Test Summary

Test Results

Expand All Collapse All
All times are UTC
2022-10-17 09:24:42 INFO
TEST-RUNNER
Test instance KmhvT1rgPIoE7a6 created
baseUrl
https://www.certification.openid.net/test/a/ISVAOP
variant
{
  "client_auth_type": "private_key_jwt",
  "fapi_auth_request_method": "by_value",
  "fapi_profile": "openbanking_uk",
  "fapi_response_mode": "plain_response"
}
alias
ISVAOP
description
planId
Efsx4j3w9wbcb
config
{
  "alias": "ISVAOP",
  "automated_ciba_approval_url": "http://119.81.74.189:31811/authenticator/userResponse?action\u003d{action}\u0026token\u003d{auth_req_id}",
  "server": {
    "discoveryUrl": "https://isamfed.com:6443/isvaop/oauth2/.well-known/openid-configuration"
  },
  "client": {
    "client_id": "client_ukob01",
    "scope": "openid email",
    "jwks": {
      "keys": [
        {
          "p": "5POsvBfNiTqioCBLGaWsOQwTCPkGAECgCeWXqQykp6Cfbfoi1mvbRDAbNPjoLP88bOOt9v528Tpsi8ZuwQRn9XiK8IyyuxIrDaGBvfZCLCK513R8rX3gj-raer-FMaEIpr1bYCTOKBhyhcP46nTwfXNxTwfKFY7O0H8sWcBfF_M",
          "kty": "RSA",
          "q": "oqadQZ4jqFife7hlA2viAEGjJMu8ZRRIx15U19XKw4LbgHYAs3p965WO2lHJqkRUwD1YXZwqOcapUs2samp8JmoZ9j3OavwuRV7qW68_xV3W5xG8lV41RfKLX0c1ny7jJhPWOAbuJzjp3okjqy3hUBZ8Y2B25A2u8fxuhf7U3x0",
          "d": "Z-mgweEYkai9vr_dBYL0LaaHcfVv4D0X638cQIl99VNzZ8h3GqwtLC_zN6kx89S9C8nprfP2NvTegKxs-2bh-FN08k16zolcx6jEkZSgmUOhMLlpmB0qhHWOnYT047y-h9rQ9rZCVxIClJu5Whh8pa_Xlm3BDlbgJBEZSZAwbuWojQ3a-1J6Z8dP6aGqICUxOofz8z2KGxfQnCTmDIyfdCePmBlx7zdFvgq7SI9fDywkfo0ReBmVA4UX9DIbeR2nShZ53Q54rAPzbBLdwD3NzGeGN7Fk53PT3uYVBUq8nNzIwtdaeTRJ7_QxBBy769uG6I2yKIEE3hHldQT0hTs5AQ",
          "e": "AQAB",
          "use": "sig",
          "kid": "ristrettotest",
          "qi": "uzQHF2KOelrHJhOYBmoHkbiQqczkA3AQXOwAQME3P32dFJgOOB6QdCfrg1C2JTobx8Q3EVoko1j96QE2XCrWEBs9oW-4gg4CPGaU7BmVFt0lB88-ZD6E2N0byg2mekYtdGR3ifispEZHdIBP7TxW82in3fn-nB08YMqQAqqIGes",
          "dp": "UcoLBxapwkBEIFfo_DyHDcoWcrojPqvXgDGYwDdYCtoCmlMlZtwY9H8K-R2CM7DqcSvU1cuJyhtI85XrsuBUEwkA-XYJ03JmFvR_WNFESmgNY76lW4UAV-laK0eH2XbhlE9I-Uusqf4xyz97CKbF0ssOy2DI_HKLx0fnHBjw36k",
          "alg": "PS256",
          "dq": "KSaoYMKm2N_bMc0cWXpBCrmQki2ts5EnPLHEG3tuunpwGJdCZCZYl3MWWmwY7qgtHRooMj7hfA6kJlv9BEt-r6VmfiNzByRYfJqgBqRXKRMt3PZi1ROpvNG5q1hz25tcQvT_3Nr8BBZlLTVbPeL0v3OA8w-j5N0FZxnryKEJsI0",
          "n": "kXc19SlD_vUPcIA9Rf43Nd2kyvaPmsF8_BnwmX3N8svnIFlpAcSMeDKRGjpSZpOaVnrHyTeq19CFoTgRt1DT5mUJp9JmsXSZumMbcQBzCiwQvBO988nFCiZAJedAyo05PpuFQgIP0kQInEAevcduDeRWedE7pdb1TGMGnsLl7C3A7KdNBzU0sYooA04OYUGtJAdGaja-tSkZpHUAit7ywS2cBOx5UuNc2_oqWDoE7S_RfxYqouoIV36o0nR_IukvhpdGQ3aX8JVXHSdiuAgOmu3v3X6JKem20f2rt8-mKG0kqBLIYbYHErTwPtaXbs2H6vtRECrTSPlRIbh_j95jhw"
