwPDRrWO14CAjKHP23dlnuYFLQbt0a7zibHbBNJeMKo7uB6nwsj8wGrwRYYqX8pnMT3m4Z0Pvp4W1m0OjT6kveTVXDgkQDnc0TWbqaQ"
    }
  ]
}
2020-07-15 13:51:29 SUCCESS
GetStaticClientConfiguration
Found a static client object
client_id
a7c8a199-a747-484f-aab3-fc383e7e0c10
scope
openid accounts
jwks
{
  "keys": [
    {
      "kty": "RSA",
      "alg": "PS256",
      "kid": "AJ5cA_0bYqlluK0ApjptWjUgkJs",
      "n": "s_ghKALWz1Q6pzU-FcWHJ4Wg_WHPbN2XbMLkyGIc8aCFnkF6YcSDaIgoCfO6DLn2DsQAxDnbX6wGfnLg-jBQ9yPTnXRhv9BFB7r-wipt8haz4Q7BrVGl_K3EiGbRwFrCsE9xLGR_uZhZ1Wgai_kR2AG6IPBqfoa_xBkNRubEtVIdMNNVfpgrjh28IqcIW3n-TvVyLWmenKNN6mkRsWJXAW4OFjue8s0eh0Qr_bIfXafkJTb-moTKyh2W7owph55egU_1-S0Qug9af_upTJKdT4AHvFzd4leLhv0t07G9kJdM65CpWc10hBvHLwALsrEopyFDEjFaWxvbPmvF8OOpCw",
      "e": "AQAB",
      "d": "GqMLJUTmTmGFHOKAgfBuhKb-oQItFUvm8a4W9qGu7wR3Qmkml_niCUK9yltMmj2b8auJAYIeuhZYD7cpHV6xXSLsW02yehV1YiOHOW3WQBKkJRduCx0emDuP7zBoszO7xSS893kYfnvSMAfshfMjdPksd1ueJ4QCNiAPGwNk8gEplKtV28yFW_w10MKTqahBhmKPlgryEXo-iXWYmk_3j6Q3xrX0tcdUEh4JoU1fZTWq-31JAOsigVgZC3_k7dwHQJKGB4ik-eSzN_9lksJWO5jQPhbgwmFAHtsSC88E8poFR85Ialbu8FbTvL7mBb5tmaCIh1b6PlyS45IRIfQ8AQ",
      "p": "6ZbDeMrzFFFAWEuROs1w61RpP_8Zd8r9IuFBM2LVAjWud_07d6tRPDAqEQnE-YYZEXq8VN9g5RCEB2aCs6CQxVB1iqo4Nspa_DgEtKmDRswfZ4qjQATeF3JzIZFXHR6ZQAzhzh1R65RlFh_IBmE2gFXV8efdqknoI8uEpyzJbYE",
      "q": "xTxmXD_hcc0HJaK2rQi02m4_L4abGe24v12AEWdYZIkkNQEYxA2h1uaeEhpGBE8jI7X6mONAhW9sUJ_Dxmdlt68QgaJjrudSDlk1aOo25j6SqzPBCWebzWMaOobxx1tSnNCndfsnXUA29BsUDhA6EVrzN58Y2FvDd0KiKpbHNIs",
      "dp": "075m00ilsPU2btORgsxYX_rUrb6BR6YqcUPf5sTgcnBXB032ajRSH01J1MgWVlrIvp-TuRwEqaCfDlZOhKY4laSp6FkFPCWS9K-TFHHVHohKr4FtGstOx9JnqzYk0bC7GuSSjFTnvbV3LOcCW0YkMZGdrvuQZJ06YbhLN3_R2AE",
      "dq": "dBSvPb3PBnYfrbPNBZupLSFTiLoVELaLU_1IgXWsXUclixiBJenMBTmncIoMCT82NC9HNLIS6DWCrxTIWT3DbM7YzSLwviCgd5djSsMF2o6bLa2A__L9jGy2JBoFtEn4HhjjZhmRul0vuo0xSXGda1d265Z0PeoL6WXLIXup9C8",
      "qi": "J-cinRm-Eh_IddQhVeEAInmjqpFLPpJlAdAkrLdzktGq6l-TPeQh5G53VY-dl-hnfDfHWPoh7LLphEBFBSrVC9TGsFtpvycKCBdDcTQgGZLXwVid_WO_DdMwvEhCuoEDtyC_2BWkliF1OHTZUIxw2gNYjkzDegZTVH-AQLXKdeI"
    }
  ]
}
2020-07-15 13:51:29
ValidateMTLSCertificatesHeader
No certificate authority found for MTLS
2020-07-15 13:51:29 SUCCESS
ValidateMTLSCertificatesHeader
MTLS certificates header is valid
2020-07-15 13:51:29
ExtractMTLSCertificatesFromConfiguration
No certificate authority found for MTLS
2020-07-15 13:51:29 SUCCESS
ExtractMTLSCertificatesFromConfiguration
Mutual TLS authentication credentials loaded
cert
MIIGMzCCBRugAwIBAgIEWf+FWzANBgkqhkiG9w0BAQsFADBEMQswCQYDVQQGEwJHQjEUMBIGA1UEChMLT3BlbkJhbmtpbmcxHzAdBgNVBAMTFk9wZW5CYW5raW5nIElzc3VpbmcgQ0EwHhcNMTkxMTA2MDgzMTEwWhcNMjExMTA2MDkwMTEwWjBgMQswCQYDVQQGEwJHQjEZMBcGA1UEChMQSFNCQyBVSyBCYW5rIFBsYzEZMBcGA1UEYRMQUFNER0ItRkNBLTc2NTExMjEbMBkGA1UEAxMSMDAxNTgwMDAwMTZpNDRKQUFRMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw+YPyQLOEqt6LGPPDOLN7HuZg0HpDgxbtBkh3Wz7piWw7tBkcF7tXd+UwNMpkeWi9cK+IcRKswQojH7CI58byl3er2F0XzRhvYFQXgX157M+uEnvTNpFXMz7uofuXVnZn4QAtr4R4VZEFSWcdLypwspzhND+cQbIbVEXYy1wtCi8rJB1QUFq/H3LGzlyh4ftMhqWg7gK1SMNmRir2g96dpJ4qXeBh6UBfOHLLcnikKhzug0doBUkWyUH+uoWxgIbYy+yIk+1kR5W3US+FN/Vi10echoW9gRPKi4EgNkinmB6Xsxtm6lH8e1u1vQdFUUEjGPlsa59zal/kaWZDRobsQIDAQABo4IDDzCCAwswDgYDVR0PAQH/BAQDAgeAMIGLBggrBgEFBQcBAwR/MH0wEwYGBACORgEGMAkGBwQAjkYBBgMwZgYGBACBmCcCMFwwNTAzBgcEAIGYJwECDAZQU1BfUEkGBwQAgZgnAQMMBlBTUF9BSQYHBACBmCcBBAwGUFNQX0lDDBtGaW5hbmNpYWwgQ29uZHVjdCBBdXRob3JpdHkMBkdCLUZDQTAgBgNVHSUBAf8EFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwggFSBgNVHSAEggFJMIIBRTCCAUEGCysGAQQBqHWBBgEBMIIBMDA1BggrBgEFBQcCARYpaHR0cDovL29iLnRydXN0aXMuY29tL3Byb2R1Y3Rpb24vcG9saWNpZXMwgfYGCCsGAQUFBwICMIHpDIHmVGhpcyBDZXJ0aWZpY2F0ZSBpcyBzb2xlbHkgZm9yIHVzZSB3aXRoIE9wZW4gQmFua2luZyBMaW1pdGVkIGFuZCBhc3NvY2lhdGVkIE9wZW4gQmFua2luZyBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNlIGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIE9wZW4gQmFua2luZyBMaW1pdGVkIENlcnRpZmljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhlcmVpbi4wcgYIKwYBBQUHAQEEZjBkMCYGCCsGAQUFBzABhhpodHRwOi8vb2IudHJ1c3Rpcy5jb20vb2NzcDA6BggrBgEFBQcwAoYuaHR0cDovL29iLnRydXN0aXMuY29tL3Byb2R1Y3Rpb24vaXNzdWluZ2NhLmNydDA/BgNVHR8EODA2MDSgMqAwhi5odHRwOi8vb2IudHJ1c3Rpcy5jb20vcHJvZHVjdGlvbi9pc3N1aW5nY2EuY3JsMB8GA1UdIwQYMBaAFJ9Jv042p6zDDyvIR/QfKRvAeQsFMB0GA1UdDgQWBBSVMH4pucCvv1fh9uCqjd8NifLutjANBgkqhkiG9w0BAQsFAAOCAQEAWsgAUN4+7KbGzA4qGWdcJmuzEKKivazwUETyW85+WxJUFw0AMbBTqvwH9MPjU9hbkM7JnMDhwz4bcGpIJJyKRo8oJx9sAa6jaEMFPfHiyhiZNhBRAekblmHcyQ1FxGj3x1kYl8aU7a8W5U7s78ie3dgm6CMtzNkzO2PKO0akngRu/2Qgtc6gyxuBLvJhUblbXYHfw5zcEMTvqtLyv62vJN24FaR33nOmagtkUinK6K6fsHuep0se/5OYVImbmbX8/29K2XOP69JQgsCxED30orTNDiRdS8nJYpNG7pyBKFnn4mG46UNH2AB7nBlWdqhnTtvuWWUpUtnE2KYV75CW3A==
key
MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDD5g/JAs4Sq3osY88M4s3se5mDQekODFu0GSHdbPumJbDu0GRwXu1d35TA0ymR5aL1wr4hxEqzBCiMfsIjnxvKXd6vYXRfNGG9gVBeBfXnsz64Se9M2kVczPu6h+5dWdmfhAC2vhHhVkQVJZx0vKnCynOE0P5xBshtURdjLXC0KLyskHVBQWr8fcsbOXKHh+0yGpaDuArVIw2ZGKvaD3p2knipd4GHpQF84cstyeKQqHO6DR2gFSRbJQf66hbGAhtjL7IiT7WRHlbdRL4U39WLXR5yGhb2BE8qLgSA2SKeYHpezG2bqUfx7W7W9B0VRQSMY+Wxrn3NqX+RpZkNGhuxAgMBAAECggEAcy+oYnJCx1mKqeU6DoKhwIZgmnw70+XSWhBZCECXq3cIFTP1itlWStc3OTYwgDf9XPJYJ7Sqk55DVXEHKDja91/Am3D7IyvCuNH7dn2cvNN5cpUOnyrMlCd3cJOSxdMaEiBk5w7VpqC5wZFu8HkqfH3b9OGKat0pJpYC4W8LkPJHMW1C6AYEDRJa4bQj6NuHn4TsTKazZWsA+VkaAPIu6fJd8z9GVGwmmLQGt+K+hI8V6gsAu6LG2/C7zGcj6SCLcx9DsRXWSO8K9znd4POla+dTIKVEtjTI3Jg5NvqMZc98DYutBoYGVWM6OEAd2jXPn65UTjVO4zFPKxl1QOeSAQKBgQDuvbPrtZUAlQts7lUdVGc/mv54pNuA3hwwPiM8k/Ts8qMRAlSb93vVz58xXu/ALUpWDNwSkKd5WYdsxH3qxpkrLG4bwYVV9KV08GVQmQ6H8PAC6w9gbg9UgxT8xsnVZJIaKA0ndrBZTmYBLXsBDu1GeiyD4gO1GnlV2at47IHDUQKBgQDSD32K2IYaaVFFbbsB4Rs9nDweZD0+y4su/Gkec3TUZg076nb74vyHBfbTDCB9r2cpNV3hYe2kNksNNf27O3t7jYvbiFrFIRINJspO0cCBoUbyuXf1u34R7amXA9k+Fwd521msjm9Dh+pqk4qRQdKSXkGIfCgYm+ieZikXY5L6YQKBgGAo/rg5CkwSvGhi0tuebHvdFRRI6rTMQbRYwt6ahbOOw4mNU8ECfNmQ6AD9yTmxxFhGk7nSk/I30mlH96PB3F3cZnk9iFQn1yDz1wsQqx6sODAkt6vSiNA0gBaUhyUxffuVGD9F+h/uiP1+cSXq+j1B5n40YePnRuoCY6OwN1ARAoGADLIk+1RU3pnI8LJOIDHzzIh51bhnPzlcIy3cSJvfzsqQODPWlyjD7IE+xsiv2gjU6lewYePiUg95/8VonX1d3DzU3CLkoY97INJcXeEtimgt+pOdHXwEhZ7gpiD0a11G9WV9iQFe1i0LzP8328mnqXMK8O3YGoypxZEVILXC92ECgYBi9WbaNoElxoXdrie8wPPFZRp6xs2gZGj4Px/HjuT9hY2nKl9NIcqogAyVuVmAp82N4YBwzW0bZ+KSn1aVnPLgfXEy3f3OglfiI4I7/cBA9xwC6fLO1uQ1aD3bQTSiukqGAQhS3mTGInr5WpPeGsWNHozKBohROHw/n1Ugz8ejLQ==
2020-07-15 13:51:29 SUCCESS
ValidateClientJWKsPrivatePart
Valid client JWKs
2020-07-15 13:51:29 SUCCESS
ExtractJWKsFromStaticClientConfiguration
Extracted client JWK
client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "alg": "PS256",
      "kid": "AJ5cA_0bYqlluK0ApjptWjUgkJs",
      "n": "s_ghKALWz1Q6pzU-FcWHJ4Wg_WHPbN2XbMLkyGIc8aCFnkF6YcSDaIgoCfO6DLn2DsQAxDnbX6wGfnLg-jBQ9yPTnXRhv9BFB7r-wipt8haz4Q7BrVGl_K3EiGbRwFrCsE9xLGR_uZhZ1Wgai_kR2AG6IPBqfoa_xBkNRubEtVIdMNNVfpgrjh28IqcIW3n-TvVyLWmenKNN6mkRsWJXAW4OFjue8s0eh0Qr_bIfXafkJTb-moTKyh2W7owph55egU_1-S0Qug9af_upTJKdT4AHvFzd4leLhv0t07G9kJdM65CpWc10hBvHLwALsrEopyFDEjFaWxvbPmvF8OOpCw",
      "e": "AQAB",
      "d": "GqMLJUTmTmGFHOKAgfBuhKb-oQItFUvm8a4W9qGu7wR3Qmkml_niCUK9yltMmj2b8auJAYIeuhZYD7cpHV6xXSLsW02yehV1YiOHOW3WQBKkJRduCx0emDuP7zBoszO7xSS893kYfnvSMAfshfMjdPksd1ueJ4QCNiAPGwNk8gEplKtV28yFW_w10MKTqahBhmKPlgryEXo-iXWYmk_3j6Q3xrX0tcdUEh4JoU1fZTWq-31JAOsigVgZC3_k7dwHQJKGB4ik-eSzN_9lksJWO5jQPhbgwmFAHtsSC88E8poFR85Ialbu8FbTvL7mBb5tmaCIh1b6PlyS45IRIfQ8AQ",
      "p": "6ZbDeMrzFFFAWEuROs1w61RpP_8Zd8r9IuFBM2LVAjWud_07d6tRPDAqEQnE-YYZEXq8VN9g5RCEB2aCs6CQxVB1iqo4Nspa_DgEtKmDRswfZ4qjQATeF3JzIZFXHR6ZQAzhzh1R65RlFh_IBmE2gFXV8efdqknoI8uEpyzJbYE",
      "q": "xTxmXD_hcc0HJaK2rQi02m4_L4abGe24v12AEWdYZIkkNQEYxA2h1uaeEhpGBE8jI7X6mONAhW9sUJ_Dxmdlt68QgaJjrudSDlk1aOo25j6SqzPBCWebzWMaOobxx1tSnNCndfsnXUA29BsUDhA6EVrzN58Y2FvDd0KiKpbHNIs",
      "dp": "075m00ilsPU2btORgsxYX_rUrb6BR6YqcUPf5sTgcnBXB032ajRSH01J1MgWVlrIvp-TuRwEqaCfDlZOhKY4laSp6FkFPCWS9K-TFHHVHohKr4FtGstOx9JnqzYk0bC7GuSSjFTnvbV3LOcCW0YkMZGdrvuQZJ06YbhLN3_R2AE",
      "dq": "dBSvPb3PBnYfrbPNBZupLSFTiLoVELaLU_1IgXWsXUclixiBJenMBTmncIoMCT82NC9HNLIS6DWCrxTIWT3DbM7YzSLwviCgd5djSsMF2o6bLa2A__L9jGy2JBoFtEn4HhjjZhmRul0vuo0xSXGda1d265Z0PeoL6WXLIXup9C8",
      "qi": "J-cinRm-Eh_IddQhVeEAInmjqpFLPpJlAdAkrLdzktGq6l-TPeQh5G53VY-dl-hnfDfHWPoh7LLphEBFBSrVC9TGsFtpvycKCBdDcTQgGZLXwVid_WO_DdMwvEhCuoEDtyC_2BWkliF1OHTZUIxw2gNYjkzDegZTVH-AQLXKdeI"
    }
  ]
}
public_client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "kid": "AJ5cA_0bYqlluK0ApjptWjUgkJs",
      "alg": "PS256",
      "n": "s_ghKALWz1Q6pzU-FcWHJ4Wg_WHPbN2XbMLkyGIc8aCFnkF6YcSDaIgoCfO6DLn2DsQAxDnbX6wGfnLg-jBQ9yPTnXRhv9BFB7r-wipt8haz4Q7BrVGl_K3EiGbRwFrCsE9xLGR_uZhZ1Wgai_kR2AG6IPBqfoa_xBkNRubEtVIdMNNVfpgrjh28IqcIW3n-TvVyLWmenKNN6mkRsWJXAW4OFjue8s0eh0Qr_bIfXafkJTb-moTKyh2W7owph55egU_1-S0Qug9af_upTJKdT4AHvFzd4leLhv0t07G9kJdM65CpWc10hBvHLwALsrEopyFDEjFaWxvbPmvF8OOpCw"
    }
  ]
}
2020-07-15 13:51:29 SUCCESS
CheckForKeyIdInClientJWKs
All keys contain kids
2020-07-15 13:51:29 SUCCESS
CheckDistinctKeyIdValueInClientJWKs
Distinct 'kid' value in all keys of client_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2020-07-15 13:51:29 SUCCESS
FAPICheckKeyAlgInClientJWKs
Found a key with alg PS256 or ES256
2020-07-15 13:51:29 SUCCESS
FAPIEnsureMinimumClientKeyLength
Validated minimum key lengths for client_jwks
client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "alg": "PS256",
      "kid": "AJ5cA_0bYqlluK0ApjptWjUgkJs",
      "n": "s_ghKALWz1Q6pzU-FcWHJ4Wg_WHPbN2XbMLkyGIc8aCFnkF6YcSDaIgoCfO6DLn2DsQAxDnbX6wGfnLg-jBQ9yPTnXRhv9BFB7r-wipt8haz4Q7BrVGl_K3EiGbRwFrCsE9xLGR_uZhZ1Wgai_kR2AG6IPBqfoa_xBkNRubEtVIdMNNVfpgrjh28IqcIW3n-TvVyLWmenKNN6mkRsWJXAW4OFjue8s0eh0Qr_bIfXafkJTb-moTKyh2W7owph55egU_1-S0Qug9af_upTJKdT4AHvFzd4leLhv0t07G9kJdM65CpWc10hBvHLwALsrEopyFDEjFaWxvbPmvF8OOpCw",
      "e": "AQAB",
      "d": "GqMLJUTmTmGFHOKAgfBuhKb-oQItFUvm8a4W9qGu7wR3Qmkml_niCUK9yltMmj2b8auJAYIeuhZYD7cpHV6xXSLsW02yehV1YiOHOW3WQBKkJRduCx0emDuP7zBoszO7xSS893kYfnvSMAfshfMjdPksd1ueJ4QCNiAPGwNk8gEplKtV28yFW_w10MKTqahBhmKPlgryEXo-iXWYmk_3j6Q3xrX0tcdUEh4JoU1fZTWq-31JAOsigVgZC3_k7dwHQJKGB4ik-eSzN_9lksJWO5jQPhbgwmFAHtsSC88E8poFR85Ialbu8FbTvL7mBb5tmaCIh1b6PlyS45IRIfQ8AQ",
      "p": "6ZbDeMrzFFFAWEuROs1w61RpP_8Zd8r9IuFBM2LVAjWud_07d6tRPDAqEQnE-YYZEXq8VN9g5RCEB2aCs6CQxVB1iqo4Nspa_DgEtKmDRswfZ4qjQATeF3JzIZFXHR6ZQAzhzh1R65RlFh_IBmE2gFXV8efdqknoI8uEpyzJbYE",
      "q": "xTxmXD_hcc0HJaK2rQi02m4_L4abGe24v12AEWdYZIkkNQEYxA2h1uaeEhpGBE8jI7X6mONAhW9sUJ_Dxmdlt68QgaJjrudSDlk1aOo25j6SqzPBCWebzWMaOobxx1tSnNCndfsnXUA29BsUDhA6EVrzN58Y2FvDd0KiKpbHNIs",
      "dp": "075m00ilsPU2btORgsxYX_rUrb6BR6YqcUPf5sTgcnBXB032ajRSH01J1MgWVlrIvp-TuRwEqaCfDlZOhKY4laSp6FkFPCWS9K-TFHHVHohKr4FtGstOx9JnqzYk0bC7GuSSjFTnvbV3LOcCW0YkMZGdrvuQZJ06YbhLN3_R2AE",
      "dq": "dBSvPb3PBnYfrbPNBZupLSFTiLoVELaLU_1IgXWsXUclixiBJenMBTmncIoMCT82NC9HNLIS6DWCrxTIWT3DbM7YzSLwviCgd5djSsMF2o6bLa2A__L9jGy2JBoFtEn4HhjjZhmRul0vuo0xSXGda1d265Z0PeoL6WXLIXup9C8",
      "qi": "J-cinRm-Eh_IddQhVeEAInmjqpFLPpJlAdAkrLdzktGq6l-TPeQh5G53VY-dl-hnfDfHWPoh7LLphEBFBSrVC9TGsFtpvycKCBdDcTQgGZLXwVid_WO_DdMwvEhCuoEDtyC_2BWkliF1OHTZUIxw2gNYjkzDegZTVH-AQLXKdeI"
    }
  ]
}
2020-07-15 13:51:29 SUCCESS
ValidateMTLSCertificatesAsX509
Mutual TLS authentication cert validated as X.509
Verify configuration of second client
2020-07-15 13:51:29 SUCCESS
GetStaticClient2Configuration
Found a static second client object
client_id
0bb806ff-407b-4c22-b1c7-95340f841482
scope
openid accounts
jwks
{
  "keys": [
    {
      "kty": "RSA",
      "alg": "PS256",
      "kid": "Vkh-Ct02Zjn_tq7tRLCY-yXBFJs",
      "n": "ypGvsPLXBWFKso71qpEGiP67A8wrHqulH3xbB1yo0FBdP0KfFIUTj4kiANEntXo00J88WjwPKLQ6GwhmsxCaVBSTMfV1ZTRMX-wGbYVPFMbW5As6sbGWGQpQ0jslPgPew0TJRuzYA8rFK3njkHH4B-E4QYnShDyXCuwH0Ifi7KsFA4imykpPcBKUalORRFmB60DWHbmEMf5ooJdqh4mtibg4YcS3QSzoItJVzU2yzVsyQqvlbrIK9-bjepFnNOpJ5z1rxzxIPDRt5fzzIbiRKib1lCH3aBbE9F72JvSZEEWxohm4Pd6-h4mPtKTw2Bz6bPjkk66k9N0WMkZFqe09_w",
      "e": "AQAB",
      "d": "XjrC9ZchOtl1O_aQhNWNqrCEIlIZRN0npKveVGBgDvczSTgedBcrcDukW6jvxdWhN-K62mbRzmd4GBciXu28PJyNlFHQWFGprX1HyC6ZCNsuH0qx9PLdFazcx87Hlj-Kol8fGiUWnzz11zGOECVT8aZs2t_X07ezs1r0j6aGgvx-MKTii4ZvezF01ivGhdWeC2luP53FHGNtwb-52HpAChQ0Jlj2AsQFJgh_1EErh9fZMojh03Z0PiizRlj_N4oMg0SULCA2OrnPoJO7d49BSeLqOg6GQCfCcB_rer-gWtNyd9qunALksLU9VQID1ezPJmPPMmroCJ1HBTLe79UfkQ",
      "p": "-st95wdpFTIiqnCyeLgrmzlzB6SPZ01FJFJLPWW5AGte3oZ32RjKMzTScjQpZ6gffrPfrEHpwyQaAUe7O943-LVlB-elpVc8K1fGCF0zSCO9OoXqxtY-0mQFMAYeBLLzi4iY9MI-_5gzTziLvSMpMJ4fVVvaK82NttBoQRPv2Ss",
      "q": "zsX2zcxPZD-TPbueVfOu5sUWqhIUQcozVCZqLMLKX7nunpNTe1uCEB-26u5drrZLF-KvossRrOirB8r5_u3jPUg03alwfighicLnj-6ARfnD1S4Eq0PqoonhusCyWCbxELE_0KTgLklSrJ-BxluVNXwg321afYYwQVl8199unH0",
      "dp": "OUCVGFWPvp_4W_JoO7jHc6MUyGzfs9Rm8Vi8BmMfbaIVQTVvTKclGbV4SUvxG9G8ht8nM5rEc6DdMueeLZeYLXWzf695GBqnCLn74lLsbw6Bl0eVBhlItBzTNlhfJ_F2OadQS6fAW_bx16bv95h8QbYHLyRN1OwS6uX-tsSHX4s",
      "dq": "rWO77h8hhAL7yYyG3bSWOdWTh9HZQsH4ANyltBsz8MnNmxQXsR2vFy5BCQgRbuxWVBU3CuAWVlRU9xfyQx_gqgberfHj7yZf2VGjNELfNc6XtS_9olA1dU8CBsSHyPv-seywgpl_k9DQjwjCnj82A7-vISxl8VSRKnuMAMnPy1E",
      "qi": "C7qyQO3RFiic8eADHunBZHHRiqcH4FWAmBFzBg_87PZIS66Jfyj6hktK9lQUlXNpBMO4zAq-2nm2ihKBUYeMiOeOKq9mqLAAUCJgmrrsgl0aa26-jFFf81JQZpYWXqpLoV5oHxkbz2DzA2EtLHcVL998ICK6q_1d4Tbr_YLaVfM"
    }
  ]
}
2020-07-15 13:51:29