        }
      ]
    },
    "hint_type": "login_hint",
    "hint_value": "testuser"
  },
  "client2": {
    "client_id": "client_ukob02",
    "scope": "openid",
    "jwks": {
      "keys": [
        {
          "p": "_a4hJlGIgqTgO5MjxTa4j4-rnui8ofinPAs2lh5D3YQEQfpVPrEYlv8eo_sPpwkeU1M-PXVT2U59Os56IiKzDhqdQgaIRbq6Si8fhPxPrI4ei-wXuihqF1QDbbAuXf7ZV8_Yx1XCPKadrRNa8TKZWO4vDR30EdDsjL2uhyxdcI8",
          "kty": "RSA",
          "q": "x4GpCUG5Kwo6xv6Wl5UWUuV817mccDDnWVSLqK7Msb58BSfcK7kLrdzSFxBuo_DoK4RYu5K34HbAIzoZuC4cRJXR5QDf6BKxuyyF0qMNrHWpoXSpQOXHR6UowPaNHKfa4pXhcRCj4yo47VkipXEm2tD9bdTB0ydVZTJXrRKw9IE",
          "d": "moWnAjS47_t0jdjYHaubEY3f0MI5lVKwZblDqbkKoYUVfguFTI55opUg6EUGJDX74SM1acfPRpe6P7V9Iet_PoGpunQ4TdD3H4yCetqLBniZPNDn8oeVKkhhj97v-GyLyAWumaEDntO0O566TGUL-a0GwrcfT63Z_A4e0-NCTNyrn-hyy5Ljlw17r9MehxwXhi6wZdZJnu7iPT2UJGYeO9R-qedE_UiBzPYsXCjXV6FrY4awDGvWAr4R24hkI9naj6hIcmJhL-34xh6_hWomFtCHtKkNRSVHjMcIP5HOeK4yUqlRssvr61xzDwxrtv32Tj5JCDFUCc-NM8YVYy3oAQ",
          "e": "AQAB",
          "use": "sig",
          "kid": "conformancetest",
          "qi": "ZIgXA-QKu5WscOoA4paq3INWIFNf34tPa1I2MTe30_fLShaDwwF3F_CzUscVd1k7Mbn_VpuKfK2C5Vqupoyj7uyk1gm-iuWtJYcxTkE61udn5vRq4lnjNzxtQCjHm48ZRnVmpFCMrSbcb2oJMzWFH1aM2vyCwuMcrSckR7YVVUI",
          "dp": "HSWmtWpkzu32vaGYWI6DAiu1wlpnYgzZ2jJHoVP05DzI6HPE26EpfB_v-1NbZwvLKjPEUPdsHOnBxcH3knh-Lj6slut9ONXNlbx4WKVM2jyyEc2cpE0Ec425nx7BFRe1DTvaYnzeBm32a-5vYos3x1oGmfE5G9rvcvRQW0OjsM0",
          "alg": "PS256",
          "dq": "XyYfkCKgRT6jubRB7hlUhESevePwEDHCpIAF-3UiesL2Mx9HijK-tzTRnd5gZh_HGroL96mJuKvqBuL20ThskulBKY65Ot1vlm0thb_uDYowVKhm8GSmHi1Ounjb5AbKBbalxl7BSt4gOFKCi5TjiwiRVYhayHHB8HmKByka7AE",
          "n": "xbLYBJ3SXWsNcLG03ieLj3UcqOQa0z4KHgjDSIytAv9GgKotTJU9skUvXWLJJuHlAh1MjI9rBZenMuUTqvaHvxMxMpDn5sc2GOLxmoM_dJBAPKmLWhNPNlKAJCVDAWHGcydBNLu8_ZkGCKaXbLStWjPl2djokKNU7gJLGEdv_PaT8-DUKH65xJ7sAaEqgsaFjXUuK7eLQG3Dxd64CLpfiCl9szHZldQkV3t44zfdB9KdaZyWiHwqRUe0mdc4Nn3-QZ7PhfY1z2q0fxEetcMyjr_5RLDWgOltneNmxyrbaxNHUMuiSnroemaRXZMxLyx_c8rDL8YRZ5VXToQw2q4EDw"
        }
      ]
    },
    "acr_value": "urn:acr2"
  },
  "resource": {
    "resourceUrl": "https://isamfed.com:6443/isvaop/oauth2/open-banking/v3.1/aisp/",
    "resourceUrlAccountRequests": "https://isamfed.com:6443/isvaop/oauth2/open-banking/v3.1/aisp/",
    "resourceUrlAccountsResource": "https://isamfed.com:6443/isvaop/oauth2/open-banking/v3.1/aisp/"
  },
  "mtls": {
    "cert": "-----BEGIN CERTIFICATE-----\nMIIDtzCCAp+gAwIBAgIUecoZmREQNgLwFH/TMEWLTwb1CB8wDQYJKoZIhvcNAQEL\nBQAwazELMAkGA1UEBhMCU0cxEjAQBgNVBAgMCXNpbmdhcG9yZTESMBAGA1UEBwwJ\nc2luZ2Fwb3JlMQwwCgYDVQQKDANJQk0xETAPBgNVBAsMCHNlY3VyaXR5MRMwEQYD\nVQQDDApjbGllbnRJRDAxMB4XDTIyMDEwNDA0MzE1M1oXDTQxMDkyMTA0MzE1M1ow\nazELMAkGA1UEBhMCU0cxEjAQBgNVBAgMCXNpbmdhcG9yZTESMBAGA1UEBwwJc2lu\nZ2Fwb3JlMQwwCgYDVQQKDANJQk0xETAPBgNVBAsMCHNlY3VyaXR5MRMwEQYDVQQD\nDApjbGllbnRJRDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2CI\nojMF5NdBrY48wKHtvzUHUPlMcHSYgJM4wv67sDXVSCQOZd07spVW6VG4OdDLvCK+\nfhdX+EH5+jUkCfCxn1vCiyK/T6ArZJzdcsjFTtEbqAH+jbITYLa1Og38EI0ARvWy\nPbU4jRd53PKliCRYoZXoKHnEL2fz6voUlIgyBh+0Et++A3RLWPDUnFslJpwwDZl4\nNkttpTrAgbxMt07vyZuO9nmsiC/Ax9u9lFNrtUtX87Njd957IoLE+hOgEKpNp0cw\nrw/P8y0/Vk8HtdzHWf6mqmw4gxnmk9s2MIUxoYRJewqgDU4/f7ukY2Kl++ptLUDR\nUfCuTckS7r+aLIipxQIDAQABo1MwUTAdBgNVHQ4EFgQU/UtMjt5v2kVdyNfPDjij\nZi42WIQwHwYDVR0jBBgwFoAU/UtMjt5v2kVdyNfPDjijZi42WIQwDwYDVR0TAQH/\nBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAWex3c0yfWkszPtF6B4cPUwwTMiwQ\n2GyQxxeV9iOuXoMQ6Nf7IBi3KijaWb17E690/Es4cS0P6WWyWa0pd9e/OWq/7HtA\n86TTiHUp8lkYM0Bc6317SjOYR3E0oIx53pHXtM/afK+ROzAux9xzztKjGyE13cNJ\nYErSggLeMhW0kwUwRU3Wsl4DYwfqbuT62vvbya/Zf6u/lGvMGHoFozRTqPXtboFK\noPLmQXzo92tw1UxRyPmeFiZfIjzee7gOShseCuD2dS59Ie+aD/ymI1FdElDB29J4\nflhKfJxQl0EQTjXaXR4kRw+zB4OzNIjv3FD2F4kq7qsxzyFb14z8bkp/gA\u003d\u003d\n-----END CERTIFICATE-----\n",
    "key": "-----BEGIN RSA PRIVATE KEY-----\nMIIEpAIBAAKCAQEAp2CIojMF5NdBrY48wKHtvzUHUPlMcHSYgJM4wv67sDXVSCQO\nZd07spVW6VG4OdDLvCK+fhdX+EH5+jUkCfCxn1vCiyK/T6ArZJzdcsjFTtEbqAH+\njbITYLa1Og38EI0ARvWyPbU4jRd53PKliCRYoZXoKHnEL2fz6voUlIgyBh+0Et++\nA3RLWPDUnFslJpwwDZl4NkttpTrAgbxMt07vyZuO9nmsiC/Ax9u9lFNrtUtX87Nj\nd957IoLE+hOgEKpNp0cwrw/P8y0/Vk8HtdzHWf6mqmw4gxnmk9s2MIUxoYRJewqg\nDU4/f7ukY2Kl++ptLUDRUfCuTckS7r+aLIipxQIDAQABAoIBAEOmr/MnPlWdb41v\ntTyC9q5XB6sB6JR3fABUARhHj6MMTzWGZU9k2TE4TVWm0xiDPSXAwVADrWnJePlZ\nq0RdRd3MX9iO5daQPZnAEX3Iin9t44jHrZSmClEH6D4b0ur5osgLnMx2R/I3L+lP\nJfrd/fjpt1lMxjAHCz7Jb7INTnLMjBl8Lji9witoeQseo2+SRLanNckCw9t2/Wkq\nlpyTUnVg6icB9QLAh0ASE/zlMdFMYlo1llfxToRpZKQuE0zTXtvMqfkutqSUb8hL\nSBTYuMHOh8aycMB//JgiAMwrHVSVcRn2oMqnk5vm08i/sLK8TT8AGAf8Evn0GJJ8\n8kKHvqECgYEA2Xnd/4+98ZiEnLbkgRPVX7pWVa2ZqCAZ4Cf75cv+IlQ3crJniX0I\nEOpFS71fF8/Ei7DIAELe9zeopQvkUdfzMlC7Rg5AuhJzRIL+FaUFlLJOMz+S7eqi\nLeabclYGIbZrX+n8Xic01oQxRipgV1XMKj+D3MROUoRCWNMS1Xqghe0CgYEAxQbF\nsTjipyvk6ZvrpucqAZ1IVIGiVELGMlUEGmyJ8CgXd3gwmU88RahmwBes0GNzm5hw\ns9J+C/S/zt6gu1pP1g/lEpx4/yxg6MZk8AQEk3VG63Tg2rEzjEIQsz0fTXbO1AVS\nJvEuReB8VCgQEKNYMxrqdHXvpSFHOhQLbvebODkCgYEAgK7e0IjCkQF5fq2t+j69\nJD7DNUFayaPtC7k9EVWqk6+Xe7PbFfy42CF3TYDJkvJqz2mUfqsS+d+iV774pAEP\nM3eXyLVIUZH3SNPl+vLBoaH8KdD1ZPhQbK6mznneePZTBNcUcLXsSv6/lVAf362x\n+FHK+cfivGrsQ1jqLQ25jGUCgYBVrLY2dDgK3YlzE/wK3aZkgVI8fQprfYXVySY5\nn0z0A1sA9mCbqdrZp3rWuPTKwRQ6arVHXJa2+DyX5jMahREGUm8YAraSr2eMkQi/\nXd/nhy3JoU9NiZSSvv+oEUIVWz5g79djW6j1dcJajfk+Yuktf9zHu6jzs17XoHPA\nUydJ8QKBgQCreujKz7G5EEXkwdEqFFolM9A8ZMB2k3t6FaM4P/lEUs+nFkxYz2+r\nxI4HMCE0UOCw58ukQjNmXJhumAAB0HIC28gFVuk8FXPRI46ZRQ4uuqQcSCr3/0yP\nSrJe3uU+IC74iHff9XHmwiHwcpmgsDclyg4Ga5eCf1XNKmZLtu/4Xg\u003d\u003d\n-----END RSA PRIVATE KEY-----\n",
    "ca": "-----BEGIN CERTIFICATE-----\nMIIDtzCCAp+gAwIBAgIUecoZmREQNgLwFH/TMEWLTwb1CB8wDQYJKoZIhvcNAQEL\nBQAwazELMAkGA1UEBhMCU0cxEjAQBgNVBAgMCXNpbmdhcG9yZTESMBAGA1UEBwwJ\nc2luZ2Fwb3JlMQwwCgYDVQQKDANJQk0xETAPBgNVBAsMCHNlY3VyaXR5MRMwEQYD\nVQQDDApjbGllbnRJRDAxMB4XDTIyMDEwNDA0MzE1M1oXDTQxMDkyMTA0MzE1M1ow\nazELMAkGA1UEBhMCU0cxEjAQBgNVBAgMCXNpbmdhcG9yZTESMBAGA1UEBwwJc2lu\nZ2Fwb3JlMQwwCgYDVQQKDANJQk0xETAPBgNVBAsMCHNlY3VyaXR5MRMwEQYDVQQD\nDApjbGllbnRJRDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2CI\nojMF5NdBrY48wKHtvzUHUPlMcHSYgJM4wv67sDXVSCQOZd07spVW6VG4OdDLvCK+\nfhdX+EH5+jUkCfCxn1vCiyK/T6ArZJzdcsjFTtEbqAH+jbITYLa1Og38EI0ARvWy\nPbU4jRd53PKliCRYoZXoKHnEL2fz6voUlIgyBh+0Et++A3RLWPDUnFslJpwwDZl4\nNkttpTrAgbxMt07vyZuO9nmsiC/Ax9u9lFNrtUtX87Njd957IoLE+hOgEKpNp0cw\nrw/P8y0/Vk8HtdzHWf6mqmw4gxnmk9s2MIUxoYRJewqgDU4/f7ukY2Kl++ptLUDR\nUfCuTckS7r+aLIipxQIDAQABo1MwUTAdBgNVHQ4EFgQU/UtMjt5v2kVdyNfPDjij\nZi42WIQwHwYDVR0jBBgwFoAU/UtMjt5v2kVdyNfPDjijZi42WIQwDwYDVR0TAQH/\nBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAWex3c0yfWkszPtF6B4cPUwwTMiwQ\n2GyQxxeV9iOuXoMQ6Nf7IBi3KijaWb17E690/Es4cS0P6WWyWa0pd9e/OWq/7HtA\n86TTiHUp8lkYM0Bc6317SjOYR3E0oIx53pHXtM/afK+ROzAux9xzztKjGyE13cNJ\nYErSggLeMhW0kwUwRU3Wsl4DYwfqbuT62vvbya/Zf6u/lGvMGHoFozRTqPXtboFK\noPLmQXzo92tw1UxRyPmeFiZfIjzee7gOShseCuD2dS59Ie+aD/ymI1FdElDB29J4\nflhKfJxQl0EQTjXaXR4kRw+zB4OzNIjv3FD2F4kq7qsxzyFb14z8bkp/gA\u003d\u003d\n-----END CERTIFICATE-----\n"
  },
  "mtls2": {
    "cert": "-----BEGIN CERTIFICATE-----\nMIIDtzCCAp+gAwIBAgIUWzVEE6ZzNUl6kwxJgrUgERqiDXkwDQYJKoZIhvcNAQEL\nBQAwazELMAkGA1UEBhMCU0cxEjAQBgNVBAgMCXNpbmdhcG9yZTESMBAGA1UEBwwJ\nc2luZ2Fwb3JlMQwwCgYDVQQKDANJQk0xETAPBgNVBAsMCHNlY3VyaXR5MRMwEQYD\nVQQDDApjbGllbnRJRDAyMB4XDTIyMDEwNDA0MzQxNloXDTQxMDkyMTA0MzQxNlow\nazELMAkGA1UEBhMCU0cxEjAQBgNVBAgMCXNpbmdhcG9yZTESMBAGA1UEBwwJc2lu\nZ2Fwb3JlMQwwCgYDVQQKDANJQk0xETAPBgNVBAsMCHNlY3VyaXR5MRMwEQYDVQQD\nDApjbGllbnRJRDAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxFSV\n37045EHSIKgQ+yofftUN/Ym1kv17rx1G92uepLHgw1Ar+Qvoq2w6La1k9tGZuMMY\nC8RmlqT+7S6Z5LP4AjKByW+1vX6zJPN6xmEnDFDd420MIqC56cqs3JyfJEybhVRd\nLCgGvz3uZ7dewKm+oiLECOGAST0jzMc5szzxtvkN5jyURUAaYhLqjlsqpS2XM79A\nsJIRQy/XsYux1wf42CFvS1Ves3N/aTbO5N6VA5h4KA1k+7/F1HlP+J1rB2dk7zsS\nnwvsGLvV1r5Eb5XP8DphKZ+xtJmANNo3NiNONxuV0T7HOXzrqgp2VDt9tXuJOClr\nEJEJJnAUJ7cYXtn8uQIDAQABo1MwUTAdBgNVHQ4EFgQUAZeJHIZu9VunYouyoHf/\nQODzbREwHwYDVR0jBBgwFoAUAZeJHIZu9VunYouyoHf/QODzbREwDwYDVR0TAQH/\nBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAft9Mp/WpGdRF1sCzVG2r7SHxaxTG\nfWC+iZJBVZfFTJcthDawCW3xIfQb0RUrtGWTKBgpCp8GSCxFYPuri/nZn2vRbujn\n3woK2siXWS64bYDUOJ3xHvt3/j0PPGRfQ3faSXjdvtkE7ayLRKdb132rBd2k7oBq\nIZkM3ezvXg49KupJfOYTaqNezA4TTXaLFL+7BbY8IFPYHE+t66K68DNbypr3Q8pP\n2ZCHE3YLS3RG+Ql2EYSGABKNbeRcipONYPvtsiZt4k44vCDRUC5DXdC6C9KeEjrL\np5ycJYgdT+YqD34Rd89u/yjgvlo3Bcv0mhEO1sS4jaG3IRkZZsCoUEFSvQ\u003d\u003d\n-----END CERTIFICATE-----\n",
    "key": "-----BEGIN RSA PRIVATE KEY-----\nMIIEogIBAAKCAQEAxFSV37045EHSIKgQ+yofftUN/Ym1kv17rx1G92uepLHgw1Ar\n+Qvoq2w6La1k9tGZuMMYC8RmlqT+7S6Z5LP4AjKByW+1vX6zJPN6xmEnDFDd420M\nIqC56cqs3JyfJEybhVRdLCgGvz3uZ7dewKm+oiLECOGAST0jzMc5szzxtvkN5jyU\nRUAaYhLqjlsqpS2XM79AsJIRQy/XsYux1wf42CFvS1Ves3N/aTbO5N6VA5h4KA1k\n+7/F1HlP+J1rB2dk7zsSnwvsGLvV1r5Eb5XP8DphKZ+xtJmANNo3NiNONxuV0T7H\nOXzrqgp2VDt9tXuJOClrEJEJJnAUJ7cYXtn8uQIDAQABAoIBABZVROM5pCIa9qsu\nUxgvF3wXAktoAdahrRMjcnIstNQpQ9cT5Jyk5Sey3P9bLRQCjcj9sFuOUNksFa+n\nUGw6qKifVDI02eifZAN9CudMH+P/wu3e9rVtsRhOLNG/oz6+1CYbjam7N+FDSz5T\nFp018fCBoekctbofEVZ3BzJDaX+VrBn6TSBpzMzibDfnnfbkFkep+91okF9TTLIZ\n+Bjl/f1dVfbMZ6scs2rc7Slp52Od0HZ69gerc7l4IFxCiH2pMMbI6lRESYXlaf4j\n/mTJR/sFnDvbyET1UVU5paAhZ/TLGougAGzLtOEhlxLSjNv/5RfFIs1NPLW8iu68\nOgKL94ECgYEA6Ya6XBXydFof+aeHub7AlYdEA9qnQdqQR88AHlHcLIxkyNlVsPh+\n5/t0SrkJtrspBp233Ne9JTflQYk8/+wBE59NutnKJfzzV04ftm1bmW+gBHT36rZR\nW8WT2Kto73A9SLzhhQSp1a14ff9vULoRwQLtWpAANkqTCUD0Zwe4v+kCgYEA1zl7\nLSMmUpjjR1thITcfHnVtI+0U4ilqcDXUZzoaJsSQ4/oSr8Xc2EbF2KsxqPhq6HKO\nhINsPeN+iA1F0F3+oc32k4PI8NrQtIfLsVEvTQ2LuYsR4a8TNyGH/zk0i/XpRy63\n2BrKcYp6iyb3qQgGMdjsK+PW6PChTa6TaopUpFECgYAWozHTlWkQcGAjImNc1Sn0\nFM26FesaziYoX9+iEMtoIh/u/Gp7IkujD1Qhnjhb117NvmJBbURvpDB8HuKj6Gve\nTBYL4+rdrdyk/PTECWvUvuZjKDeUMCJI5ClF2q/sbhPyxiSScXZJOWyxwh43VCI+\ndJsvqT/sA2Sng/1tM2lsaQKBgGitkWZTuTjlGW3EWQpxp9YFoO6fSc/x+s3WsJcA\nYGXIpvvqzhnlr1MVoPaP1RhssnqZ9Q0oaoXzVsBPTExa2xTRewMmTp4unuGfRofY\nh5v/YZz9sdXFdCAVU/LjXNZR5YL0iwA1j48HnjB95Gi2+WRXMA7swsMK/jktFo/z\n9dTxAoGAYk2kwzCs7xwhsa3/xH5xJauvlclDqelC4R1cS2pzQI+MQIfjR4JccZ8x\nly7HMv+2D9vBModxo/msXGq3QJaAmDHzNhee2+OTuKcDLd7wlwSwqZ9EBvxHuLwI\n7/QZejw68iLHZWQMH57daNZL9X/8VwmF/C8tawAvXmflv+ra3Ec\u003d\n-----END RSA PRIVATE KEY-----\n",