ValidateMTLSCertificates2Header
No certificate authority found for MTLS
2020-07-15 13:51:29 SUCCESS
ValidateMTLSCertificates2Header
MTLS certificates header is valid
2020-07-15 13:51:29
ExtractMTLSCertificates2FromConfiguration
No certificate authority found for MTLS
2020-07-15 13:51:29 SUCCESS
ExtractMTLSCertificates2FromConfiguration
Mutual TLS authentication credentials loaded
cert
MIIGHjCCBQagAwIBAgIEWf+vhDANBgkqhkiG9w0BAQsFADBEMQswCQYDVQQGEwJHQjEUMBIGA1UEChMLT3BlbkJhbmtpbmcxHzAdBgNVBAMTFk9wZW5CYW5raW5nIElzc3VpbmcgQ0EwHhcNMjAwNjE5MDc1MDQxWhcNMjIwNjE5MDgyMDQxWjBdMQswCQYDVQQGEwJHQjEWMBQGA1UEChMNSFNCQyBCYW5rIHBsYzEZMBcGA1UEYRMQUFNER0ItRkNBLTExNDIxNjEbMBkGA1UEAxMSMDAxNTgwMDAwMGplb3gxQUFBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA45S4jkoqOUkDvmx0fQcmAj0ccly2605u886xNABzTl1nMwP9Pg/FiPV8e8OzQZ9xIgmgB+iVau/BDQsLKvjFVu3qOLSGbKLFw0M+BxS/0aoTDbVEUntWlhlwvRRNHdStf5aq/OScVgpnGHwctCxwlAbPFIIFfEpBxPsyXJDIosubJCaC/P/RlXJlZBlum8y59sppfJtrsRx4Im6kndCzYzfjdogOwWOUGbxSIKNFIRml/jozorngd3KfKQfAyDOwUlbEvwq6fTqdASzFeOAuPEcgUptoBZrKYHrQe9UMMEtOoi3+r8j5zcAGqWHQqm0ezExbFKgW//Hr9lBgK1BaHwIDAQABo4IC/TCCAvkwDgYDVR0PAQH/BAQDAgeAMHoGCCsGAQUFBwEDBG4wbDATBgYEAI5GAQYwCQYHBACORgEGAzBVBgYEAIGYJwIwSzAkMCIGBwQAgZgnAQIMBlBTUF9QSQYHBACBmCcBAwwGUFNQX0FJDBtGaW5hbmNpYWwgQ29uZHVjdCBBdXRob3JpdHkMBkdCLUZDQTAgBgNVHSUBAf8EFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwggFSBgNVHSAEggFJMIIBRTCCAUEGCysGAQQBqHWBBgEBMIIBMDA1BggrBgEFBQcCARYpaHR0cDovL29iLnRydXN0aXMuY29tL3Byb2R1Y3Rpb24vcG9saWNpZXMwgfYGCCsGAQUFBwICMIHpDIHmVGhpcyBDZXJ0aWZpY2F0ZSBpcyBzb2xlbHkgZm9yIHVzZSB3aXRoIE9wZW4gQmFua2luZyBMaW1pdGVkIGFuZCBhc3NvY2lhdGVkIE9wZW4gQmFua2luZyBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNlIGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIE9wZW4gQmFua2luZyBMaW1pdGVkIENlcnRpZmljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhlcmVpbi4wcgYIKwYBBQUHAQEEZjBkMCYGCCsGAQUFBzABhhpodHRwOi8vb2IudHJ1c3Rpcy5jb20vb2NzcDA6BggrBgEFBQcwAoYuaHR0cDovL29iLnRydXN0aXMuY29tL3Byb2R1Y3Rpb24vaXNzdWluZ2NhLmNydDA/BgNVHR8EODA2MDSgMqAwhi5odHRwOi8vb2IudHJ1c3Rpcy5jb20vcHJvZHVjdGlvbi9pc3N1aW5nY2EuY3JsMB8GA1UdIwQYMBaAFJ9Jv042p6zDDyvIR/QfKRvAeQsFMB0GA1UdDgQWBBQoIn6Ety8TZj9GRDa5DN86OlSsODANBgkqhkiG9w0BAQsFAAOCAQEAiSq13ZVHuzXghDE7hyNumLrQRdL2a5ZeSI791HyusBAdoISktL1pShtEa0PM1keEknkE0cfO/qKDMjayNCQk/YeqZ58SgH4zbWn0p01rW9T9tdbr2dtqAx8encOUT8nBHodpKIH1BeB/DmE/TKd5NlHsDfOXE4CakKGvJb3qzz4/XdDBCCaD8odSQcbcK9Ss8OHMKjHm5DOLgQO7JOSDZLDd1MWdi5VmatsUPdaEY/bc+jhPCVGCfxg6A08Ukee8dFLCPGOp/Db/VPU9knBTwBCRZKnurpfaODuOZSrDzMSQiX1h5MrJWGc21Fhm1lH46T9V95h9QzKIEmRGKVajRw==
key
MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDjlLiOSio5SQO+bHR9ByYCPRxyXLbrTm7zzrE0AHNOXWczA/0+D8WI9Xx7w7NBn3EiCaAH6JVq78ENCwsq+MVW7eo4tIZsosXDQz4HFL/RqhMNtURSe1aWGXC9FE0d1K1/lqr85JxWCmcYfBy0LHCUBs8UggV8SkHE+zJckMiiy5skJoL8/9GVcmVkGW6bzLn2yml8m2uxHHgibqSd0LNjN+N2iA7BY5QZvFIgo0UhGaX+OjOiueB3cp8pB8DIM7BSVsS/Crp9Op0BLMV44C48RyBSm2gFmspgetB71QwwS06iLf6vyPnNwAapYdCqbR7MTFsUqBb/8ev2UGArUFofAgMBAAECggEAVBEu75jj6g9Xq7MCgODwIGmUpYYsJ9XsVHGosc3syijko0q49ID89i/AkTNkdzw/nVQy4lj/QOZZyMioknIc65StLc85zM2AAjZHpnP6u6d4rFqmZ1WaUY4KQD5MklVq1bPBa/PC8GGdXcUTEVdNKtEtE6VIA3amvu4P13PAOaoMKecxmKVCu8sEAwf5FCw1rP7lQDVwz+PsOGiGCY/SnWOMJAMwPp4UverTzoVvNmrD7n3XMl5E0IIatAeij5Dr5ZCA1wmzOGO3fQPuIZsD1bETqITguG3hN5QaOWqsvBPzwcia2ANBH/ByJI4yUVIhYrSS033OvcOZyOMC2q02aQKBgQD6+NbrKj4HfNBhDZmbdLCVfHRfx8PUVK8vx2Fx7gXSRs+c2scvviFYZnFiH86hog+UIWopFa/5bdumScRDxjuip7bQLEyVlT8YeEBtGDSeSfISqB1FR+eWcWm/SyjKUrwrI2nWZdqACudI+7vikgFAKTmee7v30J+DrkhcqzkEdQKBgQDoI+peLtTUixhDksj/70B/3y4IG8n4kdTRMqNiUE42uHRmNbyo5OKVE6RsKpDhKzRNC7ac1mO9//e85vrABvno3KC2Y5MMzka/HvC7bI3wMF/N1N6197dk5l7436l+55DlUcc08KY6iJ3yBcCBXLJaM+R6Vhr/GHS/bpE2BLeBwwKBgERk9Az6YhUgSploX2giEM1sMTq48gE3Ytaee0vVFfkMGyAf7xBvvB6fLF8VU/Zwd9ZilM/FfUN4UNesWrQtnariEcwBho1tMti0TLpuUkig1juHXRK4WcCB/9OF5APfMDCBYiJvd3BViFo3YCiKqZSWp4EtLziFvjLgmA/JCazRAoGAdO+qnrjugwZyOY/Wan4luoQ9Ft6QtgMX9i2Q+fREAfKWx+nn2Bg8PyY+3DHw+0wdM3ZkDcs9QTeQnvqnc1XQS8nftyCfsYKzRpEaaP883LIxgGjrqzRWkKAvVSStp/yUE8BHHdbflXq+PW1CVKfSO/gJ7sozHS8/mDLlORXVLqsCgYAVQu4z+4I7clJasneCjcnL62cO1vbdSUK1M4M22P9QnpfIERa+frcV40X1/Sl3J7RgmNWdKEwX1hc9B94oBL/OrZxwv9mnuXvlAatJooGfoW+RUjsfx4+BepYIxXuOIzvXxcN8+XP8Dr+45gkfG8T8v2uVzxSfNAh+BqtZgR6g8Q==
2020-07-15 13:51:29 SUCCESS
ValidateClientJWKsPrivatePart
Valid client JWKs
2020-07-15 13:51:29 SUCCESS
ExtractJWKsFromStaticClientConfiguration
Extracted client JWK
client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "alg": "PS256",
      "kid": "Vkh-Ct02Zjn_tq7tRLCY-yXBFJs",
      "n": "ypGvsPLXBWFKso71qpEGiP67A8wrHqulH3xbB1yo0FBdP0KfFIUTj4kiANEntXo00J88WjwPKLQ6GwhmsxCaVBSTMfV1ZTRMX-wGbYVPFMbW5As6sbGWGQpQ0jslPgPew0TJRuzYA8rFK3njkHH4B-E4QYnShDyXCuwH0Ifi7KsFA4imykpPcBKUalORRFmB60DWHbmEMf5ooJdqh4mtibg4YcS3QSzoItJVzU2yzVsyQqvlbrIK9-bjepFnNOpJ5z1rxzxIPDRt5fzzIbiRKib1lCH3aBbE9F72JvSZEEWxohm4Pd6-h4mPtKTw2Bz6bPjkk66k9N0WMkZFqe09_w",
      "e": "AQAB",
      "d": "XjrC9ZchOtl1O_aQhNWNqrCEIlIZRN0npKveVGBgDvczSTgedBcrcDukW6jvxdWhN-K62mbRzmd4GBciXu28PJyNlFHQWFGprX1HyC6ZCNsuH0qx9PLdFazcx87Hlj-Kol8fGiUWnzz11zGOECVT8aZs2t_X07ezs1r0j6aGgvx-MKTii4ZvezF01ivGhdWeC2luP53FHGNtwb-52HpAChQ0Jlj2AsQFJgh_1EErh9fZMojh03Z0PiizRlj_N4oMg0SULCA2OrnPoJO7d49BSeLqOg6GQCfCcB_rer-gWtNyd9qunALksLU9VQID1ezPJmPPMmroCJ1HBTLe79UfkQ",
      "p": "-st95wdpFTIiqnCyeLgrmzlzB6SPZ01FJFJLPWW5AGte3oZ32RjKMzTScjQpZ6gffrPfrEHpwyQaAUe7O943-LVlB-elpVc8K1fGCF0zSCO9OoXqxtY-0mQFMAYeBLLzi4iY9MI-_5gzTziLvSMpMJ4fVVvaK82NttBoQRPv2Ss",
      "q": "zsX2zcxPZD-TPbueVfOu5sUWqhIUQcozVCZqLMLKX7nunpNTe1uCEB-26u5drrZLF-KvossRrOirB8r5_u3jPUg03alwfighicLnj-6ARfnD1S4Eq0PqoonhusCyWCbxELE_0KTgLklSrJ-BxluVNXwg321afYYwQVl8199unH0",
      "dp": "OUCVGFWPvp_4W_JoO7jHc6MUyGzfs9Rm8Vi8BmMfbaIVQTVvTKclGbV4SUvxG9G8ht8nM5rEc6DdMueeLZeYLXWzf695GBqnCLn74lLsbw6Bl0eVBhlItBzTNlhfJ_F2OadQS6fAW_bx16bv95h8QbYHLyRN1OwS6uX-tsSHX4s",
      "dq": "rWO77h8hhAL7yYyG3bSWOdWTh9HZQsH4ANyltBsz8MnNmxQXsR2vFy5BCQgRbuxWVBU3CuAWVlRU9xfyQx_gqgberfHj7yZf2VGjNELfNc6XtS_9olA1dU8CBsSHyPv-seywgpl_k9DQjwjCnj82A7-vISxl8VSRKnuMAMnPy1E",
      "qi": "C7qyQO3RFiic8eADHunBZHHRiqcH4FWAmBFzBg_87PZIS66Jfyj6hktK9lQUlXNpBMO4zAq-2nm2ihKBUYeMiOeOKq9mqLAAUCJgmrrsgl0aa26-jFFf81JQZpYWXqpLoV5oHxkbz2DzA2EtLHcVL998ICK6q_1d4Tbr_YLaVfM"
    }
  ]
}
public_client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "kid": "Vkh-Ct02Zjn_tq7tRLCY-yXBFJs",
      "alg": "PS256",
      "n": "ypGvsPLXBWFKso71qpEGiP67A8wrHqulH3xbB1yo0FBdP0KfFIUTj4kiANEntXo00J88WjwPKLQ6GwhmsxCaVBSTMfV1ZTRMX-wGbYVPFMbW5As6sbGWGQpQ0jslPgPew0TJRuzYA8rFK3njkHH4B-E4QYnShDyXCuwH0Ifi7KsFA4imykpPcBKUalORRFmB60DWHbmEMf5ooJdqh4mtibg4YcS3QSzoItJVzU2yzVsyQqvlbrIK9-bjepFnNOpJ5z1rxzxIPDRt5fzzIbiRKib1lCH3aBbE9F72JvSZEEWxohm4Pd6-h4mPtKTw2Bz6bPjkk66k9N0WMkZFqe09_w"
    }
  ]
}
2020-07-15 13:51:29 SUCCESS
CheckForKeyIdInClientJWKs
All keys contain kids
2020-07-15 13:51:29 SUCCESS
CheckDistinctKeyIdValueInClientJWKs
Distinct 'kid' value in all keys of client_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2020-07-15 13:51:29 SUCCESS
FAPICheckKeyAlgInClientJWKs
Found a key with alg PS256 or ES256
2020-07-15 13:51:29 SUCCESS
FAPIEnsureMinimumClientKeyLength
Validated minimum key lengths for client_jwks
client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "alg": "PS256",
      "kid": "Vkh-Ct02Zjn_tq7tRLCY-yXBFJs",
      "n": "ypGvsPLXBWFKso71qpEGiP67A8wrHqulH3xbB1yo0FBdP0KfFIUTj4kiANEntXo00J88WjwPKLQ6GwhmsxCaVBSTMfV1ZTRMX-wGbYVPFMbW5As6sbGWGQpQ0jslPgPew0TJRuzYA8rFK3njkHH4B-E4QYnShDyXCuwH0Ifi7KsFA4imykpPcBKUalORRFmB60DWHbmEMf5ooJdqh4mtibg4YcS3QSzoItJVzU2yzVsyQqvlbrIK9-bjepFnNOpJ5z1rxzxIPDRt5fzzIbiRKib1lCH3aBbE9F72JvSZEEWxohm4Pd6-h4mPtKTw2Bz6bPjkk66k9N0WMkZFqe09_w",
      "e": "AQAB",
      "d": "XjrC9ZchOtl1O_aQhNWNqrCEIlIZRN0npKveVGBgDvczSTgedBcrcDukW6jvxdWhN-K62mbRzmd4GBciXu28PJyNlFHQWFGprX1HyC6ZCNsuH0qx9PLdFazcx87Hlj-Kol8fGiUWnzz11zGOECVT8aZs2t_X07ezs1r0j6aGgvx-MKTii4ZvezF01ivGhdWeC2luP53FHGNtwb-52HpAChQ0Jlj2AsQFJgh_1EErh9fZMojh03Z0PiizRlj_N4oMg0SULCA2OrnPoJO7d49BSeLqOg6GQCfCcB_rer-gWtNyd9qunALksLU9VQID1ezPJmPPMmroCJ1HBTLe79UfkQ",
      "p": "-st95wdpFTIiqnCyeLgrmzlzB6SPZ01FJFJLPWW5AGte3oZ32RjKMzTScjQpZ6gffrPfrEHpwyQaAUe7O943-LVlB-elpVc8K1fGCF0zSCO9OoXqxtY-0mQFMAYeBLLzi4iY9MI-_5gzTziLvSMpMJ4fVVvaK82NttBoQRPv2Ss",
      "q": "zsX2zcxPZD-TPbueVfOu5sUWqhIUQcozVCZqLMLKX7nunpNTe1uCEB-26u5drrZLF-KvossRrOirB8r5_u3jPUg03alwfighicLnj-6ARfnD1S4Eq0PqoonhusCyWCbxELE_0KTgLklSrJ-BxluVNXwg321afYYwQVl8199unH0",
      "dp": "OUCVGFWPvp_4W_JoO7jHc6MUyGzfs9Rm8Vi8BmMfbaIVQTVvTKclGbV4SUvxG9G8ht8nM5rEc6DdMueeLZeYLXWzf695GBqnCLn74lLsbw6Bl0eVBhlItBzTNlhfJ_F2OadQS6fAW_bx16bv95h8QbYHLyRN1OwS6uX-tsSHX4s",
      "dq": "rWO77h8hhAL7yYyG3bSWOdWTh9HZQsH4ANyltBsz8MnNmxQXsR2vFy5BCQgRbuxWVBU3CuAWVlRU9xfyQx_gqgberfHj7yZf2VGjNELfNc6XtS_9olA1dU8CBsSHyPv-seywgpl_k9DQjwjCnj82A7-vISxl8VSRKnuMAMnPy1E",
      "qi": "C7qyQO3RFiic8eADHunBZHHRiqcH4FWAmBFzBg_87PZIS66Jfyj6hktK9lQUlXNpBMO4zAq-2nm2ihKBUYeMiOeOKq9mqLAAUCJgmrrsgl0aa26-jFFf81JQZpYWXqpLoV5oHxkbz2DzA2EtLHcVL998ICK6q_1d4Tbr_YLaVfM"
    }
  ]
}
2020-07-15 13:51:29 SUCCESS
ValidateMTLSCertificatesAsX509
Mutual TLS authentication cert validated as X.509
2020-07-15 13:51:29 SUCCESS
GetResourceEndpointConfiguration
Found a resource endpoint object
resourceUrl
https://api.ob.business.hsbc.co.uk/obie/open-banking/v3.1/aisp/
institution_id
00158000016i44JAAQ
2020-07-15 13:51:29 SUCCESS
SetProtectedResourceUrlToAccountsEndpoint
Set protected resource URL
protected_resource_url
https://api.ob.business.hsbc.co.uk/obie/open-banking/v3.1/aisp/accounts
2020-07-15 13:51:29 SUCCESS
ExtractTLSTestValuesFromResourceConfiguration
Extracted TLS information from resource endpoint
resource_endpoint
{
  "testHost": "api.ob.business.hsbc.co.uk",
  "testPort": 443
}
2020-07-15 13:51:29 SUCCESS
ExtractTLSTestValuesFromOBResourceConfiguration
Extracted TLS information from resource endpoint
accounts_resource_endpoint
{
  "testHost": "api.ob.business.hsbc.co.uk",
  "testPort": 443
}
accounts_request_endpoint
{
  "testHost": "api.ob.business.hsbc.co.uk",
  "testPort": 443
}
2020-07-15 13:51:29
fapi-rw-id2-attempt-reuse-authorisation-code-after-one-second
Setup Done
Use client_credentials grant to obtain OpenBanking UK intent_id
2020-07-15 13:51:29 SUCCESS
CreateTokenEndpointRequestForClientCredentialsGrant
grant_type
client_credentials
scope
openid accounts
2020-07-15 13:51:29 SUCCESS
SetAccountScopeOnTokenEndpointRequest
Set scope parameter to accounts for OB testing
grant_type
client_credentials
scope
accounts
2020-07-15 13:51:29 SUCCESS
AddClientIdToTokenEndpointRequest
grant_type
client_credentials
scope
accounts
client_id
a7c8a199-a747-484f-aab3-fc383e7e0c10
2020-07-15 13:51:29
CallTokenEndpoint
HTTP request
request_uri
https://api.ob.business.hsbc.co.uk/obie/open-banking/v1.1/oauth2/token
request_method
POST
request_headers
{
  "accept": "application/json;charset\u003dUTF-8",
  "accept-charset": "utf-8",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "91"
}
request_body
grant_type=client_credentials&scope=accounts&client_id=a7c8a199-a747-484f-aab3-fc383e7e0c10
request_mutual_tls
{
  "cert": "MIIGMzCCBRugAwIBAgIEWf+FWzANBgkqhkiG9w0BAQsFADBEMQswCQYDVQQGEwJHQjEUMBIGA1UEChMLT3BlbkJhbmtpbmcxHzAdBgNVBAMTFk9wZW5CYW5raW5nIElzc3VpbmcgQ0EwHhcNMTkxMTA2MDgzMTEwWhcNMjExMTA2MDkwMTEwWjBgMQswCQYDVQQGEwJHQjEZMBcGA1UEChMQSFNCQyBVSyBCYW5rIFBsYzEZMBcGA1UEYRMQUFNER0ItRkNBLTc2NTExMjEbMBkGA1UEAxMSMDAxNTgwMDAwMTZpNDRKQUFRMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw+YPyQLOEqt6LGPPDOLN7HuZg0HpDgxbtBkh3Wz7piWw7tBkcF7tXd+UwNMpkeWi9cK+IcRKswQojH7CI58byl3er2F0XzRhvYFQXgX157M+uEnvTNpFXMz7uofuXVnZn4QAtr4R4VZEFSWcdLypwspzhND+cQbIbVEXYy1wtCi8rJB1QUFq/H3LGzlyh4ftMhqWg7gK1SMNmRir2g96dpJ4qXeBh6UBfOHLLcnikKhzug0doBUkWyUH+uoWxgIbYy+yIk+1kR5W3US+FN/Vi10echoW9gRPKi4EgNkinmB6Xsxtm6lH8e1u1vQdFUUEjGPlsa59zal/kaWZDRobsQIDAQABo4IDDzCCAwswDgYDVR0PAQH/BAQDAgeAMIGLBggrBgEFBQcBAwR/MH0wEwYGBACORgEGMAkGBwQAjkYBBgMwZgYGBACBmCcCMFwwNTAzBgcEAIGYJwECDAZQU1BfUEkGBwQAgZgnAQMMBlBTUF9BSQYHBACBmCcBBAwGUFNQX0lDDBtGaW5hbmNpYWwgQ29uZHVjdCBBdXRob3JpdHkMBkdCLUZDQTAgBgNVHSUBAf8EFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwggFSBgNVHSAEggFJMIIBRTCCAUEGCysGAQQBqHWBBgEBMIIBMDA1BggrBgEFBQcCARYpaHR0cDovL29iLnRydXN0aXMuY29tL3Byb2R1Y3Rpb24vcG9saWNpZXMwgfYGCCsGAQUFBwICMIHpDIHmVGhpcyBDZXJ0aWZpY2F0ZSBpcyBzb2xlbHkgZm9yIHVzZSB3aXRoIE9wZW4gQmFua2luZyBMaW1pdGVkIGFuZCBhc3NvY2lhdGVkIE9wZW4gQmFua2luZyBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNlIGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIE9wZW4gQmFua2luZyBMaW1pdGVkIENlcnRpZmljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhlcmVpbi4wcgYIKwYBBQUHAQEEZjBkMCYGCCsGAQUFBzABhhpodHRwOi8vb2IudHJ1c3Rpcy5jb20vb2NzcDA6BggrBgEFBQcwAoYuaHR0cDovL29iLnRydXN0aXMuY29tL3Byb2R1Y3Rpb24vaXNzdWluZ2NhLmNydDA/BgNVHR8EODA2MDSgMqAwhi5odHRwOi8vb2IudHJ1c3Rpcy5jb20vcHJvZHVjdGlvbi9pc3N1aW5nY2EuY3JsMB8GA1UdIwQYMBaAFJ9Jv042p6zDDyvIR/QfKRvAeQsFMB0GA1UdDgQWBBSVMH4pucCvv1fh9uCqjd8NifLutjANBgkqhkiG9w0BAQsFAAOCAQEAWsgAUN4+7KbGzA4qGWdcJmuzEKKivazwUETyW85+WxJUFw0AMbBTqvwH9MPjU9hbkM7JnMDhwz4bcGpIJJyKRo8oJx9sAa6jaEMFPfHiyhiZNhBRAekblmHcyQ1FxGj3x1kYl8aU7a8W5U7s78ie3dgm6CMtzNkzO2PKO0akngRu/2Qgtc6gyxuBLvJhUblbXYHfw5zcEMTvqtLyv62vJN24FaR33nOmagtkUinK6K6fsHuep0se/5OYVImbmbX8/29K2XOP69JQgsCxED30orTNDiRdS8nJYpNG7pyBKFnn4mG46UNH2AB7nBlWdqhnTtvuWWUpUtnE2KYV75CW3A\u003d\u003d",