    "ca": "-----BEGIN CERTIFICATE-----\nMIIDtzCCAp+gAwIBAgIUWzVEE6ZzNUl6kwxJgrUgERqiDXkwDQYJKoZIhvcNAQEL\nBQAwazELMAkGA1UEBhMCU0cxEjAQBgNVBAgMCXNpbmdhcG9yZTESMBAGA1UEBwwJ\nc2luZ2Fwb3JlMQwwCgYDVQQKDANJQk0xETAPBgNVBAsMCHNlY3VyaXR5MRMwEQYD\nVQQDDApjbGllbnRJRDAyMB4XDTIyMDEwNDA0MzQxNloXDTQxMDkyMTA0MzQxNlow\nazELMAkGA1UEBhMCU0cxEjAQBgNVBAgMCXNpbmdhcG9yZTESMBAGA1UEBwwJc2lu\nZ2Fwb3JlMQwwCgYDVQQKDANJQk0xETAPBgNVBAsMCHNlY3VyaXR5MRMwEQYDVQQD\nDApjbGllbnRJRDAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxFSV\n37045EHSIKgQ+yofftUN/Ym1kv17rx1G92uepLHgw1Ar+Qvoq2w6La1k9tGZuMMY\nC8RmlqT+7S6Z5LP4AjKByW+1vX6zJPN6xmEnDFDd420MIqC56cqs3JyfJEybhVRd\nLCgGvz3uZ7dewKm+oiLECOGAST0jzMc5szzxtvkN5jyURUAaYhLqjlsqpS2XM79A\nsJIRQy/XsYux1wf42CFvS1Ves3N/aTbO5N6VA5h4KA1k+7/F1HlP+J1rB2dk7zsS\nnwvsGLvV1r5Eb5XP8DphKZ+xtJmANNo3NiNONxuV0T7HOXzrqgp2VDt9tXuJOClr\nEJEJJnAUJ7cYXtn8uQIDAQABo1MwUTAdBgNVHQ4EFgQUAZeJHIZu9VunYouyoHf/\nQODzbREwHwYDVR0jBBgwFoAUAZeJHIZu9VunYouyoHf/QODzbREwDwYDVR0TAQH/\nBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAft9Mp/WpGdRF1sCzVG2r7SHxaxTG\nfWC+iZJBVZfFTJcthDawCW3xIfQb0RUrtGWTKBgpCp8GSCxFYPuri/nZn2vRbujn\n3woK2siXWS64bYDUOJ3xHvt3/j0PPGRfQ3faSXjdvtkE7ayLRKdb132rBd2k7oBq\nIZkM3ezvXg49KupJfOYTaqNezA4TTXaLFL+7BbY8IFPYHE+t66K68DNbypr3Q8pP\n2ZCHE3YLS3RG+Ql2EYSGABKNbeRcipONYPvtsiZt4k44vCDRUC5DXdC6C9KeEjrL\np5ycJYgdT+YqD34Rd89u/yjgvlo3Bcv0mhEO1sS4jaG3IRkZZsCoUEFSvQ\u003d\u003d\n-----END CERTIFICATE-----\n"
  },
  "consent": {}
}
testName
fapi1-advanced-final-ensure-request-object-with-long-nonce
2022-10-17 09:24:42 SUCCESS
CreateRedirectUri
Created redirect URI
redirect_uri
https://www.certification.openid.net/test/a/ISVAOP/callback
2022-10-17 09:24:42
GetDynamicServerConfiguration
HTTP request
request_uri
https://isamfed.com:6443/isvaop/oauth2/.well-known/openid-configuration
request_method
GET
request_headers
{
  "accept": "text/plain, application/json, application/*+json, */*",
  "content-length": "0"
}
request_body

                                
2022-10-17 09:24:43 RESPONSE
GetDynamicServerConfiguration
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "content-type": "application/json",
  "date": "Mon, 17 Oct 2022 09:24:43 GMT",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "transfer-encoding": "chunked",
  "x-correlation-id": "CORR_ID-f1a8bdc9-55e8-41b2-84c3-6791b2b58f2c",
  "strict-transport-security": "max-age\u003d31536000; includeSubDomains"
}
response_body