  "key": "MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDD5g/JAs4Sq3osY88M4s3se5mDQekODFu0GSHdbPumJbDu0GRwXu1d35TA0ymR5aL1wr4hxEqzBCiMfsIjnxvKXd6vYXRfNGG9gVBeBfXnsz64Se9M2kVczPu6h+5dWdmfhAC2vhHhVkQVJZx0vKnCynOE0P5xBshtURdjLXC0KLyskHVBQWr8fcsbOXKHh+0yGpaDuArVIw2ZGKvaD3p2knipd4GHpQF84cstyeKQqHO6DR2gFSRbJQf66hbGAhtjL7IiT7WRHlbdRL4U39WLXR5yGhb2BE8qLgSA2SKeYHpezG2bqUfx7W7W9B0VRQSMY+Wxrn3NqX+RpZkNGhuxAgMBAAECggEAcy+oYnJCx1mKqeU6DoKhwIZgmnw70+XSWhBZCECXq3cIFTP1itlWStc3OTYwgDf9XPJYJ7Sqk55DVXEHKDja91/Am3D7IyvCuNH7dn2cvNN5cpUOnyrMlCd3cJOSxdMaEiBk5w7VpqC5wZFu8HkqfH3b9OGKat0pJpYC4W8LkPJHMW1C6AYEDRJa4bQj6NuHn4TsTKazZWsA+VkaAPIu6fJd8z9GVGwmmLQGt+K+hI8V6gsAu6LG2/C7zGcj6SCLcx9DsRXWSO8K9znd4POla+dTIKVEtjTI3Jg5NvqMZc98DYutBoYGVWM6OEAd2jXPn65UTjVO4zFPKxl1QOeSAQKBgQDuvbPrtZUAlQts7lUdVGc/mv54pNuA3hwwPiM8k/Ts8qMRAlSb93vVz58xXu/ALUpWDNwSkKd5WYdsxH3qxpkrLG4bwYVV9KV08GVQmQ6H8PAC6w9gbg9UgxT8xsnVZJIaKA0ndrBZTmYBLXsBDu1GeiyD4gO1GnlV2at47IHDUQKBgQDSD32K2IYaaVFFbbsB4Rs9nDweZD0+y4su/Gkec3TUZg076nb74vyHBfbTDCB9r2cpNV3hYe2kNksNNf27O3t7jYvbiFrFIRINJspO0cCBoUbyuXf1u34R7amXA9k+Fwd521msjm9Dh+pqk4qRQdKSXkGIfCgYm+ieZikXY5L6YQKBgGAo/rg5CkwSvGhi0tuebHvdFRRI6rTMQbRYwt6ahbOOw4mNU8ECfNmQ6AD9yTmxxFhGk7nSk/I30mlH96PB3F3cZnk9iFQn1yDz1wsQqx6sODAkt6vSiNA0gBaUhyUxffuVGD9F+h/uiP1+cSXq+j1B5n40YePnRuoCY6OwN1ARAoGADLIk+1RU3pnI8LJOIDHzzIh51bhnPzlcIy3cSJvfzsqQODPWlyjD7IE+xsiv2gjU6lewYePiUg95/8VonX1d3DzU3CLkoY97INJcXeEtimgt+pOdHXwEhZ7gpiD0a11G9WV9iQFe1i0LzP8328mnqXMK8O3YGoypxZEVILXC92ECgYBi9WbaNoElxoXdrie8wPPFZRp6xs2gZGj4Px/HjuT9hY2nKl9NIcqogAyVuVmAp82N4YBwzW0bZ+KSn1aVnPLgfXEy3f3OglfiI4I7/cBA9xwC6fLO1uQ1aD3bQTSiukqGAQhS3mTGInr5WpPeGsWNHozKBohROHw/n1Ugz8ejLQ\u003d\u003d"
}
2020-07-15 13:51:30 RESPONSE
CallTokenEndpoint
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "server": "nginx",
  "date": "Wed, 15 Jul 2020 13:51:30 GMT",
  "content-type": "application/json;charset\u003dUTF-8",
  "content-length": "104",
  "connection": "keep-alive",
  "x-amzn-requestid": "cbb04c74-bd5b-417a-b589-8d10625d1835",
  "x-amz-apigw-id": "Pt57ZEEEDoEFdmQ\u003d",
  "x-amzn-trace-id": "Root\u003d1-5f0f09e2-4c87ce22b2ed6f7893cc291b;Sampled\u003d1",
  "x-xss-protection": "1; mode\u003dblock",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "strict-transport-security": "max-age\u003d31536000; includeSubDomains"
}
response_body
{"access_token":"JTkPLHCfIhjkUTmgyU43JMMQJwg","token_type":"Bearer","expires_in":299,"scope":"accounts"}
2020-07-15 13:51:30
CallTokenEndpoint
Token endpoint response
token_endpoint_response
{"access_token":"JTkPLHCfIhjkUTmgyU43JMMQJwg","token_type":"Bearer","expires_in":299,"scope":"accounts"}
2020-07-15 13:51:30 SUCCESS
CallTokenEndpoint
Parsed token endpoint response
access_token
JTkPLHCfIhjkUTmgyU43JMMQJwg
token_type
Bearer
expires_in
299
scope
accounts
2020-07-15 13:51:30 SUCCESS
CheckIfTokenEndpointResponseError
No error from token endpoint
2020-07-15 13:51:30 SUCCESS
CheckForAccessTokenValue
Found an access token
access_token
JTkPLHCfIhjkUTmgyU43JMMQJwg
2020-07-15 13:51:30 SUCCESS
ExtractAccessTokenFromTokenResponse
Extracted the access token
value
JTkPLHCfIhjkUTmgyU43JMMQJwg
type
Bearer
2020-07-15 13:51:30 SUCCESS
ExtractExpiresInFromTokenEndpointResponse
Extracted 'expires_in'
expires_in
299
2020-07-15 13:51:30 SUCCESS
ValidateExpiresIn
expires_in passed all validation checks
expires_in
299
2020-07-15 13:51:30
CreateEmptyResourceEndpointRequestHeaders
Created empty headers
resource_endpoint_request_headers
{}
2020-07-15 13:51:30 SUCCESS
AddFAPIAuthDateToResourceEndpointRequest
Added x-fapi-auth-date to resource endpoint request headers
resource_endpoint_request_headers
{
  "x-fapi-auth-date": "Wed, 15 Jul 2020 13:51:30 GMT"
}
2020-07-15 13:51:30
AddFAPIFinancialIdToResourceEndpointRequest
Added x-fapi-financial-id to resource_endpoint_request_headers
2020-07-15 13:51:30 SUCCESS
CreateCreateAccountRequestRequest
account_requests_endpoint_request
{
  "Data": {
    "Permissions": [
      "ReadAccountsBasic"
    ]
  },
  "Risk": {}
}
2020-07-15 13:51:30
CallAccountRequestsEndpointWithBearerToken
Found '/v3.' in the resource url, using OB V3 API 'account-access-consents'
resource_endpoint
https://api.ob.business.hsbc.co.uk/obie/open-banking/v3.1/aisp/
2020-07-15 13:51:30
CallAccountRequestsEndpointWithBearerToken
HTTP request
request_uri
https://api.ob.business.hsbc.co.uk/obie/open-banking/v3.1/aisp/account-access-consents
request_method
POST
request_headers
{
  "accept": "application/json;charset\u003dUTF-8",
  "x-fapi-auth-date": "Wed, 15 Jul 2020 13:51:30 GMT",
  "x-fapi-financial-id": "00158000016i44JAAQ",
  "accept-charset": "utf-8",
  "content-type": "application/json;charset\u003dUTF-8",
  "authorization": "Bearer JTkPLHCfIhjkUTmgyU43JMMQJwg",
  "content-length": "56"
}
request_body
{"Data":{"Permissions":["ReadAccountsBasic"]},"Risk":{}}
request_mutual_tls
{
  "cert": "MIIGMzCCBRugAwIBAgIEWf+FWzANBgkqhkiG9w0BAQsFADBEMQswCQYDVQQGEwJHQjEUMBIGA1UEChMLT3BlbkJhbmtpbmcxHzAdBgNVBAMTFk9wZW5CYW5raW5nIElzc3VpbmcgQ0EwHhcNMTkxMTA2MDgzMTEwWhcNMjExMTA2MDkwMTEwWjBgMQswCQYDVQQGEwJHQjEZMBcGA1UEChMQSFNCQyBVSyBCYW5rIFBsYzEZMBcGA1UEYRMQUFNER0ItRkNBLTc2NTExMjEbMBkGA1UEAxMSMDAxNTgwMDAwMTZpNDRKQUFRMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw+YPyQLOEqt6LGPPDOLN7HuZg0HpDgxbtBkh3Wz7piWw7tBkcF7tXd+UwNMpkeWi9cK+IcRKswQojH7CI58byl3er2F0XzRhvYFQXgX157M+uEnvTNpFXMz7uofuXVnZn4QAtr4R4VZEFSWcdLypwspzhND+cQbIbVEXYy1wtCi8rJB1QUFq/H3LGzlyh4ftMhqWg7gK1SMNmRir2g96dpJ4qXeBh6UBfOHLLcnikKhzug0doBUkWyUH+uoWxgIbYy+yIk+1kR5W3US+FN/Vi10echoW9gRPKi4EgNkinmB6Xsxtm6lH8e1u1vQdFUUEjGPlsa59zal/kaWZDRobsQIDAQABo4IDDzCCAwswDgYDVR0PAQH/BAQDAgeAMIGLBggrBgEFBQcBAwR/MH0wEwYGBACORgEGMAkGBwQAjkYBBgMwZgYGBACBmCcCMFwwNTAzBgcEAIGYJwECDAZQU1BfUEkGBwQAgZgnAQMMBlBTUF9BSQYHBACBmCcBBAwGUFNQX0lDDBtGaW5hbmNpYWwgQ29uZHVjdCBBdXRob3JpdHkMBkdCLUZDQTAgBgNVHSUBAf8EFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwggFSBgNVHSAEggFJMIIBRTCCAUEGCysGAQQBqHWBBgEBMIIBMDA1BggrBgEFBQcCARYpaHR0cDovL29iLnRydXN0aXMuY29tL3Byb2R1Y3Rpb24vcG9saWNpZXMwgfYGCCsGAQUFBwICMIHpDIHmVGhpcyBDZXJ0aWZpY2F0ZSBpcyBzb2xlbHkgZm9yIHVzZSB3aXRoIE9wZW4gQmFua2luZyBMaW1pdGVkIGFuZCBhc3NvY2lhdGVkIE9wZW4gQmFua2luZyBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNlIGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIE9wZW4gQmFua2luZyBMaW1pdGVkIENlcnRpZmljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhlcmVpbi4wcgYIKwYBBQUHAQEEZjBkMCYGCCsGAQUFBzABhhpodHRwOi8vb2IudHJ1c3Rpcy5jb20vb2NzcDA6BggrBgEFBQcwAoYuaHR0cDovL29iLnRydXN0aXMuY29tL3Byb2R1Y3Rpb24vaXNzdWluZ2NhLmNydDA/BgNVHR8EODA2MDSgMqAwhi5odHRwOi8vb2IudHJ1c3Rpcy5jb20vcHJvZHVjdGlvbi9pc3N1aW5nY2EuY3JsMB8GA1UdIwQYMBaAFJ9Jv042p6zDDyvIR/QfKRvAeQsFMB0GA1UdDgQWBBSVMH4pucCvv1fh9uCqjd8NifLutjANBgkqhkiG9w0BAQsFAAOCAQEAWsgAUN4+7KbGzA4qGWdcJmuzEKKivazwUETyW85+WxJUFw0AMbBTqvwH9MPjU9hbkM7JnMDhwz4bcGpIJJyKRo8oJx9sAa6jaEMFPfHiyhiZNhBRAekblmHcyQ1FxGj3x1kYl8aU7a8W5U7s78ie3dgm6CMtzNkzO2PKO0akngRu/2Qgtc6gyxuBLvJhUblbXYHfw5zcEMTvqtLyv62vJN24FaR33nOmagtkUinK6K6fsHuep0se/5OYVImbmbX8/29K2XOP69JQgsCxED30orTNDiRdS8nJYpNG7pyBKFnn4mG46UNH2AB7nBlWdqhnTtvuWWUpUtnE2KYV75CW3A\u003d\u003d",
  "key": "MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDD5g/JAs4Sq3osY88M4s3se5mDQekODFu0GSHdbPumJbDu0GRwXu1d35TA0ymR5aL1wr4hxEqzBCiMfsIjnxvKXd6vYXRfNGG9gVBeBfXnsz64Se9M2kVczPu6h+5dWdmfhAC2vhHhVkQVJZx0vKnCynOE0P5xBshtURdjLXC0KLyskHVBQWr8fcsbOXKHh+0yGpaDuArVIw2ZGKvaD3p2knipd4GHpQF84cstyeKQqHO6DR2gFSRbJQf66hbGAhtjL7IiT7WRHlbdRL4U39WLXR5yGhb2BE8qLgSA2SKeYHpezG2bqUfx7W7W9B0VRQSMY+Wxrn3NqX+RpZkNGhuxAgMBAAECggEAcy+oYnJCx1mKqeU6DoKhwIZgmnw70+XSWhBZCECXq3cIFTP1itlWStc3OTYwgDf9XPJYJ7Sqk55DVXEHKDja91/Am3D7IyvCuNH7dn2cvNN5cpUOnyrMlCd3cJOSxdMaEiBk5w7VpqC5wZFu8HkqfH3b9OGKat0pJpYC4W8LkPJHMW1C6AYEDRJa4bQj6NuHn4TsTKazZWsA+VkaAPIu6fJd8z9GVGwmmLQGt+K+hI8V6gsAu6LG2/C7zGcj6SCLcx9DsRXWSO8K9znd4POla+dTIKVEtjTI3Jg5NvqMZc98DYutBoYGVWM6OEAd2jXPn65UTjVO4zFPKxl1QOeSAQKBgQDuvbPrtZUAlQts7lUdVGc/mv54pNuA3hwwPiM8k/Ts8qMRAlSb93vVz58xXu/ALUpWDNwSkKd5WYdsxH3qxpkrLG4bwYVV9KV08GVQmQ6H8PAC6w9gbg9UgxT8xsnVZJIaKA0ndrBZTmYBLXsBDu1GeiyD4gO1GnlV2at47IHDUQKBgQDSD32K2IYaaVFFbbsB4Rs9nDweZD0+y4su/Gkec3TUZg076nb74vyHBfbTDCB9r2cpNV3hYe2kNksNNf27O3t7jYvbiFrFIRINJspO0cCBoUbyuXf1u34R7amXA9k+Fwd521msjm9Dh+pqk4qRQdKSXkGIfCgYm+ieZikXY5L6YQKBgGAo/rg5CkwSvGhi0tuebHvdFRRI6rTMQbRYwt6ahbOOw4mNU8ECfNmQ6AD9yTmxxFhGk7nSk/I30mlH96PB3F3cZnk9iFQn1yDz1wsQqx6sODAkt6vSiNA0gBaUhyUxffuVGD9F+h/uiP1+cSXq+j1B5n40YePnRuoCY6OwN1ARAoGADLIk+1RU3pnI8LJOIDHzzIh51bhnPzlcIy3cSJvfzsqQODPWlyjD7IE+xsiv2gjU6lewYePiUg95/8VonX1d3DzU3CLkoY97INJcXeEtimgt+pOdHXwEhZ7gpiD0a11G9WV9iQFe1i0LzP8328mnqXMK8O3YGoypxZEVILXC92ECgYBi9WbaNoElxoXdrie8wPPFZRp6xs2gZGj4Px/HjuT9hY2nKl9NIcqogAyVuVmAp82N4YBwzW0bZ+KSn1aVnPLgfXEy3f3OglfiI4I7/cBA9xwC6fLO1uQ1aD3bQTSiukqGAQhS3mTGInr5WpPeGsWNHozKBohROHw/n1Ugz8ejLQ\u003d\u003d"
}
2020-07-15 13:51:31 RESPONSE
CallAccountRequestsEndpointWithBearerToken
HTTP response
response_status_code
201 CREATED
response_status_text
Created
response_headers
{
  "server": "nginx",
  "date": "Wed, 15 Jul 2020 13:51:31 GMT",
  "content-type": "application/json;charset\u003dutf-8",
  "content-length": "405",
  "connection": "keep-alive",
  "x-amzn-requestid": "ecf5bb19-e25b-4f44-b2cd-7342102a5ba8",
  "x-amz-apigw-id": "Pt57gGC5DoEFpow\u003d",
  "x-fapi-interaction-id": "6b60bcd8-77ea-48cf-acf7-7ce3ebc40ac0",
  "x-amzn-trace-id": "Root\u003d1-5f0f09e3-c8ece3e28de1a5c494354706;Sampled\u003d1",
  "x-xss-protection": "1; mode\u003dblock",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "strict-transport-security": "max-age\u003d31536000; includeSubDomains"
}
response_body
{"Data":{"ConsentId":"2273b43d-47c3-4ef1-9164-3c0a2c4881cd","Status":"AwaitingAuthorisation","StatusUpdateDateTime":"2020-07-15T13:51:31+00:00","CreationDateTime":"2020-07-15T13:51:31+00:00","Permissions":["ReadAccountsBasic"]},"Links":{"Self":"https://api.ob.business.hsbc.co.uk/obie/open-banking/v3.1/aisp/account-access-consents/2273b43d-47c3-4ef1-9164-3c0a2c4881cd"},"Meta":{"TotalPages":1},"Risk":{}}
2020-07-15 13:51:31
CallAccountRequestsEndpointWithBearerToken
Account requests endpoint response
account_requests_endpoint_response
{"Data":{"ConsentId":"2273b43d-47c3-4ef1-9164-3c0a2c4881cd","Status":"AwaitingAuthorisation","StatusUpdateDateTime":"2020-07-15T13:51:31+00:00","CreationDateTime":"2020-07-15T13:51:31+00:00","Permissions":["ReadAccountsBasic"]},"Links":{"Self":"https://api.ob.business.hsbc.co.uk/obie/open-banking/v3.1/aisp/account-access-consents/2273b43d-47c3-4ef1-9164-3c0a2c4881cd"},"Meta":{"TotalPages":1},"Risk":{}}
2020-07-15 13:51:31 SUCCESS
CallAccountRequestsEndpointWithBearerToken
Parsed account requests endpoint response
headers
{
  "server": "nginx",
  "date": "Wed, 15 Jul 2020 13:51:31 GMT",
  "content-type": "application/json;charset\u003dutf-8",
  "content-length": "405",
  "connection": "keep-alive",
  "x-amzn-requestid": "ecf5bb19-e25b-4f44-b2cd-7342102a5ba8",
  "x-amz-apigw-id": "Pt57gGC5DoEFpow\u003d",
  "x-fapi-interaction-id": "6b60bcd8-77ea-48cf-acf7-7ce3ebc40ac0",
  "x-amzn-trace-id": "Root\u003d1-5f0f09e3-c8ece3e28de1a5c494354706;Sampled\u003d1",
  "x-xss-protection": "1; mode\u003dblock",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "strict-transport-security": "max-age\u003d31536000; includeSubDomains"
}
body
{"Data":{"ConsentId":"2273b43d-47c3-4ef1-9164-3c0a2c4881cd","Status":"AwaitingAuthorisation","StatusUpdateDateTime":"2020-07-15T13:51:31+00:00","CreationDateTime":"2020-07-15T13:51:31+00:00","Permissions":["ReadAccountsBasic"]},"Links":{"Self":"https://api.ob.business.hsbc.co.uk/obie/open-banking/v3.1/aisp/account-access-consents/2273b43d-47c3-4ef1-9164-3c0a2c4881cd"},"Meta":{"TotalPages":1},"Risk":{}}
2020-07-15 13:51:31 SUCCESS
CheckIfAccountRequestsEndpointResponseError
No error from account requests endpoint
2020-07-15 13:51:31 SUCCESS
CheckForFAPIInteractionIdInResourceResponse
Found x-fapi-interaction-id
interaction_id
6b60bcd8-77ea-48cf-acf7-7ce3ebc40ac0
2020-07-15 13:51:31 SUCCESS
ExtractAccountRequestIdFromAccountRequestsEndpointResponse
Extracted the account request ID
account_request_id
2273b43d-47c3-4ef1-9164-3c0a2c4881cd
Make request to authorization endpoint
2020-07-15 13:51:31 SUCCESS
CreateAuthorizationEndpointRequestFromClientInformation
Created authorization endpoint request
client_id
a7c8a199-a747-484f-aab3-fc383e7e0c10
redirect_uri
https://www.certification.openid.net/test/a/0015800000jeox1AAA/callback
scope
openid accounts
2020-07-15 13:51:31 SUCCESS
AddAccountRequestIdToAuthorizationEndpointRequest
Added openbanking_intent_id claim to authorization_endpoint_request
authorization_endpoint_request
{
  "client_id": "a7c8a199-a747-484f-aab3-fc383e7e0c10",
  "redirect_uri": "https://www.certification.openid.net/test/a/0015800000jeox1AAA/callback",
  "scope": "openid accounts",
  "claims": {
    "id_token": {
      "openbanking_intent_id": {
        "value": "2273b43d-47c3-4ef1-9164-3c0a2c4881cd",
        "essential": true
      }
    }
  }
}
2020-07-15 13:51:31 SUCCESS
OpenBankingUkAddMultipleAcrClaimsToAuthorizationEndpointRequest
Added acr to request as an essential id_token claim
authorization_endpoint_request
{
  "client_id": "a7c8a199-a747-484f-aab3-fc383e7e0c10",
  "redirect_uri": "https://www.certification.openid.net/test/a/0015800000jeox1AAA/callback",
  "scope": "openid accounts",
  "claims": {
    "id_token": {
      "openbanking_intent_id": {
        "value": "2273b43d-47c3-4ef1-9164-3c0a2c4881cd",
        "essential": true
      },
      "acr": {
        "values": [
          "urn:openbanking:psd2:sca",
          "urn:openbanking:psd2:ca"
        ],
        "essential": true
      }
    }
  }
}
2020-07-15 13:51:31
CreateRandomStateValue
Created state value
requested_state_length
10
state
MPcwI8rlmX
2020-07-15 13:51:31 SUCCESS
AddStateToAuthorizationEndpointRequest
Added state parameter to request
client_id
a7c8a199-a747-484f-aab3-fc383e7e0c10
redirect_uri
https://www.certification.openid.net/test/a/0015800000jeox1AAA/callback
scope
openid accounts
claims
{
  "id_token": {
    "openbanking_intent_id": {
      "value": "2273b43d-47c3-4ef1-9164-3c0a2c4881cd",
      "essential": true
    },
    "acr": {
      "values": [
        "urn:openbanking:psd2:sca",
        "urn:openbanking:psd2:ca"
      ],
      "essential": true
    }
  }
}
state
MPcwI8rlmX
2020-07-15 13:51:31
CreateRandomNonceValue
Created nonce value
requested_nonce_length
10
nonce
Uba4kkyQUw
2020-07-15 13:51:31 SUCCESS
AddNonceToAuthorizationEndpointRequest
Added nonce parameter to request
client_id
a7c8a199-a747-484f-aab3-fc383e7e0c10
redirect_uri
https://www.certification.openid.net/test/a/0015800000jeox1AAA/callback
scope
openid accounts
claims
{
  "id_token": {
    "openbanking_intent_id": {
      "value": "2273b43d-47c3-4ef1-9164-3c0a2c4881cd",
      "essential": true
    },
    "acr": {
      "values": [
        "urn:openbanking:psd2:sca",
        "urn:openbanking:psd2:ca"
      ],
      "essential": true
    }
  }
}
state
MPcwI8rlmX
nonce
Uba4kkyQUw
2020-07-15 13:51:31 SUCCESS
SetAuthorizationEndpointRequestResponseTypeToCodeIdtoken
Added response_type parameter to request
client_id
a7c8a199-a747-484f-aab3-fc383e7e0c10
redirect_uri
https://www.certification.openid.net/test/a/0015800000jeox1AAA/callback
scope
openid accounts
claims
{
  "id_token": {
    "openbanking_intent_id": {
      "value": "2273b43d-47c3-4ef1-9164-3c0a2c4881cd",
      "essential": true
    },
    "acr": {
      "values": [
        "urn:openbanking:psd2:sca",
        "urn:openbanking:psd2:ca"
      ],
      "essential": true
    }
  }
}
state
MPcwI8rlmX
nonce
Uba4kkyQUw
response_type
code id_token
2020-07-15 13:51:31 SUCCESS
ConvertAuthorizationEndpointRequestToRequestObject
Created request object claims
request_object_claims
{
  "client_id": "a7c8a199-a747-484f-aab3-fc383e7e0c10",
  "redirect_uri": "https://www.certification.openid.net/test/a/0015800000jeox1AAA/callback",
  "scope": "openid accounts",
  "claims": {
    "id_token": {
      "openbanking_intent_id": {
        "value": "2273b43d-47c3-4ef1-9164-3c0a2c4881cd",
        "essential": true
      },
      "acr": {
        "values": [
          "urn:openbanking:psd2:sca",
          "urn:openbanking:psd2:ca"
        ],
        "essential": true
      }
    }
  },
  "state": "MPcwI8rlmX",
  "nonce": "Uba4kkyQUw",
  "response_type": "code id_token"
}
2020-07-15 13:51:31 SUCCESS
AddExpToRequestObject
Added exp to request object claims
exp
1.594821391E9
2020-07-15 13:51:31 SUCCESS
AddAudToRequestObject
Added aud to request object claims
aud
https://api.ob.business.hsbc.co.uk
2020-07-15 13:51:31 SUCCESS
AddIssToRequestObject
Added iss to request object claims
iss
a7c8a199-a747-484f-aab3-fc383e7e0c10
2020-07-15 13:51:31 SUCCESS
SignRequestObject
Signed the request object
claims
{"aud":"https:\/\/api.ob.business.hsbc.co.uk","scope":"openid accounts","claims":{"id_token":{"acr":{"values":["urn:openbanking:psd2:sca","urn:openbanking:psd2:ca"],"essential":true},"openbanking_intent_id":{"value":"2273b43d-47c3-4ef1-9164-3c0a2c4881cd","essential":true}}},"iss":"a7c8a199-a747-484f-aab3-fc383e7e0c10","response_type":"code id_token","redirect_uri":"https:\/\/www.certification.openid.net\/test\/a\/0015800000jeox1AAA\/callback","state":"MPcwI8rlmX","exp":1594821391,"nonce":"Uba4kkyQUw","client_id":"a7c8a199-a747-484f-aab3-fc383e7e0c10"}
header
{"kid":"AJ5cA_0bYqlluK0ApjptWjUgkJs","alg":"PS256"}
request_object
eyJraWQiOiJBSjVjQV8wYllxbGx1SzBBcGpwdFdqVWdrSnMiLCJhbGciOiJQUzI1NiJ9.eyJhdWQiOiJodHRwczpcL1wvYXBpLm9iLmJ1c2luZXNzLmhzYmMuY28udWsiLCJzY29wZSI6Im9wZW5pZCBhY2NvdW50cyIsImNsYWltcyI6eyJpZF90b2tlbiI6eyJhY3IiOnsidmFsdWVzIjpbInVybjpvcGVuYmFua2luZzpwc2QyOnNjYSIsInVybjpvcGVuYmFua2luZzpwc2QyOmNhIl0sImVzc2VudGlhbCI6dHJ1ZX0sIm9wZW5iYW5raW5nX2ludGVudF9pZCI6eyJ2YWx1ZSI6IjIyNzNiNDNkLTQ3YzMtNGVmMS05MTY0LTNjMGEyYzQ4ODFjZCIsImVzc2VudGlhbCI6dHJ1ZX19fSwiaXNzIjoiYTdjOGExOTktYTc0Ny00ODRmLWFhYjMtZmMzODNlN2UwYzEwIiwicmVzcG9uc2VfdHlwZSI6ImNvZGUgaWRfdG9rZW4iLCJyZWRpcmVjdF91cmkiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvYVwvMDAxNTgwMDAwMGplb3gxQUFBXC9jYWxsYmFjayIsInN0YXRlIjoiTVBjd0k4cmxtWCIsImV4cCI6MTU5NDgyMTM5MSwibm9uY2UiOiJVYmE0a2t5UVV3IiwiY2xpZW50X2lkIjoiYTdjOGExOTktYTc0Ny00ODRmLWFhYjMtZmMzODNlN2UwYzEwIn0.bUQO6wB1MgyiMzpx0pqTELJE6HBQlwKYVmuptzhP5B27YDShfNxeHMYYKlMBpdyH9kV4mqaJwlFeXvZCdBN717Mj2xMe8cvZZXDPiwa1MkTxKlOWErk3pEcCDoBU040HTD2PMJhbAKBzNFGKl30ktlGGB0n16LfC85v71Q_bnL9zvGeQu06aAHNhmutJoKm_ZlxWNB-awNB_IFOMLUR1a-BN51AssjlABKp-wHMv2JKMitFY9JgaJKOOptj2nx7i1AxUTxaeURvAe4Z69-npZ57rMvvi0NRLadQleBagAJu4z7rf0fgmSDTVKNoHzpVoH4r7CGon5H3KUX6-Y4adHg
key
{"p":"6ZbDeMrzFFFAWEuROs1w61RpP_8Zd8r9IuFBM2LVAjWud_07d6tRPDAqEQnE-YYZEXq8VN9g5RCEB2aCs6CQxVB1iqo4Nspa_DgEtKmDRswfZ4qjQATeF3JzIZFXHR6ZQAzhzh1R65RlFh_IBmE2gFXV8efdqknoI8uEpyzJbYE","kty":"RSA","q":"xTxmXD_hcc0HJaK2rQi02m4_L4abGe24v12AEWdYZIkkNQEYxA2h1uaeEhpGBE8jI7X6mONAhW9sUJ_Dxmdlt68QgaJjrudSDlk1aOo25j6SqzPBCWebzWMaOobxx1tSnNCndfsnXUA29BsUDhA6EVrzN58Y2FvDd0KiKpbHNIs","d":"GqMLJUTmTmGFHOKAgfBuhKb-oQItFUvm8a4W9qGu7wR3Qmkml_niCUK9yltMmj2b8auJAYIeuhZYD7cpHV6xXSLsW02yehV1YiOHOW3WQBKkJRduCx0emDuP7zBoszO7xSS893kYfnvSMAfshfMjdPksd1ueJ4QCNiAPGwNk8gEplKtV28yFW_w10MKTqahBhmKPlgryEXo-iXWYmk_3j6Q3xrX0tcdUEh4JoU1fZTWq-31JAOsigVgZC3_k7dwHQJKGB4ik-eSzN_9lksJWO5jQPhbgwmFAHtsSC88E8poFR85Ialbu8FbTvL7mBb5tmaCIh1b6PlyS45IRIfQ8AQ","e":"AQAB","kid":"AJ5cA_0bYqlluK0ApjptWjUgkJs","qi":"J-cinRm-Eh_IddQhVeEAInmjqpFLPpJlAdAkrLdzktGq6l-TPeQh5G53VY-dl-hnfDfHWPoh7LLphEBFBSrVC9TGsFtpvycKCBdDcTQgGZLXwVid_WO_DdMwvEhCuoEDtyC_2BWkliF1OHTZUIxw2gNYjkzDegZTVH-AQLXKdeI","dp":"075m00ilsPU2btORgsxYX_rUrb6BR6YqcUPf5sTgcnBXB032ajRSH01J1MgWVlrIvp-TuRwEqaCfDlZOhKY4laSp6FkFPCWS9K-TFHHVHohKr4FtGstOx9JnqzYk0bC7GuSSjFTnvbV3LOcCW0YkMZGdrvuQZJ06YbhLN3_R2AE","alg":"PS256","dq":"dBSvPb3PBnYfrbPNBZupLSFTiLoVELaLU_1IgXWsXUclixiBJenMBTmncIoMCT82NC9HNLIS6DWCrxTIWT3DbM7YzSLwviCgd5djSsMF2o6bLa2A__L9jGy2JBoFtEn4HhjjZhmRul0vuo0xSXGda1d265Z0PeoL6WXLIXup9C8","n":"s_ghKALWz1Q6pzU-FcWHJ4Wg_WHPbN2XbMLkyGIc8aCFnkF6YcSDaIgoCfO6DLn2DsQAxDnbX6wGfnLg-jBQ9yPTnXRhv9BFB7r-wipt8haz4Q7BrVGl_K3EiGbRwFrCsE9xLGR_uZhZ1Wgai_kR2AG6IPBqfoa_xBkNRubEtVIdMNNVfpgrjh28IqcIW3n-TvVyLWmenKNN6mkRsWJXAW4OFjue8s0eh0Qr_bIfXafkJTb-moTKyh2W7owph55egU_1-S0Qug9af_upTJKdT4AHvFzd4leLhv0t07G9kJdM65CpWc10hBvHLwALsrEopyFDEjFaWxvbPmvF8OOpCw"}
2020-07-15 13:51:31 SUCCESS
BuildRequestObjectByValueRedirectToAuthorizationEndpoint
Sending to authorization endpoint
redirect_to_authorization_endpoint
https://ob.business.hsbc.co.uk/obie/open-banking/v1.1/oauth2/authorize?request=eyJraWQiOiJBSjVjQV8wYllxbGx1SzBBcGpwdFdqVWdrSnMiLCJhbGciOiJQUzI1NiJ9.eyJhdWQiOiJodHRwczpcL1wvYXBpLm9iLmJ1c2luZXNzLmhzYmMuY28udWsiLCJzY29wZSI6Im9wZW5pZCBhY2NvdW50cyIsImNsYWltcyI6eyJpZF90b2tlbiI6eyJhY3IiOnsidmFsdWVzIjpbInVybjpvcGVuYmFua2luZzpwc2QyOnNjYSIsInVybjpvcGVuYmFua2luZzpwc2QyOmNhIl0sImVzc2VudGlhbCI6dHJ1ZX0sIm9wZW5iYW5raW5nX2ludGVudF9pZCI6eyJ2YWx1ZSI6IjIyNzNiNDNkLTQ3YzMtNGVmMS05MTY0LTNjMGEyYzQ4ODFjZCIsImVzc2VudGlhbCI6dHJ1ZX19fSwiaXNzIjoiYTdjOGExOTktYTc0Ny00ODRmLWFhYjMtZmMzODNlN2UwYzEwIiwicmVzcG9uc2VfdHlwZSI6ImNvZGUgaWRfdG9rZW4iLCJyZWRpcmVjdF91cmkiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvYVwvMDAxNTgwMDAwMGplb3gxQUFBXC9jYWxsYmFjayIsInN0YXRlIjoiTVBjd0k4cmxtWCIsImV4cCI6MTU5NDgyMTM5MSwibm9uY2UiOiJVYmE0a2t5UVV3IiwiY2xpZW50X2lkIjoiYTdjOGExOTktYTc0Ny00ODRmLWFhYjMtZmMzODNlN2UwYzEwIn0.bUQO6wB1MgyiMzpx0pqTELJE6HBQlwKYVmuptzhP5B27YDShfNxeHMYYKlMBpdyH9kV4mqaJwlFeXvZCdBN717Mj2xMe8cvZZXDPiwa1MkTxKlOWErk3pEcCDoBU040HTD2PMJhbAKBzNFGKl30ktlGGB0n16LfC85v71Q_bnL9zvGeQu06aAHNhmutJoKm_ZlxWNB-awNB_IFOMLUR1a-BN51AssjlABKp-wHMv2JKMitFY9JgaJKOOptj2nx7i1AxUTxaeURvAe4Z69-npZ57rMvvi0NRLadQleBagAJu4z7rf0fgmSDTVKNoHzpVoH4r7CGon5H3KUX6-Y4adHg&client_id=a7c8a199-a747-484f-aab3-fc383e7e0c10&redirect_uri=https://www.certification.openid.net/test/a/0015800000jeox1AAA/callback&scope=openid%20accounts&response_type=code%20id_token
2020-07-15 13:51:31 REDIRECT
fapi-rw-id2-attempt-reuse-authorisation-code-after-one-second
Redirecting to authorization endpoint
redirect_to
https://ob.business.hsbc.co.uk/obie/open-banking/v1.1/oauth2/authorize?request=eyJraWQiOiJBSjVjQV8wYllxbGx1SzBBcGpwdFdqVWdrSnMiLCJhbGciOiJQUzI1NiJ9.eyJhdWQiOiJodHRwczpcL1wvYXBpLm9iLmJ1c2luZXNzLmhzYmMuY28udWsiLCJzY29wZSI6Im9wZW5pZCBhY2NvdW50cyIsImNsYWltcyI6eyJpZF90b2tlbiI6eyJhY3IiOnsidmFsdWVzIjpbInVybjpvcGVuYmFua2luZzpwc2QyOnNjYSIsInVybjpvcGVuYmFua2luZzpwc2QyOmNhIl0sImVzc2VudGlhbCI6dHJ1ZX0sIm9wZW5iYW5raW5nX2ludGVudF9pZCI6eyJ2YWx1ZSI6IjIyNzNiNDNkLTQ3YzMtNGVmMS05MTY0LTNjMGEyYzQ4ODFjZCIsImVzc2VudGlhbCI6dHJ1ZX19fSwiaXNzIjoiYTdjOGExOTktYTc0Ny00ODRmLWFhYjMtZmMzODNlN2UwYzEwIiwicmVzcG9uc2VfdHlwZSI6ImNvZGUgaWRfdG9rZW4iLCJyZWRpcmVjdF91cmkiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvYVwvMDAxNTgwMDAwMGplb3gxQUFBXC9jYWxsYmFjayIsInN0YXRlIjoiTVBjd0k4cmxtWCIsImV4cCI6MTU5NDgyMTM5MSwibm9uY2UiOiJVYmE0a2t5UVV3IiwiY2xpZW50X2lkIjoiYTdjOGExOTktYTc0Ny00ODRmLWFhYjMtZmMzODNlN2UwYzEwIn0.bUQO6wB1MgyiMzpx0pqTELJE6HBQlwKYVmuptzhP5B27YDShfNxeHMYYKlMBpdyH9kV4mqaJwlFeXvZCdBN717Mj2xMe8cvZZXDPiwa1MkTxKlOWErk3pEcCDoBU040HTD2PMJhbAKBzNFGKl30ktlGGB0n16LfC85v71Q_bnL9zvGeQu06aAHNhmutJoKm_ZlxWNB-awNB_IFOMLUR1a-BN51AssjlABKp-wHMv2JKMitFY9JgaJKOOptj2nx7i1AxUTxaeURvAe4Z69-npZ57rMvvi0NRLadQleBagAJu4z7rf0fgmSDTVKNoHzpVoH4r7CGon5H3KUX6-Y4adHg&client_id=a7c8a199-a747-484f-aab3-fc383e7e0c10&redirect_uri=https://www.certification.openid.net/test/a/0015800000jeox1AAA/callback&scope=openid%20accounts&response_type=code%20id_token
2020-07-15 13:52:46 INCOMING
fapi-rw-id2-attempt-reuse-authorisation-code-after-one-second
Incoming HTTP request to test instance PS1YjmPbLX
incoming_headers
{
  "host": "www.certification.openid.net",
  "upgrade-insecure-requests": "1",
  "user-agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36",
  "sec-fetch-user": "?1",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,image/webp,image/apng,*/*;q\u003d0.8,application/signed-exchange;v\u003db3",
  "sec-fetch-site": "cross-site",
  "sec-fetch-mode": "navigate",
  "referer": "https://ob.business.hsbc.co.uk/?redirectJwt\u003deyJqa3UiOiJodHRwczpcL1wvZDFvenQ5MWY4dzhkNTguY2xvdWRmcm9udC5uZXRcL2p3a3NcL3B1YmxpYy5qd2tzIiwia2lkIjoiZXh0ZXJuYWwiLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJzdGFuZGFyZCI6Ik9CSUUiLCJyZWRpcmVjdFVyaSI6Imh0dHBzOlwvXC93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0XC90ZXN0XC9hXC8wMDE1ODAwMDAwamVveDFBQUFcL2NhbGxiYWNrIiwiY291bnRyeSI6IkdCIiwiMVNDQUNoZWNrRW5hYmxlZCI6ZmFsc2UsImlzcyI6IlBvc3RhbENvZGU9QjEgMUhRLDIuNS40Ljk3PVBTREdCLUZDQS03NjUxMTIsQ049SFNCQyxTVFJFRVQ9QmlybWluZ2hhbSxMPUJpcm1pbmdoYW0sT1U9MSBDZW50ZW5hcnkgU3F1YXJlLE89SFNCQyBVSyxDPVVLIiwiY29uc2VudFN1YlR5cGUiOiJBY2NvdW50QWNjZXNzIiwiY29uc2VudElkIjoiMjI3M2I0M2QtNDdjMy00ZWYxLTkxNjQtM2MwYTJjNDg4MWNkIiwiY29uc2VudENyZWF0aW9uRGF0ZSI6MTU5NDgyMTA5MSwic2NvcGUiOiJvcGVuaWQgYWNjb3VudHMiLCJjb25zZW50U3RhdHVzIjoiQXdhaXRpbmdBdXRob3Jpc2F0aW9uIiwiY29uc2VudFR5cGUiOiJBSVNQIiwic3RhdGUiOiJNUGN3SThybG1YIiwiZXhwIjoxNTk0ODIzODA2LCJpYXQiOjE1OTQ4MjExMDYsImJyYW5kIjoiQlVTSU5FU1MiLCJqdGkiOiI4Nzg4NjI5MS01NGNjLTQxNTktODIxOC1iZTM5MTJmNjBhMzgiLCJ0cHBOYW1lIjoiaHR0cHM6XC9cL1RPRE8uY29tIiwiY2xpZW50SWQiOiJhN2M4YTE5OS1hNzQ3LTQ4NGYtYWFiMy1mYzM4M2U3ZTBjMTAiLCJvcmdOYW1lIjoib2Jmb3JnZXJvY2t0ZXN0IiwiY3VzdG9tZXJJcCI6IjE5My4xMDguNzMuNDciLCJwc3VBY2NlcHRMYW5ndWFnZSI6ImVuX0dCIiwibm9uY2UiOiJVYmE0a2t5UVV3IiwiYXVkIjoiaHR0cHM6XC9cLzE5My4xMDguNzMuNDc6NDQzIiwidHBwSWQiOiJQU0RHQi1GQ0EtNzY1MTEyIiwidHBwU29mdHdhcmVJZCI6IlRHeVF2aFNZTXZ2T040ZHI1bjl0dHkifQ.jzYLl5SXOjn9fTXa6c9GlLGHDRnpmVkcBUkvubW2nSFVc9VZy392OyAaA1A7G1FGWkIvNtq2Gun8-s3hj3nDHd3-0HoCsi2hfQarBe9FEGcIKH2oWVqxFIo-0t24YNUYaQoIBwdAf9_boPz9lQO9WijMdRDJ1WpkGNNoKanWBtMASvVzJY_U0xDpnWLxFIq4dIk-pmycvlb35n1D4VeJDmWi-jbq_4Odjiu5JN8e8B6Ye-rWUn_Wc7sdl46DumpEWX5BgjIAEi5oc-UNHIWe5hDWkGXonEq-VDRCJANqyznPnONR9smlestvBthDyXYI4fjKWzv5l_srRA7OvgRYFQ",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-GB,en-US;q\u003d0.9,en;q\u003d0.8",
  "cookie": "BCSI-CS-ee3a44956ba123fd\u003d1; __utmc\u003d201319536; __utmz\u003d201319536.1594384097.4.3.utmcsr\u003ddigital-confluence.systems.uk.hsbc|utmccn\u003d(referral)|utmcmd\u003dreferral|utmcct\u003d/confluence/display/OPENB/FAPI%20Conformance%20Security%20Testing; __utma\u003d201319536.1120581637.1592897465.1594626041.1594810123.6; BCSI-CS-1b34038660903e3b\u003d1; JSESSIONID\u003d3C99A06F32F4FEF271661DA4F7C4AFA2",
  "cache-control": "max-stale\u003d0",
  "x-bluecoat-via": "5eda7329548b4332",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