{"authorization_encryption_alg_values_supported":["none"],"authorization_encryption_enc_values_supported":["none"],"authorization_endpoint":"https://isamfed.com:6443/isvaop/oauth2/authorize","authorization_signing_alg_values_supported":["PS256"],"backchannel_authentication_endpoint":"https://isamfed.com:6443/isvaop/oauth2/ciba","backchannel_authentication_request_signing_alg_values_supported":["RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512"],"backchannel_token_delivery_modes_supported":["poll","ping"],"backchannel_user_code_parameter_supported":false,"claim_types_supported":["normal"],"claims_parameter_supported":true,"claims_supported":["acr","openbanking_intent_id"],"dpop_signing_alg_values_supported":["RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512"],"grant_types_supported":["authorization_code","implicit","password","client_credentials","refresh_token","urn:openid:params:grant-type:ciba"],"id_token_encryption_alg_values_supported":["none"],"id_token_encryption_enc_values_supported":["none"],"id_token_signing_alg_values_supported":["PS256"],"introspection_endpoint":"https://isamfed.com:6443/isvaop/oauth2/introspect","issuer":"https://isamfed.com:6443/isvaop/oauth2","jwks_uri":"https://isamfed.com:6443/isvaop/oauth2/jwks","mtls_endpoint_aliases":{"backchannel_authentication_endpoint":"https://isamfed.com:6443/isvaop/oauth2/ciba","introspection_endpoint":"https://isamfed.com:6443/isvaop/oauth2/introspect","pushed_authorization_request_endpoint":"https://isamfed.com:6443/isvaop/oauth2/par","registration_endpoint":"https://isamfed.com:6443/isvaop/oauth2/register","revocation_endpoint":"https://isamfed.com:6443/isvaop/oauth2/revoke","token_endpoint":"https://isamfed.com:6443/isvaop/oauth2/token"},"pushed_authorization_request_endpoint":"https://isamfed.com:6443/isvaop/oauth2/par","registration_endpoint":"https://isamfed.com:6443/isvaop/oauth2/register","request_object_encryption_alg_values_supported":["none","RSA-OAEP","RSA-OAEP-256"],"request_object_encryption_enc_values_supported":["none","A128GCM","A192GCM","A256GCM"],"request_object_signing_alg_values_supported":["RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512"],"request_parameter_supported":true,"request_uri_parameter_supported":false,"require_pushed_authorization_requests":false,"require_request_uri_registration":false,"response_modes_supported":["query","fragment","form_post","jwt","query.jwt","fragment.jwt","form_post.jwt"],"response_types_supported":["none","code","token","id_token","code token","code id_token","token id_token","code token