callback
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
2020-07-15 13:52:46 SUCCESS
CreateRandomImplicitSubmitUrl
Created random implicit submission URL
implicit_submit
{
  "path": "implicit/pRrq4xt7HXulo0Z0VvzT",
  "fullUrl": "https://www.certification.openid.net/test/a/0015800000jeox1AAA/implicit/pRrq4xt7HXulo0Z0VvzT"
}
2020-07-15 13:52:46 OUTGOING
fapi-rw-id2-attempt-reuse-authorisation-code-after-one-second
Response to HTTP request to test instance PS1YjmPbLX
outgoing
ModelAndView [view="implicitCallback"; model={implicitSubmitUrl=https://www.certification.openid.net/test/a/0015800000jeox1AAA/implicit/pRrq4xt7HXulo0Z0VvzT, returnUrl=/log-detail.html?log=PS1YjmPbLX}]
outgoing_path
callback
2020-07-15 13:52:47 INCOMING
fapi-rw-id2-attempt-reuse-authorisation-code-after-one-second
Incoming HTTP request to test instance PS1YjmPbLX
incoming_headers
{
  "host": "www.certification.openid.net",
  "accept": "*/*",
  "origin": "https://www.certification.openid.net",
  "x-requested-with": "XMLHttpRequest",
  "user-agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36",
  "content-type": "text/plain",
  "sec-fetch-site": "same-origin",
  "sec-fetch-mode": "cors",
  "referer": "https://www.certification.openid.net/test/a/0015800000jeox1AAA/callback",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-GB,en-US;q\u003d0.9,en;q\u003d0.8",
  "cookie": "BCSI-CS-ee3a44956ba123fd\u003d1; __utmc\u003d201319536; __utmz\u003d201319536.1594384097.4.3.utmcsr\u003ddigital-confluence.systems.uk.hsbc|utmccn\u003d(referral)|utmcmd\u003dreferral|utmcct\u003d/confluence/display/OPENB/FAPI%20Conformance%20Security%20Testing; __utma\u003d201319536.1120581637.1592897465.1594626041.1594810123.6; BCSI-CS-1b34038660903e3b\u003d1; JSESSIONID\u003d3C99A06F32F4FEF271661DA4F7C4AFA2",
  "x-bluecoat-via": "5eda7329548b4332",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "content-length": "967",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net",
  "connection": "close"
}
incoming_path
implicit/pRrq4xt7HXulo0Z0VvzT
incoming_body_form_params
incoming_method
POST
incoming_body_json
incoming_query_string_params
{}
incoming_body
#code=uXkjnoP2fmwvpHRiR_-SDeqocIU&state=MPcwI8rlmX&id_token=eyJraWQiOiJleHRlcm5hbCIsInR5cCI6IkpXVCIsImFsZyI6IlBTMjU2In0.eyJhY3IiOiJ1cm46b3BlbmJhbmtpbmc6cHNkMjpzY2EiLCJhdWQiOiJhN2M4YTE5OS1hNzQ3LTQ4NGYtYWFiMy1mYzM4M2U3ZTBjMTAiLCJzdWIiOiIyMjczYjQzZC00N2MzLTRlZjEtOTE2NC0zYzBhMmM0ODgxY2QiLCJjX2hhc2giOiJtNGFDREZIbHU2MU5BZm5wQWs1aWd3Iiwib3BlbmJhbmtpbmdfaW50ZW50X2lkIjoiMjI3M2I0M2QtNDdjMy00ZWYxLTkxNjQtM2MwYTJjNDg4MWNkIiwic19oYXNoIjoiTlM5b1E0SkNaU3VuLWRTQmdnNUs4QSIsImF1dGhfdGltZSI6MTU5NDgyMTE1MywiaXNzIjoiaHR0cHM6XC9cL2FwaS5vYi5idXNpbmVzcy5oc2JjLmNvLnVrIiwiZXhwIjoxNTk0ODIxNDYzLCJpYXQiOjE1OTQ4MjExNjMsIm5vbmNlIjoiVWJhNGtreVFVdyJ9.YHo3QYUKpHTH_zljZZvN5uVsCF7Yqe29yFhAlSkI1KG7qr4c9xQadLCOIkvdInCFuoxaOWPqjQOeyUB2X29CzeC6GSshmu9KJnl30T9XJI9d3CbcZEzIo_WtaZH1NMVoMMYqEMc83VHuVkNK__kt0Qmxj_7FjfqKHh_iWWdNQigD1hy2vsem-EWa5_GAf1tRsGv20rs-EaqagqO-Phud9WQGXu6KQXzx9jNEyo3fJwup33SBAvzkcBQFPxuIiaYwUIrSThnV_QhEmPXxTPnB2EA6oT6C5ZALBhDJKuhSkVxs00MAIpdjL5rT6fTU1L8-lEPHtow5c3bSLhlZzkOGiQ
2020-07-15 13:52:47 OUTGOING
fapi-rw-id2-attempt-reuse-authorisation-code-after-one-second
Response to HTTP request to test instance PS1YjmPbLX
outgoing
org.springframework.web.servlet.view.RedirectView: [RedirectView]; URL [/log-detail.html?log=PS1YjmPbLX]
outgoing_path
implicit/pRrq4xt7HXulo0Z0VvzT
2020-07-15 13:52:47
ExtractImplicitHashToCallbackResponse
Extracted response from URL fragment
parameters
[
  {
    "value": "uXkjnoP2fmwvpHRiR_-SDeqocIU",
    "name": "code"
  },
  {
    "value": "MPcwI8rlmX",
    "name": "state"
  },
  {
    "value": "eyJraWQiOiJleHRlcm5hbCIsInR5cCI6IkpXVCIsImFsZyI6IlBTMjU2In0.eyJhY3IiOiJ1cm46b3BlbmJhbmtpbmc6cHNkMjpzY2EiLCJhdWQiOiJhN2M4YTE5OS1hNzQ3LTQ4NGYtYWFiMy1mYzM4M2U3ZTBjMTAiLCJzdWIiOiIyMjczYjQzZC00N2MzLTRlZjEtOTE2NC0zYzBhMmM0ODgxY2QiLCJjX2hhc2giOiJtNGFDREZIbHU2MU5BZm5wQWs1aWd3Iiwib3BlbmJhbmtpbmdfaW50ZW50X2lkIjoiMjI3M2I0M2QtNDdjMy00ZWYxLTkxNjQtM2MwYTJjNDg4MWNkIiwic19oYXNoIjoiTlM5b1E0SkNaU3VuLWRTQmdnNUs4QSIsImF1dGhfdGltZSI6MTU5NDgyMTE1MywiaXNzIjoiaHR0cHM6XC9cL2FwaS5vYi5idXNpbmVzcy5oc2JjLmNvLnVrIiwiZXhwIjoxNTk0ODIxNDYzLCJpYXQiOjE1OTQ4MjExNjMsIm5vbmNlIjoiVWJhNGtreVFVdyJ9.YHo3QYUKpHTH_zljZZvN5uVsCF7Yqe29yFhAlSkI1KG7qr4c9xQadLCOIkvdInCFuoxaOWPqjQOeyUB2X29CzeC6GSshmu9KJnl30T9XJI9d3CbcZEzIo_WtaZH1NMVoMMYqEMc83VHuVkNK__kt0Qmxj_7FjfqKHh_iWWdNQigD1hy2vsem-EWa5_GAf1tRsGv20rs-EaqagqO-Phud9WQGXu6KQXzx9jNEyo3fJwup33SBAvzkcBQFPxuIiaYwUIrSThnV_QhEmPXxTPnB2EA6oT6C5ZALBhDJKuhSkVxs00MAIpdjL5rT6fTU1L8-lEPHtow5c3bSLhlZzkOGiQ",
    "name": "id_token"
  }
]
2020-07-15 13:52:47 SUCCESS
ExtractImplicitHashToCallbackResponse
Extracted the hash values
code
uXkjnoP2fmwvpHRiR_-SDeqocIU
state
MPcwI8rlmX
id_token
eyJraWQiOiJleHRlcm5hbCIsInR5cCI6IkpXVCIsImFsZyI6IlBTMjU2In0.eyJhY3IiOiJ1cm46b3BlbmJhbmtpbmc6cHNkMjpzY2EiLCJhdWQiOiJhN2M4YTE5OS1hNzQ3LTQ4NGYtYWFiMy1mYzM4M2U3ZTBjMTAiLCJzdWIiOiIyMjczYjQzZC00N2MzLTRlZjEtOTE2NC0zYzBhMmM0ODgxY2QiLCJjX2hhc2giOiJtNGFDREZIbHU2MU5BZm5wQWs1aWd3Iiwib3BlbmJhbmtpbmdfaW50ZW50X2lkIjoiMjI3M2I0M2QtNDdjMy00ZWYxLTkxNjQtM2MwYTJjNDg4MWNkIiwic19oYXNoIjoiTlM5b1E0SkNaU3VuLWRTQmdnNUs4QSIsImF1dGhfdGltZSI6MTU5NDgyMTE1MywiaXNzIjoiaHR0cHM6XC9cL2FwaS5vYi5idXNpbmVzcy5oc2JjLmNvLnVrIiwiZXhwIjoxNTk0ODIxNDYzLCJpYXQiOjE1OTQ4MjExNjMsIm5vbmNlIjoiVWJhNGtreVFVdyJ9.YHo3QYUKpHTH_zljZZvN5uVsCF7Yqe29yFhAlSkI1KG7qr4c9xQadLCOIkvdInCFuoxaOWPqjQOeyUB2X29CzeC6GSshmu9KJnl30T9XJI9d3CbcZEzIo_WtaZH1NMVoMMYqEMc83VHuVkNK__kt0Qmxj_7FjfqKHh_iWWdNQigD1hy2vsem-EWa5_GAf1tRsGv20rs-EaqagqO-Phud9WQGXu6KQXzx9jNEyo3fJwup33SBAvzkcBQFPxuIiaYwUIrSThnV_QhEmPXxTPnB2EA6oT6C5ZALBhDJKuhSkVxs00MAIpdjL5rT6fTU1L8-lEPHtow5c3bSLhlZzkOGiQ
2020-07-15 13:52:47 REDIRECT-IN
fapi-rw-id2-attempt-reuse-authorisation-code-after-one-second
Authorization endpoint response captured
url_query
{}
headers
{
  "host": "www.certification.openid.net",
  "upgrade-insecure-requests": "1",
  "user-agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36",
  "sec-fetch-user": "?1",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,image/webp,image/apng,*/*;q\u003d0.8,application/signed-exchange;v\u003db3",
  "sec-fetch-site": "cross-site",
  "sec-fetch-mode": "navigate",
  "referer": "https://ob.business.hsbc.co.uk/?redirectJwt\u003deyJqa3UiOiJodHRwczpcL1wvZDFvenQ5MWY4dzhkNTguY2xvdWRmcm9udC5uZXRcL2p3a3NcL3B1YmxpYy5qd2tzIiwia2lkIjoiZXh0ZXJuYWwiLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJzdGFuZGFyZCI6Ik9CSUUiLCJyZWRpcmVjdFVyaSI6Imh0dHBzOlwvXC93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0XC90ZXN0XC9hXC8wMDE1ODAwMDAwamVveDFBQUFcL2NhbGxiYWNrIiwiY291bnRyeSI6IkdCIiwiMVNDQUNoZWNrRW5hYmxlZCI6ZmFsc2UsImlzcyI6IlBvc3RhbENvZGU9QjEgMUhRLDIuNS40Ljk3PVBTREdCLUZDQS03NjUxMTIsQ049SFNCQyxTVFJFRVQ9QmlybWluZ2hhbSxMPUJpcm1pbmdoYW0sT1U9MSBDZW50ZW5hcnkgU3F1YXJlLE89SFNCQyBVSyxDPVVLIiwiY29uc2VudFN1YlR5cGUiOiJBY2NvdW50QWNjZXNzIiwiY29uc2VudElkIjoiMjI3M2I0M2QtNDdjMy00ZWYxLTkxNjQtM2MwYTJjNDg4MWNkIiwiY29uc2VudENyZWF0aW9uRGF0ZSI6MTU5NDgyMTA5MSwic2NvcGUiOiJvcGVuaWQgYWNjb3VudHMiLCJjb25zZW50U3RhdHVzIjoiQXdhaXRpbmdBdXRob3Jpc2F0aW9uIiwiY29uc2VudFR5cGUiOiJBSVNQIiwic3RhdGUiOiJNUGN3SThybG1YIiwiZXhwIjoxNTk0ODIzODA2LCJpYXQiOjE1OTQ4MjExMDYsImJyYW5kIjoiQlVTSU5FU1MiLCJqdGkiOiI4Nzg4NjI5MS01NGNjLTQxNTktODIxOC1iZTM5MTJmNjBhMzgiLCJ0cHBOYW1lIjoiaHR0cHM6XC9cL1RPRE8uY29tIiwiY2xpZW50SWQiOiJhN2M4YTE5OS1hNzQ3LTQ4NGYtYWFiMy1mYzM4M2U3ZTBjMTAiLCJvcmdOYW1lIjoib2Jmb3JnZXJvY2t0ZXN0IiwiY3VzdG9tZXJJcCI6IjE5My4xMDguNzMuNDciLCJwc3VBY2NlcHRMYW5ndWFnZSI6ImVuX0dCIiwibm9uY2UiOiJVYmE0a2t5UVV3IiwiYXVkIjoiaHR0cHM6XC9cLzE5My4xMDguNzMuNDc6NDQzIiwidHBwSWQiOiJQU0RHQi1GQ0EtNzY1MTEyIiwidHBwU29mdHdhcmVJZCI6IlRHeVF2aFNZTXZ2T040ZHI1bjl0dHkifQ.jzYLl5SXOjn9fTXa6c9GlLGHDRnpmVkcBUkvubW2nSFVc9VZy392OyAaA1A7G1FGWkIvNtq2Gun8-s3hj3nDHd3-0HoCsi2hfQarBe9FEGcIKH2oWVqxFIo-0t24YNUYaQoIBwdAf9_boPz9lQO9WijMdRDJ1WpkGNNoKanWBtMASvVzJY_U0xDpnWLxFIq4dIk-pmycvlb35n1D4VeJDmWi-jbq_4Odjiu5JN8e8B6Ye-rWUn_Wc7sdl46DumpEWX5BgjIAEi5oc-UNHIWe5hDWkGXonEq-VDRCJANqyznPnONR9smlestvBthDyXYI4fjKWzv5l_srRA7OvgRYFQ",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-GB,en-US;q\u003d0.9,en;q\u003d0.8",
  "cookie": "BCSI-CS-ee3a44956ba123fd\u003d1; __utmc\u003d201319536; __utmz\u003d201319536.1594384097.4.3.utmcsr\u003ddigital-confluence.systems.uk.hsbc|utmccn\u003d(referral)|utmcmd\u003dreferral|utmcct\u003d/confluence/display/OPENB/FAPI%20Conformance%20Security%20Testing; __utma\u003d201319536.1120581637.1592897465.1594626041.1594810123.6; BCSI-CS-1b34038660903e3b\u003d1; JSESSIONID\u003d3C99A06F32F4FEF271661DA4F7C4AFA2",
  "cache-control": "max-stale\u003d0",
  "x-bluecoat-via": "5eda7329548b4332",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
http_method
GET
url_fragment
{
  "code": "uXkjnoP2fmwvpHRiR_-SDeqocIU",
  "state": "MPcwI8rlmX",
  "id_token": "eyJraWQiOiJleHRlcm5hbCIsInR5cCI6IkpXVCIsImFsZyI6IlBTMjU2In0.eyJhY3IiOiJ1cm46b3BlbmJhbmtpbmc6cHNkMjpzY2EiLCJhdWQiOiJhN2M4YTE5OS1hNzQ3LTQ4NGYtYWFiMy1mYzM4M2U3ZTBjMTAiLCJzdWIiOiIyMjczYjQzZC00N2MzLTRlZjEtOTE2NC0zYzBhMmM0ODgxY2QiLCJjX2hhc2giOiJtNGFDREZIbHU2MU5BZm5wQWs1aWd3Iiwib3BlbmJhbmtpbmdfaW50ZW50X2lkIjoiMjI3M2I0M2QtNDdjMy00ZWYxLTkxNjQtM2MwYTJjNDg4MWNkIiwic19oYXNoIjoiTlM5b1E0SkNaU3VuLWRTQmdnNUs4QSIsImF1dGhfdGltZSI6MTU5NDgyMTE1MywiaXNzIjoiaHR0cHM6XC9cL2FwaS5vYi5idXNpbmVzcy5oc2JjLmNvLnVrIiwiZXhwIjoxNTk0ODIxNDYzLCJpYXQiOjE1OTQ4MjExNjMsIm5vbmNlIjoiVWJhNGtreVFVdyJ9.YHo3QYUKpHTH_zljZZvN5uVsCF7Yqe29yFhAlSkI1KG7qr4c9xQadLCOIkvdInCFuoxaOWPqjQOeyUB2X29CzeC6GSshmu9KJnl30T9XJI9d3CbcZEzIo_WtaZH1NMVoMMYqEMc83VHuVkNK__kt0Qmxj_7FjfqKHh_iWWdNQigD1hy2vsem-EWa5_GAf1tRsGv20rs-EaqagqO-Phud9WQGXu6KQXzx9jNEyo3fJwup33SBAvzkcBQFPxuIiaYwUIrSThnV_QhEmPXxTPnB2EA6oT6C5ZALBhDJKuhSkVxs00MAIpdjL5rT6fTU1L8-lEPHtow5c3bSLhlZzkOGiQ"
}
post_body
Verify authorization endpoint response
2020-07-15 13:52:47 SUCCESS
RejectAuthCodeInUrlQuery
Authorization code is not present in URL query returned from authorization endpoint
2020-07-15 13:52:47 SUCCESS
RejectErrorInUrlQuery
'error' is not present in URL query returned from authorization endpoint
2020-07-15 13:52:47 SUCCESS
CheckMatchingCallbackParameters
Callback parameters successfully verified
2020-07-15 13:52:47 SUCCESS
RejectStateInUrlQueryForHybridFlow
state is correctly not present in URL query returned from authorization endpoint (as in the hybrid flow it must be returned in the URL fragment/hash only)
2020-07-15 13:52:47 SUCCESS
CheckIfAuthorizationEndpointError
No error from authorization endpoint
2020-07-15 13:52:47 SUCCESS
ValidateSuccessfulHybridResponseFromAuthorizationEndpoint
authorization endpoint response does not include unexpected parameters
code
uXkjnoP2fmwvpHRiR_-SDeqocIU
state
MPcwI8rlmX
id_token
eyJraWQiOiJleHRlcm5hbCIsInR5cCI6IkpXVCIsImFsZyI6IlBTMjU2In0.eyJhY3IiOiJ1cm46b3BlbmJhbmtpbmc6cHNkMjpzY2EiLCJhdWQiOiJhN2M4YTE5OS1hNzQ3LTQ4NGYtYWFiMy1mYzM4M2U3ZTBjMTAiLCJzdWIiOiIyMjczYjQzZC00N2MzLTRlZjEtOTE2NC0zYzBhMmM0ODgxY2QiLCJjX2hhc2giOiJtNGFDREZIbHU2MU5BZm5wQWs1aWd3Iiwib3BlbmJhbmtpbmdfaW50ZW50X2lkIjoiMjI3M2I0M2QtNDdjMy00ZWYxLTkxNjQtM2MwYTJjNDg4MWNkIiwic19oYXNoIjoiTlM5b1E0SkNaU3VuLWRTQmdnNUs4QSIsImF1dGhfdGltZSI6MTU5NDgyMTE1MywiaXNzIjoiaHR0cHM6XC9cL2FwaS5vYi5idXNpbmVzcy5oc2JjLmNvLnVrIiwiZXhwIjoxNTk0ODIxNDYzLCJpYXQiOjE1OTQ4MjExNjMsIm5vbmNlIjoiVWJhNGtreVFVdyJ9.YHo3QYUKpHTH_zljZZvN5uVsCF7Yqe29yFhAlSkI1KG7qr4c9xQadLCOIkvdInCFuoxaOWPqjQOeyUB2X29CzeC6GSshmu9KJnl30T9XJI9d3CbcZEzIo_WtaZH1NMVoMMYqEMc83VHuVkNK__kt0Qmxj_7FjfqKHh_iWWdNQigD1hy2vsem-EWa5_GAf1tRsGv20rs-EaqagqO-Phud9WQGXu6KQXzx9jNEyo3fJwup33SBAvzkcBQFPxuIiaYwUIrSThnV_QhEmPXxTPnB2EA6oT6C5ZALBhDJKuhSkVxs00MAIpdjL5rT6fTU1L8-lEPHtow5c3bSLhlZzkOGiQ
2020-07-15 13:52:47 SUCCESS
CheckMatchingStateParameter
State parameter correctly returned
state
MPcwI8rlmX
2020-07-15 13:52:47 SUCCESS
ExtractAuthorizationCodeFromAuthorizationResponse
Found authorization code
code
uXkjnoP2fmwvpHRiR_-SDeqocIU
2020-07-15 13:52:47 SUCCESS
EnsureMinimumAuthorizationCodeLength
Authorization code is of sufficient length
actual
216
required
128
2020-07-15 13:52:47 SUCCESS
EnsureMinimumAuthorizationCodeEntropy
Calculated shannon entropy seems sufficient
actual
124.38196255841372
expected
96.0
2020-07-15 13:52:47 SUCCESS
ExtractIdTokenFromAuthorizationResponse
Found and parsed the id_token from authorization_endpoint_response
value
eyJraWQiOiJleHRlcm5hbCIsInR5cCI6IkpXVCIsImFsZyI6IlBTMjU2In0.eyJhY3IiOiJ1cm46b3BlbmJhbmtpbmc6cHNkMjpzY2EiLCJhdWQiOiJhN2M4YTE5OS1hNzQ3LTQ4NGYtYWFiMy1mYzM4M2U3ZTBjMTAiLCJzdWIiOiIyMjczYjQzZC00N2MzLTRlZjEtOTE2NC0zYzBhMmM0ODgxY2QiLCJjX2hhc2giOiJtNGFDREZIbHU2MU5BZm5wQWs1aWd3Iiwib3BlbmJhbmtpbmdfaW50ZW50X2lkIjoiMjI3M2I0M2QtNDdjMy00ZWYxLTkxNjQtM2MwYTJjNDg4MWNkIiwic19oYXNoIjoiTlM5b1E0SkNaU3VuLWRTQmdnNUs4QSIsImF1dGhfdGltZSI6MTU5NDgyMTE1MywiaXNzIjoiaHR0cHM6XC9cL2FwaS5vYi5idXNpbmVzcy5oc2JjLmNvLnVrIiwiZXhwIjoxNTk0ODIxNDYzLCJpYXQiOjE1OTQ4MjExNjMsIm5vbmNlIjoiVWJhNGtreVFVdyJ9.YHo3QYUKpHTH_zljZZvN5uVsCF7Yqe29yFhAlSkI1KG7qr4c9xQadLCOIkvdInCFuoxaOWPqjQOeyUB2X29CzeC6GSshmu9KJnl30T9XJI9d3CbcZEzIo_WtaZH1NMVoMMYqEMc83VHuVkNK__kt0Qmxj_7FjfqKHh_iWWdNQigD1hy2vsem-EWa5_GAf1tRsGv20rs-EaqagqO-Phud9WQGXu6KQXzx9jNEyo3fJwup33SBAvzkcBQFPxuIiaYwUIrSThnV_QhEmPXxTPnB2EA6oT6C5ZALBhDJKuhSkVxs00MAIpdjL5rT6fTU1L8-lEPHtow5c3bSLhlZzkOGiQ
header
{
  "kid": "external",
  "typ": "JWT",
  "alg": "PS256"
}
claims
{
  "acr": "urn:openbanking:psd2:sca",
  "aud": "a7c8a199-a747-484f-aab3-fc383e7e0c10",
  "sub": "2273b43d-47c3-4ef1-9164-3c0a2c4881cd",
  "c_hash": "m4aCDFHlu61NAfnpAk5igw",
  "openbanking_intent_id": "2273b43d-47c3-4ef1-9164-3c0a2c4881cd",
  "s_hash": "NS9oQ4JCZSun-dSBgg5K8A",
  "auth_time": 1594821153,
  "iss": "https://api.ob.business.hsbc.co.uk",
  "exp": 1594821463,
  "iat": 1594821163,
  "nonce": "Uba4kkyQUw"
}
2020-07-15 13:52:47 SUCCESS
ValidateIdToken
ID token iss, aud, exp, iat, auth_time, acr & nbf claims passed validation checks
2020-07-15 13:52:47 SUCCESS
ValidateIdTokenNonce
Nonce values match
nonce
Uba4kkyQUw
2020-07-15 13:52:47 SUCCESS
ValidateIdTokenACRClaimAgainstRequest
acr value in id_token is (one of) the requested values
actual
urn:openbanking:psd2:sca
requested
[
  "urn:openbanking:psd2:sca",
  "urn:openbanking:psd2:ca"
]
2020-07-15 13:52:47 SUCCESS
OBValidateIdTokenIntentId
openbanking_intent_id passed all validation checks
2020-07-15 13:52:47 SUCCESS
ValidateIdTokenSignature
id_token signature validated
id_token
eyJraWQiOiJleHRlcm5hbCIsInR5cCI6IkpXVCIsImFsZyI6IlBTMjU2In0.eyJhY3IiOiJ1cm46b3BlbmJhbmtpbmc6cHNkMjpzY2EiLCJhdWQiOiJhN2M4YTE5OS1hNzQ3LTQ4NGYtYWFiMy1mYzM4M2U3ZTBjMTAiLCJzdWIiOiIyMjczYjQzZC00N2MzLTRlZjEtOTE2NC0zYzBhMmM0ODgxY2QiLCJjX2hhc2giOiJtNGFDREZIbHU2MU5BZm5wQWs1aWd3Iiwib3BlbmJhbmtpbmdfaW50ZW50X2lkIjoiMjI3M2I0M2QtNDdjMy00ZWYxLTkxNjQtM2MwYTJjNDg4MWNkIiwic19oYXNoIjoiTlM5b1E0SkNaU3VuLWRTQmdnNUs4QSIsImF1dGhfdGltZSI6MTU5NDgyMTE1MywiaXNzIjoiaHR0cHM6XC9cL2FwaS5vYi5idXNpbmVzcy5oc2JjLmNvLnVrIiwiZXhwIjoxNTk0ODIxNDYzLCJpYXQiOjE1OTQ4MjExNjMsIm5vbmNlIjoiVWJhNGtreVFVdyJ9.YHo3QYUKpHTH_zljZZvN5uVsCF7Yqe29yFhAlSkI1KG7qr4c9xQadLCOIkvdInCFuoxaOWPqjQOeyUB2X29CzeC6GSshmu9KJnl30T9XJI9d3CbcZEzIo_WtaZH1NMVoMMYqEMc83VHuVkNK__kt0Qmxj_7FjfqKHh_iWWdNQigD1hy2vsem-EWa5_GAf1tRsGv20rs-EaqagqO-Phud9WQGXu6KQXzx9jNEyo3fJwup33SBAvzkcBQFPxuIiaYwUIrSThnV_QhEmPXxTPnB2EA6oT6C5ZALBhDJKuhSkVxs00MAIpdjL5rT6fTU1L8-lEPHtow5c3bSLhlZzkOGiQ
2020-07-15 13:52:47 SUCCESS
ValidateIdTokenSignatureUsingKid
id_token signature validated
id_token
eyJraWQiOiJleHRlcm5hbCIsInR5cCI6IkpXVCIsImFsZyI6IlBTMjU2In0.eyJhY3IiOiJ1cm46b3BlbmJhbmtpbmc6cHNkMjpzY2EiLCJhdWQiOiJhN2M4YTE5OS1hNzQ3LTQ4NGYtYWFiMy1mYzM4M2U3ZTBjMTAiLCJzdWIiOiIyMjczYjQzZC00N2MzLTRlZjEtOTE2NC0zYzBhMmM0ODgxY2QiLCJjX2hhc2giOiJtNGFDREZIbHU2MU5BZm5wQWs1aWd3Iiwib3BlbmJhbmtpbmdfaW50ZW50X2lkIjoiMjI3M2I0M2QtNDdjMy00ZWYxLTkxNjQtM2MwYTJjNDg4MWNkIiwic19oYXNoIjoiTlM5b1E0SkNaU3VuLWRTQmdnNUs4QSIsImF1dGhfdGltZSI6MTU5NDgyMTE1MywiaXNzIjoiaHR0cHM6XC9cL2FwaS5vYi5idXNpbmVzcy5oc2JjLmNvLnVrIiwiZXhwIjoxNTk0ODIxNDYzLCJpYXQiOjE1OTQ4MjExNjMsIm5vbmNlIjoiVWJhNGtreVFVdyJ9.YHo3QYUKpHTH_zljZZvN5uVsCF7Yqe29yFhAlSkI1KG7qr4c9xQadLCOIkvdInCFuoxaOWPqjQOeyUB2X29CzeC6GSshmu9KJnl30T9XJI9d3CbcZEzIo_WtaZH1NMVoMMYqEMc83VHuVkNK__kt0Qmxj_7FjfqKHh_iWWdNQigD1hy2vsem-EWa5_GAf1tRsGv20rs-EaqagqO-Phud9WQGXu6KQXzx9jNEyo3fJwup33SBAvzkcBQFPxuIiaYwUIrSThnV_QhEmPXxTPnB2EA6oT6C5ZALBhDJKuhSkVxs00MAIpdjL5rT6fTU1L8-lEPHtow5c3bSLhlZzkOGiQ
2020-07-15 13:52:47 SUCCESS
CheckForSubjectInIdToken
Found 'sub' in id_token
sub
2273b43d-47c3-4ef1-9164-3c0a2c4881cd
2020-07-15 13:52:47 SUCCESS
FAPIValidateIdTokenSigningAlg
id_token was signed with a permitted algorithm
alg
PS256
2020-07-15 13:52:47 INFO
FAPIValidateIdTokenEncryptionAlg
Skipped evaluation due to missing required element: id_token jwe_header
path
jwe_header
mapped
object
id_token
2020-07-15 13:52:47 SUCCESS
ExtractSHash
Extracted s_hash from ID Token
s_hash
NS9oQ4JCZSun-dSBgg5K8A
alg
PS256
2020-07-15 13:52:47 SUCCESS
ValidateSHash
State hash validated successfully
s_hash
NS9oQ4JCZSun-dSBgg5K8A
2020-07-15 13:52:47 SUCCESS
ExtractCHash
Extracted c_hash from ID Token
c_hash
m4aCDFHlu61NAfnpAk5igw
alg
PS256
2020-07-15 13:52:47 SUCCESS
ValidateCHash
State hash validated successfully
c_hash
m4aCDFHlu61NAfnpAk5igw
2020-07-15 13:52:47 SUCCESS
CreateTokenEndpointRequestForAuthorizationCodeGrant
grant_type
authorization_code
code
uXkjnoP2fmwvpHRiR_-SDeqocIU
redirect_uri
https://www.certification.openid.net/test/a/0015800000jeox1AAA/callback
2020-07-15 13:52:47 SUCCESS
AddClientIdToTokenEndpointRequest
grant_type
authorization_code
code
uXkjnoP2fmwvpHRiR_-SDeqocIU
redirect_uri
https://www.certification.openid.net/test/a/0015800000jeox1AAA/callback
client_id
a7c8a199-a747-484f-aab3-fc383e7e0c10
2020-07-15 13:52:47
CallTokenEndpoint
HTTP request
request_uri
https://api.ob.business.hsbc.co.uk/obie/open-banking/v1.1/oauth2/token
request_method
POST
request_headers
{
  "accept": "application/json;charset\u003dUTF-8",
  "accept-charset": "utf-8",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "208"
}
request_body
grant_type=authorization_code&code=uXkjnoP2fmwvpHRiR_-SDeqocIU&redirect_uri=https%3A%2F%2Fwww.certification.openid.net%2Ftest%2Fa%2F0015800000jeox1AAA%2Fcallback&client_id=a7c8a199-a747-484f-aab3-fc383e7e0c10
request_mutual_tls
{
  "cert": "MIIGMzCCBRugAwIBAgIEWf+FWzANBgkqhkiG9w0BAQsFADBEMQswCQYDVQQGEwJHQjEUMBIGA1UEChMLT3BlbkJhbmtpbmcxHzAdBgNVBAMTFk9wZW5CYW5raW5nIElzc3VpbmcgQ0EwHhcNMTkxMTA2MDgzMTEwWhcNMjExMTA2MDkwMTEwWjBgMQswCQYDVQQGEwJHQjEZMBcGA1UEChMQSFNCQyBVSyBCYW5rIFBsYzEZMBcGA1UEYRMQUFNER0ItRkNBLTc2NTExMjEbMBkGA1UEAxMSMDAxNTgwMDAwMTZpNDRKQUFRMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw+YPyQLOEqt6LGPPDOLN7HuZg0HpDgxbtBkh3Wz7piWw7tBkcF7tXd+UwNMpkeWi9cK+IcRKswQojH7CI58byl3er2F0XzRhvYFQXgX157M+uEnvTNpFXMz7uofuXVnZn4QAtr4R4VZEFSWcdLypwspzhND+cQbIbVEXYy1wtCi8rJB1QUFq/H3LGzlyh4ftMhqWg7gK1SMNmRir2g96dpJ4qXeBh6UBfOHLLcnikKhzug0doBUkWyUH+uoWxgIbYy+yIk+1kR5W3US+FN/Vi10echoW9gRPKi4EgNkinmB6Xsxtm6lH8e1u1vQdFUUEjGPlsa59zal/kaWZDRobsQIDAQABo4IDDzCCAwswDgYDVR0PAQH/BAQDAgeAMIGLBggrBgEFBQcBAwR/MH0wEwYGBACORgEGMAkGBwQAjkYBBgMwZgYGBACBmCcCMFwwNTAzBgcEAIGYJwECDAZQU1BfUEkGBwQAgZgnAQMMBlBTUF9BSQYHBACBmCcBBAwGUFNQX0lDDBtGaW5hbmNpYWwgQ29uZHVjdCBBdXRob3JpdHkMBkdCLUZDQTAgBgNVHSUBAf8EFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwggFSBgNVHSAEggFJMIIBRTCCAUEGCysGAQQBqHWBBgEBMIIBMDA1BggrBgEFBQcCARYpaHR0cDovL29iLnRydXN0aXMuY29tL3Byb2R1Y3Rpb24vcG9saWNpZXMwgfYGCCsGAQUFBwICMIHpDIHmVGhpcyBDZXJ0aWZpY2F0ZSBpcyBzb2xlbHkgZm9yIHVzZSB3aXRoIE9wZW4gQmFua2luZyBMaW1pdGVkIGFuZCBhc3NvY2lhdGVkIE9wZW4gQmFua2luZyBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNlIGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIE9wZW4gQmFua2luZyBMaW1pdGVkIENlcnRpZmljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhlcmVpbi4wcgYIKwYBBQUHAQEEZjBkMCYGCCsGAQUFBzABhhpodHRwOi8vb2IudHJ1c3Rpcy5jb20vb2NzcDA6BggrBgEFBQcwAoYuaHR0cDovL29iLnRydXN0aXMuY29tL3Byb2R1Y3Rpb24vaXNzdWluZ2NhLmNydDA/BgNVHR8EODA2MDSgMqAwhi5odHRwOi8vb2IudHJ1c3Rpcy5jb20vcHJvZHVjdGlvbi9pc3N1aW5nY2EuY3JsMB8GA1UdIwQYMBaAFJ9Jv042p6zDDyvIR/QfKRvAeQsFMB0GA1UdDgQWBBSVMH4pucCvv1fh9uCqjd8NifLutjANBgkqhkiG9w0BAQsFAAOCAQEAWsgAUN4+7KbGzA4qGWdcJmuzEKKivazwUETyW85+WxJUFw0AMbBTqvwH9MPjU9hbkM7JnMDhwz4bcGpIJJyKRo8oJx9sAa6jaEMFPfHiyhiZNhBRAekblmHcyQ1FxGj3x1kYl8aU7a8W5U7s78ie3dgm6CMtzNkzO2PKO0akngRu/2Qgtc6gyxuBLvJhUblbXYHfw5zcEMTvqtLyv62vJN24FaR33nOmagtkUinK6K6fsHuep0se/5OYVImbmbX8/29K2XOP69JQgsCxED30orTNDiRdS8nJYpNG7pyBKFnn4mG46UNH2AB7nBlWdqhnTtvuWWUpUtnE2KYV75CW3A\u003d\u003d",
  "key": "MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDD5g/JAs4Sq3osY88M4s3se5mDQekODFu0GSHdbPumJbDu0GRwXu1d35TA0ymR5aL1wr4hxEqzBCiMfsIjnxvKXd6vYXRfNGG9gVBeBfXnsz64Se9M2kVczPu6h+5dWdmfhAC2vhHhVkQVJZx0vKnCynOE0P5xBshtURdjLXC0KLyskHVBQWr8fcsbOXKHh+0yGpaDuArVIw2ZGKvaD3p2knipd4GHpQF84cstyeKQqHO6DR2gFSRbJQf66hbGAhtjL7IiT7WRHlbdRL4U39WLXR5yGhb2BE8qLgSA2SKeYHpezG2bqUfx7W7W9B0VRQSMY+Wxrn3NqX+RpZkNGhuxAgMBAAECggEAcy+oYnJCx1mKqeU6DoKhwIZgmnw70+XSWhBZCECXq3cIFTP1itlWStc3OTYwgDf9XPJYJ7Sqk55DVXEHKDja91/Am3D7IyvCuNH7dn2cvNN5cpUOnyrMlCd3cJOSxdMaEiBk5w7VpqC5wZFu8HkqfH3b9OGKat0pJpYC4W8LkPJHMW1C6AYEDRJa4bQj6NuHn4TsTKazZWsA+VkaAPIu6fJd8z9GVGwmmLQGt+K+hI8V6gsAu6LG2/C7zGcj6SCLcx9DsRXWSO8K9znd4POla+dTIKVEtjTI3Jg5NvqMZc98DYutBoYGVWM6OEAd2jXPn65UTjVO4zFPKxl1QOeSAQKBgQDuvbPrtZUAlQts7lUdVGc/mv54pNuA3hwwPiM8k/Ts8qMRAlSb93vVz58xXu/ALUpWDNwSkKd5WYdsxH3qxpkrLG4bwYVV9KV08GVQmQ6H8PAC6w9gbg9UgxT8xsnVZJIaKA0ndrBZTmYBLXsBDu1GeiyD4gO1GnlV2at47IHDUQKBgQDSD32K2IYaaVFFbbsB4Rs9nDweZD0+y4su/Gkec3TUZg076nb74vyHBfbTDCB9r2cpNV3hYe2kNksNNf27O3t7jYvbiFrFIRINJspO0cCBoUbyuXf1u34R7amXA9k+Fwd521msjm9Dh+pqk4qRQdKSXkGIfCgYm+ieZikXY5L6YQKBgGAo/rg5CkwSvGhi0tuebHvdFRRI6rTMQbRYwt6ahbOOw4mNU8ECfNmQ6AD9yTmxxFhGk7nSk/I30mlH96PB3F3cZnk9iFQn1yDz1wsQqx6sODAkt6vSiNA0gBaUhyUxffuVGD9F+h/uiP1+cSXq+j1B5n40YePnRuoCY6OwN1ARAoGADLIk+1RU3pnI8LJOIDHzzIh51bhnPzlcIy3cSJvfzsqQODPWlyjD7IE+xsiv2gjU6lewYePiUg95/8VonX1d3DzU3CLkoY97INJcXeEtimgt+pOdHXwEhZ7gpiD0a11G9WV9iQFe1i0LzP8328mnqXMK8O3YGoypxZEVILXC92ECgYBi9WbaNoElxoXdrie8wPPFZRp6xs2gZGj4Px/HjuT9hY2nKl9NIcqogAyVuVmAp82N4YBwzW0bZ+KSn1aVnPLgfXEy3f3OglfiI4I7/cBA9xwC6fLO1uQ1aD3bQTSiukqGAQhS3mTGInr5WpPeGsWNHozKBohROHw/n1Ugz8ejLQ\u003d\u003d"
}
2020-07-15 13:52:48 RESPONSE
CallTokenEndpoint
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "server": "nginx",
  "date": "Wed, 15 Jul 2020 13:52:48 GMT",
  "content-type": "application/json;charset\u003dUTF-8",
  "content-length": "1034",
  "connection": "keep-alive",
  "x-amzn-requestid": "2f32aa03-4747-4c80-bd43-de35bebe02e8",
  "x-amz-apigw-id": "Pt6HgGC4DoEF85Q\u003d",
  "x-amzn-trace-id": "Root\u003d1-5f0f0a2f-8d1fe94d65812c810ddb9039;Sampled\u003d1",
  "x-xss-protection": "1; mode\u003dblock",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "strict-transport-security": "max-age\u003d31536000; includeSubDomains"
}
response_body
{"access_token":"L0Y09EaCCsHkanGrSBboMbO7Tjo","token_type":"Bearer","expires_in":299,"refresh_token":"jzT5aaoyVf1mGTfjX7Rg3uZTXI4","scope":"openid accounts","id_token":"eyJraWQiOiJleHRlcm5hbCIsInR5cCI6IkpXVCIsImFsZyI6IlBTMjU2In0.eyJhdF9oYXNoIjoibUdsekRfU0hsWUNna21VUFhSY1QwQSIsImFjciI6InVybjpvcGVuYmFua2luZzpwc2QyOnNjYSIsImF1ZCI6ImE3YzhhMTk5LWE3NDctNDg0Zi1hYWIzLWZjMzgzZTdlMGMxMCIsInN1YiI6IjIyNzNiNDNkLTQ3YzMtNGVmMS05MTY0LTNjMGEyYzQ4ODFjZCIsIm9wZW5iYW5raW5nX2ludGVudF9pZCI6IjIyNzNiNDNkLTQ3YzMtNGVmMS05MTY0LTNjMGEyYzQ4ODFjZCIsImF1dGhfdGltZSI6MTU5NDgyMTE2NCwiaXNzIjoiaHR0cHM6XC9cL2FwaS5vYi5idXNpbmVzcy5oc2JjLmNvLnVrIiwiZXhwIjoxNTk0ODIxNDY4LCJpYXQiOjE1OTQ4MjExNjgsIm5vbmNlIjoiVWJhNGtreVFVdyJ9.VtIaw7qWlnL0iayi2euufbAjS3Vpw66YWeJEcDrON577l2tOfGhUERNTSC-x60mbwYzKKkQohwpgSBWbAbqAmW1errU7nvEwWKeK3Toeumg0dcWomjJ-s1QEAySm6MrQuY9JsiXBF2Mq-F4yuISQmfMtEkMKajqyKqDPxOuGOPykuLdlg2Og-0uXDyYY34DRUQWImJK_OquePRlz7sLERa6Shw0a9-zkbTCZqVDS9Wy8ZB8JjVEzb2fxykwk__bWMe5UwhulLOBGyaaJbEZALE27jRmREMwghcVp0qf6JI_Lkip0SyuLA7T4vYixp6q0wsoDmmcELCqsXF7O6YIVPA"}
2020-07-15 13:52:48
CallTokenEndpoint
Token endpoint response
token_endpoint_response
{"access_token":"L0Y09EaCCsHkanGrSBboMbO7Tjo","token_type":"Bearer","expires_in":299,"refresh_token":"jzT5aaoyVf1mGTfjX7Rg3uZTXI4","scope":"openid accounts","id_token":"eyJraWQiOiJleHRlcm5hbCIsInR5cCI6IkpXVCIsImFsZyI6IlBTMjU2In0.eyJhdF9oYXNoIjoibUdsekRfU0hsWUNna21VUFhSY1QwQSIsImFjciI6InVybjpvcGVuYmFua2luZzpwc2QyOnNjYSIsImF1ZCI6ImE3YzhhMTk5LWE3NDctNDg0Zi1hYWIzLWZjMzgzZTdlMGMxMCIsInN1YiI6IjIyNzNiNDNkLTQ3YzMtNGVmMS05MTY0LTNjMGEyYzQ4ODFjZCIsIm9wZW5iYW5raW5nX2ludGVudF9pZCI6IjIyNzNiNDNkLTQ3YzMtNGVmMS05MTY0LTNjMGEyYzQ4ODFjZCIsImF1dGhfdGltZSI6MTU5NDgyMTE2NCwiaXNzIjoiaHR0cHM6XC9cL2FwaS5vYi5idXNpbmVzcy5oc2JjLmNvLnVrIiwiZXhwIjoxNTk0ODIxNDY4LCJpYXQiOjE1OTQ4MjExNjgsIm5vbmNlIjoiVWJhNGtreVFVdyJ9.VtIaw7qWlnL0iayi2euufbAjS3Vpw66YWeJEcDrON577l2tOfGhUERNTSC-x60mbwYzKKkQohwpgSBWbAbqAmW1errU7nvEwWKeK3Toeumg0dcWomjJ-s1QEAySm6MrQuY9JsiXBF2Mq-F4yuISQmfMtEkMKajqyKqDPxOuGOPykuLdlg2Og-0uXDyYY34DRUQWImJK_OquePRlz7sLERa6Shw0a9-zkbTCZqVDS9Wy8ZB8JjVEzb2fxykwk__bWMe5UwhulLOBGyaaJbEZALE27jRmREMwghcVp0qf6JI_Lkip0SyuLA7T4vYixp6q0wsoDmmcELCqsXF7O6YIVPA"}
2020-07-15 13:52:48 SUCCESS
CallTokenEndpoint
Parsed token endpoint response
access_token
L0Y09EaCCsHkanGrSBboMbO7Tjo
token_type
Bearer
expires_in
299
refresh_token
jzT5aaoyVf1mGTfjX7Rg3uZTXI4
scope
openid accounts
id_token
eyJraWQiOiJleHRlcm5hbCIsInR5cCI6IkpXVCIsImFsZyI6IlBTMjU2In0.eyJhdF9oYXNoIjoibUdsekRfU0hsWUNna21VUFhSY1QwQSIsImFjciI6InVybjpvcGVuYmFua2luZzpwc2QyOnNjYSIsImF1ZCI6ImE3YzhhMTk5LWE3NDctNDg0Zi1hYWIzLWZjMzgzZTdlMGMxMCIsInN1YiI6IjIyNzNiNDNkLTQ3YzMtNGVmMS05MTY0LTNjMGEyYzQ4ODFjZCIsIm9wZW5iYW5raW5nX2ludGVudF9pZCI6IjIyNzNiNDNkLTQ3YzMtNGVmMS05MTY0LTNjMGEyYzQ4ODFjZCIsImF1dGhfdGltZSI6MTU5NDgyMTE2NCwiaXNzIjoiaHR0cHM6XC9cL2FwaS5vYi5idXNpbmVzcy5oc2JjLmNvLnVrIiwiZXhwIjoxNTk0ODIxNDY4LCJpYXQiOjE1OTQ4MjExNjgsIm5vbmNlIjoiVWJhNGtreVFVdyJ9.VtIaw7qWlnL0iayi2euufbAjS3Vpw66YWeJEcDrON577l2tOfGhUERNTSC-x60mbwYzKKkQohwpgSBWbAbqAmW1errU7nvEwWKeK3Toeumg0dcWomjJ-s1QEAySm6MrQuY9JsiXBF2Mq-F4yuISQmfMtEkMKajqyKqDPxOuGOPykuLdlg2Og-0uXDyYY34DRUQWImJK_OquePRlz7sLERa6Shw0a9-zkbTCZqVDS9Wy8ZB8JjVEzb2fxykwk__bWMe5UwhulLOBGyaaJbEZALE27jRmREMwghcVp0qf6JI_Lkip0SyuLA7T4vYixp6q0wsoDmmcELCqsXF7O6YIVPA
2020-07-15 13:52:48 SUCCESS
CheckIfTokenEndpointResponseError
No error from token endpoint
2020-07-15 13:52:48 SUCCESS
CheckForAccessTokenValue
Found an access token
access_token
L0Y09EaCCsHkanGrSBboMbO7Tjo
2020-07-15 13:52:48 SUCCESS
ExtractAccessTokenFromTokenResponse
Extracted the access token
value
L0Y09EaCCsHkanGrSBboMbO7Tjo
type
Bearer
2020-07-15 13:52:48 SUCCESS
ExtractExpiresInFromTokenEndpointResponse
Extracted 'expires_in'
expires_in
299
2020-07-15 13:52:48 SUCCESS
ValidateExpiresIn
expires_in passed all validation checks
expires_in
299
2020-07-15 13:52:48 SUCCESS
CheckForRefreshTokenValue
Found a refresh token
refresh_token
jzT5aaoyVf1mGTfjX7Rg3uZTXI4
2020-07-15 13:52:48 SUCCESS
EnsureMinimumRefreshTokenLength
Refresh token is of sufficient length
actual
216
required
128
2020-07-15 13:52:48 SUCCESS
EnsureMinimumRefreshTokenEntropy
Calculated shannon entropy seems sufficient
actual
115.62707505625023
expected
96.0
2020-07-15 13:52:48 SUCCESS
EnsureMinimumAccessTokenLength
Access token is of sufficient length
actual
216
required
128
2020-07-15 13:52:48 SUCCESS
EnsureMinimumAccessTokenEntropy
Calculated shannon entropy seems sufficient
actual
118.38196255841369
expected
96.0
2020-07-15 13:52:48 SUCCESS
ExtractIdTokenFromTokenResponse
Found and parsed the id_token from token_endpoint_response
value
eyJraWQiOiJleHRlcm5hbCIsInR5cCI6IkpXVCIsImFsZyI6IlBTMjU2In0.eyJhdF9oYXNoIjoibUdsekRfU0hsWUNna21VUFhSY1QwQSIsImFjciI6InVybjpvcGVuYmFua2luZzpwc2QyOnNjYSIsImF1ZCI6ImE3YzhhMTk5LWE3NDctNDg0Zi1hYWIzLWZjMzgzZTdlMGMxMCIsInN1YiI6IjIyNzNiNDNkLTQ3YzMtNGVmMS05MTY0LTNjMGEyYzQ4ODFjZCIsIm9wZW5iYW5raW5nX2ludGVudF9pZCI6IjIyNzNiNDNkLTQ3YzMtNGVmMS05MTY0LTNjMGEyYzQ4ODFjZCIsImF1dGhfdGltZSI6MTU5NDgyMTE2NCwiaXNzIjoiaHR0cHM6XC9cL2FwaS5vYi5idXNpbmVzcy5oc2JjLmNvLnVrIiwiZXhwIjoxNTk0ODIxNDY4LCJpYXQiOjE1OTQ4MjExNjgsIm5vbmNlIjoiVWJhNGtreVFVdyJ9.VtIaw7qWlnL0iayi2euufbAjS3Vpw66YWeJEcDrON577l2tOfGhUERNTSC-x60mbwYzKKkQohwpgSBWbAbqAmW1errU7nvEwWKeK3Toeumg0dcWomjJ-s1QEAySm6MrQuY9JsiXBF2Mq-F4yuISQmfMtEkMKajqyKqDPxOuGOPykuLdlg2Og-0uXDyYY34DRUQWImJK_OquePRlz7sLERa6Shw0a9-zkbTCZqVDS9Wy8ZB8JjVEzb2fxykwk__bWMe5UwhulLOBGyaaJbEZALE27jRmREMwghcVp0qf6JI_Lkip0SyuLA7T4vYixp6q0wsoDmmcELCqsXF7O6YIVPA
header
{
  "kid": "external",
  "typ": "JWT",
  "alg": "PS256"
}
claims
{
  "at_hash": "mGlzD_SHlYCgkmUPXRcT0A",
  "acr": "urn:openbanking:psd2:sca",
  "aud": "a7c8a199-a747-484f-aab3-fc383e7e0c10",
  "sub": "2273b43d-47c3-4ef1-9164-3c0a2c4881cd",
  "openbanking_intent_id": "2273b43d-47c3-4ef1-9164-3c0a2c4881cd",
  "auth_time": 1594821164,
  "iss": "https://api.ob.business.hsbc.co.uk",
  "exp": 1594821468,
  "iat": 1594821168,
  "nonce": "Uba4kkyQUw"
}
2020-07-15 13:52:48 SUCCESS
ValidateIdToken
ID token iss, aud, exp, iat, auth_time, acr & nbf claims passed validation checks
2020-07-15 13:52:48 SUCCESS
ValidateIdTokenNonce
Nonce values match
nonce
Uba4kkyQUw
2020-07-15 13:52:48 SUCCESS
ValidateIdTokenACRClaimAgainstRequest
acr value in id_token is (one of) the requested values
actual
urn:openbanking:psd2:sca
requested
[
  "urn:openbanking:psd2:sca",
  "urn:openbanking:psd2:ca"
]
2020-07-15 13:52:48 SUCCESS
OBValidateIdTokenIntentId
openbanking_intent_id passed all validation checks
2020-07-15 13:52:48 SUCCESS
ValidateIdTokenSignature
id_token signature validated
id_token
eyJraWQiOiJleHRlcm5hbCIsInR5cCI6IkpXVCIsImFsZyI6IlBTMjU2In0.eyJhdF9oYXNoIjoibUdsekRfU0hsWUNna21VUFhSY1QwQSIsImFjciI6InVybjpvcGVuYmFua2luZzpwc2QyOnNjYSIsImF1ZCI6ImE3YzhhMTk5LWE3NDctNDg0Zi1hYWIzLWZjMzgzZTdlMGMxMCIsInN1YiI6IjIyNzNiNDNkLTQ3YzMtNGVmMS05MTY0LTNjMGEyYzQ4ODFjZCIsIm9wZW5iYW5raW5nX2ludGVudF9pZCI6IjIyNzNiNDNkLTQ3YzMtNGVmMS05MTY0LTNjMGEyYzQ4ODFjZCIsImF1dGhfdGltZSI6MTU5NDgyMTE2NCwiaXNzIjoiaHR0cHM6XC9cL2FwaS5vYi5idXNpbmVzcy5oc2JjLmNvLnVrIiwiZXhwIjoxNTk0ODIxNDY4LCJpYXQiOjE1OTQ4MjExNjgsIm5vbmNlIjoiVWJhNGtreVFVdyJ9.VtIaw7qWlnL0iayi2euufbAjS3Vpw66YWeJEcDrON577l2tOfGhUERNTSC-x60mbwYzKKkQohwpgSBWbAbqAmW1errU7nvEwWKeK3Toeumg0dcWomjJ-s1QEAySm6MrQuY9JsiXBF2Mq-F4yuISQmfMtEkMKajqyKqDPxOuGOPykuLdlg2Og-0uXDyYY34DRUQWImJK_OquePRlz7sLERa6Shw0a9-zkbTCZqVDS9Wy8ZB8JjVEzb2fxykwk__bWMe5UwhulLOBGyaaJbEZALE27jRmREMwghcVp0qf6JI_Lkip0SyuLA7T4vYixp6q0wsoDmmcELCqsXF7O6YIVPA
2020-07-15 13:52:48 SUCCESS
ValidateIdTokenSignatureUsingKid
id_token signature validated
id_token
eyJraWQiOiJleHRlcm5hbCIsInR5cCI6IkpXVCIsImFsZyI6IlBTMjU2In0.eyJhdF9oYXNoIjoibUdsekRfU0hsWUNna21VUFhSY1QwQSIsImFjciI6InVybjpvcGVuYmFua2luZzpwc2QyOnNjYSIsImF1ZCI6ImE3YzhhMTk5LWE3NDctNDg0Zi1hYWIzLWZjMzgzZTdlMGMxMCIsInN1YiI6IjIyNzNiNDNkLTQ3YzMtNGVmMS05MTY0LTNjMGEyYzQ4ODFjZCIsIm9wZW5iYW5raW5nX2ludGVudF9pZCI6IjIyNzNiNDNkLTQ3YzMtNGVmMS05MTY0LTNjMGEyYzQ4ODFjZCIsImF1dGhfdGltZSI6MTU5NDgyMTE2NCwiaXNzIjoiaHR0cHM6XC9cL2FwaS5vYi5idXNpbmVzcy5oc2JjLmNvLnVrIiwiZXhwIjoxNTk0ODIxNDY4LCJpYXQiOjE1OTQ4MjExNjgsIm5vbmNlIjoiVWJhNGtreVFVdyJ9.VtIaw7qWlnL0iayi2euufbAjS3Vpw66YWeJEcDrON577l2tOfGhUERNTSC-x60mbwYzKKkQohwpgSBWbAbqAmW1errU7nvEwWKeK3Toeumg0dcWomjJ-s1QEAySm6MrQuY9JsiXBF2Mq-F4yuISQmfMtEkMKajqyKqDPxOuGOPykuLdlg2Og-0uXDyYY34DRUQWImJK_OquePRlz7sLERa6Shw0a9-zkbTCZqVDS9Wy8ZB8JjVEzb2fxykwk__bWMe5UwhulLOBGyaaJbEZALE27jRmREMwghcVp0qf6JI_Lkip0SyuLA7T4vYixp6q0wsoDmmcELCqsXF7O6YIVPA
2020-07-15 13:52:48 SUCCESS
CheckForSubjectInIdToken
Found 'sub' in id_token
sub
2273b43d-47c3-4ef1-9164-3c0a2c4881cd
2020-07-15 13:52:48 SUCCESS
FAPIValidateIdTokenSigningAlg
id_token was signed with a permitted algorithm
alg
PS256
2020-07-15 13:52:48 INFO
FAPIValidateIdTokenEncryptionAlg
Skipped evaluation due to missing required element: id_token jwe_header
path
jwe_header
mapped
object
id_token
2020-07-15 13:52:48 INFO
ExtractCHash
Couldn't find c_hash in ID token
2020-07-15 13:52:48 INFO
ExtractSHash
Couldn't find s_hash in ID token
2020-07-15 13:52:48 SUCCESS
ExtractAtHash
Extracted at_hash from ID Token
at_hash
mGlzD_SHlYCgkmUPXRcT0A
alg
PS256
2020-07-15 13:52:48 INFO
ValidateCHash
Skipped evaluation due to missing required object: c_hash
expected
c_hash
mapped
2020-07-15 13:52:48 INFO
ValidateSHash
Skipped evaluation due to missing required object: s_hash
expected
s_hash
mapped
2020-07-15 13:52:48 SUCCESS
ValidateAtHash
State hash validated successfully
at_hash
mGlzD_SHlYCgkmUPXRcT0A
Verify at_hash in the authorization endpoint id_token
2020-07-15 13:52:48 INFO
ExtractAtHash
Couldn't find at_hash in ID token
2020-07-15 13:52:48 INFO
ValidateAtHash
Skipped evaluation due to missing required object: at_hash
expected
at_hash
mapped
Resource server endpoint tests
2020-07-15 13:52:48
CreateEmptyResourceEndpointRequestHeaders
Created empty headers
resource_endpoint_request_headers
{}
2020-07-15 13:52:48 SUCCESS
AddFAPIAuthDateToResourceEndpointRequest
Added x-fapi-auth-date to resource endpoint request headers
resource_endpoint_request_headers
{
  "x-fapi-auth-date": "Wed, 15 Jul 2020 13:52:48 GMT"
}
2020-07-15 13:52:48
CreateRandomFAPIInteractionId
Created interaction ID
fapi_interaction_id
9ff4ed4e-cd25-4f71-ace9-3e58961227c9
2020-07-15 13:52:48
AddFAPIInteractionIdToResourceEndpointRequest
Condition ran but did not log anything
2020-07-15 13:52:48
AddFAPIFinancialIdToResourceEndpointRequest
Added x-fapi-financial-id to resource_endpoint_request_headers
2020-07-15 13:52:48
CallProtectedResourceWithBearerTokenAndCustomHeaders
HTTP request
request_uri
https://api.ob.business.hsbc.co.uk/obie/open-banking/v3.1/aisp/accounts
request_method
GET
request_headers
{
  "accept": "application/json;charset\u003dUTF-8",
  "x-fapi-auth-date": "Wed, 15 Jul 2020 13:52:48 GMT",
  "x-fapi-interaction-id": "9ff4ed4e-cd25-4f71-ace9-3e58961227c9",
  "x-fapi-financial-id": "00158000016i44JAAQ",
  "authorization": "Bearer L0Y09EaCCsHkanGrSBboMbO7Tjo",
  "accept-charset": "utf-8",
  "content-length": "0"
}
request_body

                                
request_mutual_tls
{
  "cert": "MIIGMzCCBRugAwIBAgIEWf+FWzANBgkqhkiG9w0BAQsFADBEMQswCQYDVQQGEwJHQjEUMBIGA1UEChMLT3BlbkJhbmtpbmcxHzAdBgNVBAMTFk9wZW5CYW5raW5nIElzc3VpbmcgQ0EwHhcNMTkxMTA2MDgzMTEwWhcNMjExMTA2MDkwMTEwWjBgMQswCQYDVQQGEwJHQjEZMBcGA1UEChMQSFNCQyBVSyBCYW5rIFBsYzEZMBcGA1UEYRMQUFNER0ItRkNBLTc2NTExMjEbMBkGA1UEAxMSMDAxNTgwMDAwMTZpNDRKQUFRMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw+YPyQLOEqt6LGPPDOLN7HuZg0HpDgxbtBkh3Wz7piWw7tBkcF7tXd+UwNMpkeWi9cK+IcRKswQojH7CI58byl3er2F0XzRhvYFQXgX157M+uEnvTNpFXMz7uofuXVnZn4QAtr4R4VZEFSWcdLypwspzhND+cQbIbVEXYy1wtCi8rJB1QUFq/H3LGzlyh4ftMhqWg7gK1SMNmRir2g96dpJ4qXeBh6UBfOHLLcnikKhzug0doBUkWyUH+uoWxgIbYy+yIk+1kR5W3US+FN/Vi10echoW9gRPKi4EgNkinmB6Xsxtm6lH8e1u1vQdFUUEjGPlsa59zal/kaWZDRobsQIDAQABo4IDDzCCAwswDgYDVR0PAQH/BAQDAgeAMIGLBggrBgEFBQcBAwR/MH0wEwYGBACORgEGMAkGBwQAjkYBBgMwZgYGBACBmCcCMFwwNTAzBgcEAIGYJwECDAZQU1BfUEkGBwQAgZgnAQMMBlBTUF9BSQYHBACBmCcBBAwGUFNQX0lDDBtGaW5hbmNpYWwgQ29uZHVjdCBBdXRob3JpdHkMBkdCLUZDQTAgBgNVHSUBAf8EFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwggFSBgNVHSAEggFJMIIBRTCCAUEGCysGAQQBqHWBBgEBMIIBMDA1BggrBgEFBQcCARYpaHR0cDovL29iLnRydXN0aXMuY29tL3Byb2R1Y3Rpb24vcG9saWNpZXMwgfYGCCsGAQUFBwICMIHpDIHmVGhpcyBDZXJ0aWZpY2F0ZSBpcyBzb2xlbHkgZm9yIHVzZSB3aXRoIE9wZW4gQmFua2luZyBMaW1pdGVkIGFuZCBhc3NvY2lhdGVkIE9wZW4gQmFua2luZyBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNlIGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIE9wZW4gQmFua2luZyBMaW1pdGVkIENlcnRpZmljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhlcmVpbi4wcgYIKwYBBQUHAQEEZjBkMCYGCCsGAQUFBzABhhpodHRwOi8vb2IudHJ1c3Rpcy5jb20vb2NzcDA6BggrBgEFBQcwAoYuaHR0cDovL29iLnRydXN0aXMuY29tL3Byb2R1Y3Rpb24vaXNzdWluZ2NhLmNydDA/BgNVHR8EODA2MDSgMqAwhi5odHRwOi8vb2IudHJ1c3Rpcy5jb20vcHJvZHVjdGlvbi9pc3N1aW5nY2EuY3JsMB8GA1UdIwQYMBaAFJ9Jv042p6zDDyvIR/QfKRvAeQsFMB0GA1UdDgQWBBSVMH4pucCvv1fh9uCqjd8NifLutjANBgkqhkiG9w0BAQsFAAOCAQEAWsgAUN4+7KbGzA4qGWdcJmuzEKKivazwUETyW85+WxJUFw0AMbBTqvwH9MPjU9hbkM7JnMDhwz4bcGpIJJyKRo8oJx9sAa6jaEMFPfHiyhiZNhBRAekblmHcyQ1FxGj3x1kYl8aU7a8W5U7s78ie3dgm6CMtzNkzO2PKO0akngRu/2Qgtc6gyxuBLvJhUblbXYHfw5zcEMTvqtLyv62vJN24FaR33nOmagtkUinK6K6fsHuep0se/5OYVImbmbX8/29K2XOP69JQgsCxED30orTNDiRdS8nJYpNG7pyBKFnn4mG46UNH2AB7nBlWdqhnTtvuWWUpUtnE2KYV75CW3A\u003d\u003d",
  "key": "MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDD5g/JAs4Sq3osY88M4s3se5mDQekODFu0GSHdbPumJbDu0GRwXu1d35TA0ymR5aL1wr4hxEqzBCiMfsIjnxvKXd6vYXRfNGG9gVBeBfXnsz64Se9M2kVczPu6h+5dWdmfhAC2vhHhVkQVJZx0vKnCynOE0P5xBshtURdjLXC0KLyskHVBQWr8fcsbOXKHh+0yGpaDuArVIw2ZGKvaD3p2knipd4GHpQF84cstyeKQqHO6DR2gFSRbJQf66hbGAhtjL7IiT7WRHlbdRL4U39WLXR5yGhb2BE8qLgSA2SKeYHpezG2bqUfx7W7W9B0VRQSMY+Wxrn3NqX+RpZkNGhuxAgMBAAECggEAcy+oYnJCx1mKqeU6DoKhwIZgmnw70+XSWhBZCECXq3cIFTP1itlWStc3OTYwgDf9XPJYJ7Sqk55DVXEHKDja91/Am3D7IyvCuNH7dn2cvNN5cpUOnyrMlCd3cJOSxdMaEiBk5w7VpqC5wZFu8HkqfH3b9OGKat0pJpYC4W8LkPJHMW1C6AYEDRJa4bQj6NuHn4TsTKazZWsA+VkaAPIu6fJd8z9GVGwmmLQGt+K+hI8V6gsAu6LG2/C7zGcj6SCLcx9DsRXWSO8K9znd4POla+dTIKVEtjTI3Jg5NvqMZc98DYutBoYGVWM6OEAd2jXPn65UTjVO4zFPKxl1QOeSAQKBgQDuvbPrtZUAlQts7lUdVGc/mv54pNuA3hwwPiM8k/Ts8qMRAlSb93vVz58xXu/ALUpWDNwSkKd5WYdsxH3qxpkrLG4bwYVV9KV08GVQmQ6H8PAC6w9gbg9UgxT8xsnVZJIaKA0ndrBZTmYBLXsBDu1GeiyD4gO1GnlV2at47IHDUQKBgQDSD32K2IYaaVFFbbsB4Rs9nDweZD0+y4su/Gkec3TUZg076nb74vyHBfbTDCB9r2cpNV3hYe2kNksNNf27O3t7jYvbiFrFIRINJspO0cCBoUbyuXf1u34R7amXA9k+Fwd521msjm9Dh+pqk4qRQdKSXkGIfCgYm+ieZikXY5L6YQKBgGAo/rg5CkwSvGhi0tuebHvdFRRI6rTMQbRYwt6ahbOOw4mNU8ECfNmQ6AD9yTmxxFhGk7nSk/I30mlH96PB3F3cZnk9iFQn1yDz1wsQqx6sODAkt6vSiNA0gBaUhyUxffuVGD9F+h/uiP1+cSXq+j1B5n40YePnRuoCY6OwN1ARAoGADLIk+1RU3pnI8LJOIDHzzIh51bhnPzlcIy3cSJvfzsqQODPWlyjD7IE+xsiv2gjU6lewYePiUg95/8VonX1d3DzU3CLkoY97INJcXeEtimgt+pOdHXwEhZ7gpiD0a11G9WV9iQFe1i0LzP8328mnqXMK8O3YGoypxZEVILXC92ECgYBi9WbaNoElxoXdrie8wPPFZRp6xs2gZGj4Px/HjuT9hY2nKl9NIcqogAyVuVmAp82N4YBwzW0bZ+KSn1aVnPLgfXEy3f3OglfiI4I7/cBA9xwC6fLO1uQ1aD3bQTSiukqGAQhS3mTGInr5WpPeGsWNHozKBohROHw/n1Ugz8ejLQ\u003d\u003d"
}
2020-07-15 13:52:49 RESPONSE
CallProtectedResourceWithBearerTokenAndCustomHeaders
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "server": "nginx",
  "date": "Wed, 15 Jul 2020 13:52:49 GMT",
  "content-type": "application/json;charset\u003dUTF-8",
  "content-length": "401",
  "connection": "keep-alive",
  "x-amzn-requestid": "aeb832c0-75ae-435a-8bb8-79433fbe14d2",
  "x-amz-apigw-id": "Pt6HqFNujoEFbZA\u003d",
  "x-fapi-interaction-id": "9ff4ed4e-cd25-4f71-ace9-3e58961227c9",
  "x-amzn-trace-id": "Root\u003d1-5f0f0a30-e3b5bd2be1dde4ef8a75788e;Sampled\u003d1",
  "x-xss-protection": "1; mode\u003dblock",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "strict-transport-security": "max-age\u003d31536000; includeSubDomains"
}
response_body
{
  "Data" : {
    "Account" : [ {
      "AccountId" : "buf8zdfqy252c7fvj8oe35g15923mcv916er",
      "Currency" : "GBP",
      "AccountType" : "Business",
      "AccountSubType" : "CurrentAccount",
      "Description" : "BUSINESS A/C",
      "Nickname" : "NRFB BIB"
    } ]
  },
  "Links" : {
    "Self" : "https://api.ob.business.hsbc.co.uk/obie/open-banking/v3.1/aisp/accounts"
  },
  "Meta" : { }
}
2020-07-15 13:52:49 SUCCESS
CallProtectedResourceWithBearerTokenAndCustomHeaders
Got a response from the resource endpoint
headers
{
  "server": "nginx",
  "date": "Wed, 15 Jul 2020 13:52:49 GMT",
  "content-type": "application/json;charset\u003dUTF-8",
  "content-length": "401",
  "connection": "keep-alive",
  "x-amzn-requestid": "aeb832c0-75ae-435a-8bb8-79433fbe14d2",
  "x-amz-apigw-id": "Pt6HqFNujoEFbZA\u003d",
  "x-fapi-interaction-id": "9ff4ed4e-cd25-4f71-ace9-3e58961227c9",
  "x-amzn-trace-id": "Root\u003d1-5f0f0a30-e3b5bd2be1dde4ef8a75788e;Sampled\u003d1",
  "x-xss-protection": "1; mode\u003dblock",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "strict-transport-security": "max-age\u003d31536000; includeSubDomains"
}
status_code
{
  "code": 200
}
body
{
  "Data" : {
    "Account" : [ {
      "AccountId" : "buf8zdfqy252c7fvj8oe35g15923mcv916er",
      "Currency" : "GBP",
      "AccountType" : "Business",
      "AccountSubType" : "CurrentAccount",
      "Description" : "BUSINESS A/C",
      "Nickname" : "NRFB BIB"
    } ]
  },
  "Links" : {
    "Self" : "https://api.ob.business.hsbc.co.uk/obie/open-banking/v3.1/aisp/accounts"
  },
  "Meta" : { }
}
2020-07-15 13:52:49 SUCCESS
CheckForDateHeaderInResourceResponse
Date header present and validated
date
Wed, 15 Jul 2020 13:52:49 GMT
skew
516
2020-07-15 13:52:49 SUCCESS
CheckForFAPIInteractionIdInResourceResponse
Found x-fapi-interaction-id
interaction_id
9ff4ed4e-cd25-4f71-ace9-3e58961227c9
2020-07-15 13:52:49 SUCCESS
EnsureMatchingFAPIInteractionId
Interaction ID matched
fapi_interaction_id
9ff4ed4e-cd25-4f71-ace9-3e58961227c9
2020-07-15 13:52:49 SUCCESS
EnsureResourceResponseReturnedJsonContentType
Response content type is JSON
content_type
application/json;charset=UTF-8
Attempting reuse of authorisation code & testing if access token is revoked
2020-07-15 13:52:49 SUCCESS
WaitForOneSecond
Pausing for 1 seconds
2020-07-15 13:52:50 SUCCESS
WaitForOneSecond
Woke up after 1 seconds sleep
2020-07-15 13:52:50
CallTokenEndpointAndReturnFullResponse
HTTP request
request_uri
https://api.ob.business.hsbc.co.uk/obie/open-banking/v1.1/oauth2/token
request_method
POST
request_headers
{
  "accept": "application/json;charset\u003dUTF-8",
  "accept-charset": "utf-8",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "208"
}
request_body
grant_type=authorization_code&code=uXkjnoP2fmwvpHRiR_-SDeqocIU&redirect_uri=https%3A%2F%2Fwww.certification.openid.net%2Ftest%2Fa%2F0015800000jeox1AAA%2Fcallback&client_id=a7c8a199-a747-484f-aab3-fc383e7e0c10
request_mutual_tls
{
  "cert": "MIIGMzCCBRugAwIBAgIEWf+FWzANBgkqhkiG9w0BAQsFADBEMQswCQYDVQQGEwJHQjEUMBIGA1UEChMLT3BlbkJhbmtpbmcxHzAdBgNVBAMTFk9wZW5CYW5raW5nIElzc3VpbmcgQ0EwHhcNMTkxMTA2MDgzMTEwWhcNMjExMTA2MDkwMTEwWjBgMQswCQYDVQQGEwJHQjEZMBcGA1UEChMQSFNCQyBVSyBCYW5rIFBsYzEZMBcGA1UEYRMQUFNER0ItRkNBLTc2NTExMjEbMBkGA1UEAxMSMDAxNTgwMDAwMTZpNDRKQUFRMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw+YPyQLOEqt6LGPPDOLN7HuZg0HpDgxbtBkh3Wz7piWw7tBkcF7tXd+UwNMpkeWi9cK+IcRKswQojH7CI58byl3er2F0XzRhvYFQXgX157M+uEnvTNpFXMz7uofuXVnZn4QAtr4R4VZEFSWcdLypwspzhND+cQbIbVEXYy1wtCi8rJB1QUFq/H3LGzlyh4ftMhqWg7gK1SMNmRir2g96dpJ4qXeBh6UBfOHLLcnikKhzug0doBUkWyUH+uoWxgIbYy+yIk+1kR5W3US+FN/Vi10echoW9gRPKi4EgNkinmB6Xsxtm6lH8e1u1vQdFUUEjGPlsa59zal/kaWZDRobsQIDAQABo4IDDzCCAwswDgYDVR0PAQH/BAQDAgeAMIGLBggrBgEFBQcBAwR/MH0wEwYGBACORgEGMAkGBwQAjkYBBgMwZgYGBACBmCcCMFwwNTAzBgcEAIGYJwECDAZQU1BfUEkGBwQAgZgnAQMMBlBTUF9BSQYHBACBmCcBBAwGUFNQX0lDDBtGaW5hbmNpYWwgQ29uZHVjdCBBdXRob3JpdHkMBkdCLUZDQTAgBgNVHSUBAf8EFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwggFSBgNVHSAEggFJMIIBRTCCAUEGCysGAQQBqHWBBgEBMIIBMDA1BggrBgEFBQcCARYpaHR0cDovL29iLnRydXN0aXMuY29tL3Byb2R1Y3Rpb24vcG9saWNpZXMwgfYGCCsGAQUFBwICMIHpDIHmVGhpcyBDZXJ0aWZpY2F0ZSBpcyBzb2xlbHkgZm9yIHVzZSB3aXRoIE9wZW4gQmFua2luZyBMaW1pdGVkIGFuZCBhc3NvY2lhdGVkIE9wZW4gQmFua2luZyBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNlIGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIE9wZW4gQmFua2luZyBMaW1pdGVkIENlcnRpZmljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhlcmVpbi4wcgYIKwYBBQUHAQEEZjBkMCYGCCsGAQUFBzABhhpodHRwOi8vb2IudHJ1c3Rpcy5jb20vb2NzcDA6BggrBgEFBQcwAoYuaHR0cDovL29iLnRydXN0aXMuY29tL3Byb2R1Y3Rpb24vaXNzdWluZ2NhLmNydDA/BgNVHR8EODA2MDSgMqAwhi5odHRwOi8vb2IudHJ1c3Rpcy5jb20vcHJvZHVjdGlvbi9pc3N1aW5nY2EuY3JsMB8GA1UdIwQYMBaAFJ9Jv042p6zDDyvIR/QfKRvAeQsFMB0GA1UdDgQWBBSVMH4pucCvv1fh9uCqjd8NifLutjANBgkqhkiG9w0BAQsFAAOCAQEAWsgAUN4+7KbGzA4qGWdcJmuzEKKivazwUETyW85+WxJUFw0AMbBTqvwH9MPjU9hbkM7JnMDhwz4bcGpIJJyKRo8oJx9sAa6jaEMFPfHiyhiZNhBRAekblmHcyQ1FxGj3x1kYl8aU7a8W5U7s78ie3dgm6CMtzNkzO2PKO0akngRu/2Qgtc6gyxuBLvJhUblbXYHfw5zcEMTvqtLyv62vJN24FaR33nOmagtkUinK6K6fsHuep0se/5OYVImbmbX8/29K2XOP69JQgsCxED30orTNDiRdS8nJYpNG7pyBKFnn4mG46UNH2AB7nBlWdqhnTtvuWWUpUtnE2KYV75CW3A\u003d\u003d",
  "key": "MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDD5g/JAs4Sq3osY88M4s3se5mDQekODFu0GSHdbPumJbDu0GRwXu1d35TA0ymR5aL1wr4hxEqzBCiMfsIjnxvKXd6vYXRfNGG9gVBeBfXnsz64Se9M2kVczPu6h+5dWdmfhAC2vhHhVkQVJZx0vKnCynOE0P5xBshtURdjLXC0KLyskHVBQWr8fcsbOXKHh+0yGpaDuArVIw2ZGKvaD3p2knipd4GHpQF84cstyeKQqHO6DR2gFSRbJQf66hbGAhtjL7IiT7WRHlbdRL4U39WLXR5yGhb2BE8qLgSA2SKeYHpezG2bqUfx7W7W9B0VRQSMY+Wxrn3NqX+RpZkNGhuxAgMBAAECggEAcy+oYnJCx1mKqeU6DoKhwIZgmnw70+XSWhBZCECXq3cIFTP1itlWStc3OTYwgDf9XPJYJ7Sqk55DVXEHKDja91/Am3D7IyvCuNH7dn2cvNN5cpUOnyrMlCd3cJOSxdMaEiBk5w7VpqC5wZFu8HkqfH3b9OGKat0pJpYC4W8LkPJHMW1C6AYEDRJa4bQj6NuHn4TsTKazZWsA+VkaAPIu6fJd8z9GVGwmmLQGt+K+hI8V6gsAu6LG2/C7zGcj6SCLcx9DsRXWSO8K9znd4POla+dTIKVEtjTI3Jg5NvqMZc98DYutBoYGVWM6OEAd2jXPn65UTjVO4zFPKxl1QOeSAQKBgQDuvbPrtZUAlQts7lUdVGc/mv54pNuA3hwwPiM8k/Ts8qMRAlSb93vVz58xXu/ALUpWDNwSkKd5WYdsxH3qxpkrLG4bwYVV9KV08GVQmQ6H8PAC6w9gbg9UgxT8xsnVZJIaKA0ndrBZTmYBLXsBDu1GeiyD4gO1GnlV2at47IHDUQKBgQDSD32K2IYaaVFFbbsB4Rs9nDweZD0+y4su/Gkec3TUZg076nb74vyHBfbTDCB9r2cpNV3hYe2kNksNNf27O3t7jYvbiFrFIRINJspO0cCBoUbyuXf1u34R7amXA9k+Fwd521msjm9Dh+pqk4qRQdKSXkGIfCgYm+ieZikXY5L6YQKBgGAo/rg5CkwSvGhi0tuebHvdFRRI6rTMQbRYwt6ahbOOw4mNU8ECfNmQ6AD9yTmxxFhGk7nSk/I30mlH96PB3F3cZnk9iFQn1yDz1wsQqx6sODAkt6vSiNA0gBaUhyUxffuVGD9F+h/uiP1+cSXq+j1B5n40YePnRuoCY6OwN1ARAoGADLIk+1RU3pnI8LJOIDHzzIh51bhnPzlcIy3cSJvfzsqQODPWlyjD7IE+xsiv2gjU6lewYePiUg95/8VonX1d3DzU3CLkoY97INJcXeEtimgt+pOdHXwEhZ7gpiD0a11G9WV9iQFe1i0LzP8328mnqXMK8O3YGoypxZEVILXC92ECgYBi9WbaNoElxoXdrie8wPPFZRp6xs2gZGj4Px/HjuT9hY2nKl9NIcqogAyVuVmAp82N4YBwzW0bZ+KSn1aVnPLgfXEy3f3OglfiI4I7/cBA9xwC6fLO1uQ1aD3bQTSiukqGAQhS3mTGInr5WpPeGsWNHozKBohROHw/n1Ugz8ejLQ\u003d\u003d"
}
2020-07-15 13:52:51 RESPONSE
CallTokenEndpointAndReturnFullResponse
HTTP response
response_status_code
400 BAD_REQUEST
response_status_text
Bad Request
response_headers
{
  "server": "nginx",
  "date": "Wed, 15 Jul 2020 13:52:51 GMT",
  "content-type": "application/json;charset\u003dUTF-8",
  "content-length": "96",
  "connection": "keep-alive",
  "x-amzn-requestid": "0bd8de1f-8840-4331-97c0-e20e295d38a5",
  "x-amz-apigw-id": "Pt6H-Gj3DoEFarg\u003d",
  "x-amzn-trace-id": "Root\u003d1-5f0f0a32-5ee6b9cbf553802accaf8a1d;Sampled\u003d1",
  "strict-transport-security": "max-age\u003d31536000; includeSubDomains"
}
response_body
{"error":"invalid_grant","error_description":"Authorization Code Response Error: invalid_grant"}
2020-07-15 13:52:51 SUCCESS
CallTokenEndpointAndReturnFullResponse
Parsed token endpoint response
error
invalid_grant
error_description
Authorization Code Response Error: invalid_grant
2020-07-15 13:52:51 SUCCESS
CheckTokenEndpointHttpStatus400
Token endpoint http status code was 400
2020-07-15 13:52:51 SUCCESS
CheckTokenEndpointReturnedJsonContentType
token_endpoint_response_headers Content-Type: header is application/json
2020-07-15 13:52:51 SUCCESS
CheckErrorFromTokenEndpointResponseErrorInvalidGrant
Token Endpoint response error returned expected 'error' of 'invalid_grant'
error
invalid_grant
2020-07-15 13:52:51 SUCCESS
ValidateErrorFromTokenEndpointResponseError
Token endpoint response error returned valid 'error' field
error
invalid_grant
2020-07-15 13:52:51 SUCCESS
CheckErrorDescriptionFromTokenEndpointResponseErrorContainsCRLFTAB
token_endpoint_response 'error_description' field does not include CR/LF/TAB
error_description
Authorization Code Response Error: invalid_grant
2020-07-15 13:52:51 SUCCESS
ValidateErrorDescriptionFromTokenEndpointResponseError
token_endpoint_response error returned valid 'error_description' field
error_description
Authorization Code Response Error: invalid_grant
2020-07-15 13:52:51 SUCCESS
ValidateErrorUriFromTokenEndpointResponseError
token_endpoint_response did not include optional 'error_uri' field
2020-07-15 13:52:51
CallProtectedResourceWithBearerTokenExpectingError
HTTP request
request_uri
https://api.ob.business.hsbc.co.uk/obie/open-banking/v3.1/aisp/accounts
request_method
GET
request_headers
{
  "accept": "application/json;charset\u003dUTF-8",
  "x-fapi-auth-date": "Wed, 15 Jul 2020 13:52:48 GMT",
  "x-fapi-interaction-id": "9ff4ed4e-cd25-4f71-ace9-3e58961227c9",
  "x-fapi-financial-id": "00158000016i44JAAQ",
  "authorization": "Bearer L0Y09EaCCsHkanGrSBboMbO7Tjo",
  "accept-charset": "utf-8",
  "content-length": "0"
}
request_body

                                
request_mutual_tls
{
  "cert": "MIIGMzCCBRugAwIBAgIEWf+FWzANBgkqhkiG9w0BAQsFADBEMQswCQYDVQQGEwJHQjEUMBIGA1UEChMLT3BlbkJhbmtpbmcxHzAdBgNVBAMTFk9wZW5CYW5raW5nIElzc3VpbmcgQ0EwHhcNMTkxMTA2MDgzMTEwWhcNMjExMTA2MDkwMTEwWjBgMQswCQYDVQQGEwJHQjEZMBcGA1UEChMQSFNCQyBVSyBCYW5rIFBsYzEZMBcGA1UEYRMQUFNER0ItRkNBLTc2NTExMjEbMBkGA1UEAxMSMDAxNTgwMDAwMTZpNDRKQUFRMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw+YPyQLOEqt6LGPPDOLN7HuZg0HpDgxbtBkh3Wz7piWw7tBkcF7tXd+UwNMpkeWi9cK+IcRKswQojH7CI58byl3er2F0XzRhvYFQXgX157M+uEnvTNpFXMz7uofuXVnZn4QAtr4R4VZEFSWcdLypwspzhND+cQbIbVEXYy1wtCi8rJB1QUFq/H3LGzlyh4ftMhqWg7gK1SMNmRir2g96dpJ4qXeBh6UBfOHLLcnikKhzug0doBUkWyUH+uoWxgIbYy+yIk+1kR5W3US+FN/Vi10echoW9gRPKi4EgNkinmB6Xsxtm6lH8e1u1vQdFUUEjGPlsa59zal/kaWZDRobsQIDAQABo4IDDzCCAwswDgYDVR0PAQH/BAQDAgeAMIGLBggrBgEFBQcBAwR/MH0wEwYGBACORgEGMAkGBwQAjkYBBgMwZgYGBACBmCcCMFwwNTAzBgcEAIGYJwECDAZQU1BfUEkGBwQAgZgnAQMMBlBTUF9BSQYHBACBmCcBBAwGUFNQX0lDDBtGaW5hbmNpYWwgQ29uZHVjdCBBdXRob3JpdHkMBkdCLUZDQTAgBgNVHSUBAf8EFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwggFSBgNVHSAEggFJMIIBRTCCAUEGCysGAQQBqHWBBgEBMIIBMDA1BggrBgEFBQcCARYpaHR0cDovL29iLnRydXN0aXMuY29tL3Byb2R1Y3Rpb24vcG9saWNpZXMwgfYGCCsGAQUFBwICMIHpDIHmVGhpcyBDZXJ0aWZpY2F0ZSBpcyBzb2xlbHkgZm9yIHVzZSB3aXRoIE9wZW4gQmFua2luZyBMaW1pdGVkIGFuZCBhc3NvY2lhdGVkIE9wZW4gQmFua2luZyBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNlIGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIE9wZW4gQmFua2luZyBMaW1pdGVkIENlcnRpZmljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhlcmVpbi4wcgYIKwYBBQUHAQEEZjBkMCYGCCsGAQUFBzABhhpodHRwOi8vb2IudHJ1c3Rpcy5jb20vb2NzcDA6BggrBgEFBQcwAoYuaHR0cDovL29iLnRydXN0aXMuY29tL3Byb2R1Y3Rpb24vaXNzdWluZ2NhLmNydDA/BgNVHR8EODA2MDSgMqAwhi5odHRwOi8vb2IudHJ1c3Rpcy5jb20vcHJvZHVjdGlvbi9pc3N1aW5nY2EuY3JsMB8GA1UdIwQYMBaAFJ9Jv042p6zDDyvIR/QfKRvAeQsFMB0GA1UdDgQWBBSVMH4pucCvv1fh9uCqjd8NifLutjANBgkqhkiG9w0BAQsFAAOCAQEAWsgAUN4+7KbGzA4qGWdcJmuzEKKivazwUETyW85+WxJUFw0AMbBTqvwH9MPjU9hbkM7JnMDhwz4bcGpIJJyKRo8oJx9sAa6jaEMFPfHiyhiZNhBRAekblmHcyQ1FxGj3x1kYl8aU7a8W5U7s78ie3dgm6CMtzNkzO2PKO0akngRu/2Qgtc6gyxuBLvJhUblbXYHfw5zcEMTvqtLyv62vJN24FaR33nOmagtkUinK6K6fsHuep0se/5OYVImbmbX8/29K2XOP69JQgsCxED30orTNDiRdS8nJYpNG7pyBKFnn4mG46UNH2AB7nBlWdqhnTtvuWWUpUtnE2KYV75CW3A\u003d\u003d",
  "key": "MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDD5g/JAs4Sq3osY88M4s3se5mDQekODFu0GSHdbPumJbDu0GRwXu1d35TA0ymR5aL1wr4hxEqzBCiMfsIjnxvKXd6vYXRfNGG9gVBeBfXnsz64Se9M2kVczPu6h+5dWdmfhAC2vhHhVkQVJZx0vKnCynOE0P5xBshtURdjLXC0KLyskHVBQWr8fcsbOXKHh+0yGpaDuArVIw2ZGKvaD3p2knipd4GHpQF84cstyeKQqHO6DR2gFSRbJQf66hbGAhtjL7IiT7WRHlbdRL4U39WLXR5yGhb2BE8qLgSA2SKeYHpezG2bqUfx7W7W9B0VRQSMY+Wxrn3NqX+RpZkNGhuxAgMBAAECggEAcy+oYnJCx1mKqeU6DoKhwIZgmnw70+XSWhBZCECXq3cIFTP1itlWStc3OTYwgDf9XPJYJ7Sqk55DVXEHKDja91/Am3D7IyvCuNH7dn2cvNN5cpUOnyrMlCd3cJOSxdMaEiBk5w7VpqC5wZFu8HkqfH3b9OGKat0pJpYC4W8LkPJHMW1C6AYEDRJa4bQj6NuHn4TsTKazZWsA+VkaAPIu6fJd8z9GVGwmmLQGt+K+hI8V6gsAu6LG2/C7zGcj6SCLcx9DsRXWSO8K9znd4POla+dTIKVEtjTI3Jg5NvqMZc98DYutBoYGVWM6OEAd2jXPn65UTjVO4zFPKxl1QOeSAQKBgQDuvbPrtZUAlQts7lUdVGc/mv54pNuA3hwwPiM8k/Ts8qMRAlSb93vVz58xXu/ALUpWDNwSkKd5WYdsxH3qxpkrLG4bwYVV9KV08GVQmQ6H8PAC6w9gbg9UgxT8xsnVZJIaKA0ndrBZTmYBLXsBDu1GeiyD4gO1GnlV2at47IHDUQKBgQDSD32K2IYaaVFFbbsB4Rs9nDweZD0+y4su/Gkec3TUZg076nb74vyHBfbTDCB9r2cpNV3hYe2kNksNNf27O3t7jYvbiFrFIRINJspO0cCBoUbyuXf1u34R7amXA9k+Fwd521msjm9Dh+pqk4qRQdKSXkGIfCgYm+ieZikXY5L6YQKBgGAo/rg5CkwSvGhi0tuebHvdFRRI6rTMQbRYwt6ahbOOw4mNU8ECfNmQ6AD9yTmxxFhGk7nSk/I30mlH96PB3F3cZnk9iFQn1yDz1wsQqx6sODAkt6vSiNA0gBaUhyUxffuVGD9F+h/uiP1+cSXq+j1B5n40YePnRuoCY6OwN1ARAoGADLIk+1RU3pnI8LJOIDHzzIh51bhnPzlcIy3cSJvfzsqQODPWlyjD7IE+xsiv2gjU6lewYePiUg95/8VonX1d3DzU3CLkoY97INJcXeEtimgt+pOdHXwEhZ7gpiD0a11G9WV9iQFe1i0LzP8328mnqXMK8O3YGoypxZEVILXC92ECgYBi9WbaNoElxoXdrie8wPPFZRp6xs2gZGj4Px/HjuT9hY2nKl9NIcqogAyVuVmAp82N4YBwzW0bZ+KSn1aVnPLgfXEy3f3OglfiI4I7/cBA9xwC6fLO1uQ1aD3bQTSiukqGAQhS3mTGInr5WpPeGsWNHozKBohROHw/n1Ugz8ejLQ\u003d\u003d"
}
2020-07-15 13:52:52 RESPONSE
CallProtectedResourceWithBearerTokenExpectingError
HTTP response
response_status_code
401 UNAUTHORIZED
response_status_text
Unauthorized
response_headers
{
  "server": "nginx",
  "date": "Wed, 15 Jul 2020 13:52:52 GMT",
  "content-type": "application/json",
  "content-length": "0",
  "connection": "keep-alive",
  "x-amzn-requestid": "07fc71ba-09f1-4ee5-ba09-6a14315abde2",
  "x-amzn-errortype": "UnauthorizedException",
  "x-amz-apigw-id": "Pt6IGFoTjoEFVkw\u003d",
  "strict-transport-security": "max-age\u003d31536000; includeSubDomains"
}
response_body

                                
2020-07-15 13:52:52 SUCCESS
CallProtectedResourceWithBearerTokenExpectingError
Resource endpoint returned error
code
401
body

                                
status
Unauthorized
2020-07-15 13:52:52 FINISHED
fapi-rw-id2-attempt-reuse-authorisation-code-after-one-second
Test has run to completion
testmodule_result
PASSED
Test Results