id_token"],"revocation_endpoint":"https://isamfed.com:6443/isvaop/oauth2/revoke","scopes_supported":["openid","accounts"],"subject_types_supported":["public"],"tls_client_certificate_bound_access_tokens":true,"token_endpoint":"https://isamfed.com:6443/isvaop/oauth2/token","token_endpoint_auth_methods_supported":["client_secret_basic","client_secret_post","private_key_jwt","tls_client_auth"],"token_endpoint_auth_signing_alg_values_supported":["RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512"],"userinfo_encryption_alg_values_supported":["none"],"userinfo_encryption_enc_values_supported":["none"],"userinfo_endpoint":"https://isamfed.com:6443/isvaop/oauth2/userinfo","userinfo_signing_alg_values_supported":["PS256"]}
2022-10-17 09:24:43 SUCCESS
GetDynamicServerConfiguration
Successfully parsed server configuration
authorization_encryption_alg_values_supported
[
  "none"
]
authorization_encryption_enc_values_supported
[
  "none"
]
authorization_endpoint
https://isamfed.com:6443/isvaop/oauth2/authorize
authorization_signing_alg_values_supported
[
  "PS256"
]
backchannel_authentication_endpoint
https://isamfed.com:6443/isvaop/oauth2/ciba
backchannel_authentication_request_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "PS256",
  "PS384",
  "PS512",
  "ES256",
  "ES384",
  "ES512"
]
backchannel_token_delivery_modes_supported
[
  "poll",
  "ping"
]
backchannel_user_code_parameter_supported
false
claim_types_supported
[
  "normal"
]
claims_parameter_supported
true
claims_supported
[
  "acr",
  "openbanking_intent_id"
]
dpop_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "PS256",
  "PS384",
  "PS512",
  "ES256",
  "ES384",
  "ES512"
]
grant_types_supported
[
  "authorization_code",
  "implicit",
  "password",
  "client_credentials",
  "refresh_token",
  "urn:openid:params:grant-type:ciba"
]
id_token_encryption_alg_values_supported
[
  "none"
]
id_token_encryption_enc_values_supported
[
  "none"
]
id_token_signing_alg_values_supported
[
  "PS256"
]
introspection_endpoint
https://isamfed.com:6443/isvaop/oauth2/introspect
issuer
https://isamfed.com:6443/isvaop/oauth2
jwks_uri
https://isamfed.com:6443/isvaop/oauth2/jwks
mtls_endpoint_aliases
{
  "backchannel_authentication_endpoint": "https://isamfed.com:6443/isvaop/oauth2/ciba",
  "introspection_endpoint": "https://isamfed.com:6443/isvaop/oauth2/introspect",
  "pushed_authorization_request_endpoint": "https://isamfed.com:6443/isvaop/oauth2/par",
  "registration_endpoint": "https://isamfed.com:6443/isvaop/oauth2/register",
  "revocation_endpoint": "https://isamfed.com:6443/isvaop/oauth2/revoke",
  "token_endpoint": "https://isamfed.com:6443/isvaop/oauth2/token"
}
pushed_authorization_request_endpoint
https://isamfed.com:6443/isvaop/oauth2/par
registration_endpoint
https://isamfed.com:6443/isvaop/oauth2/register
request_object_encryption_alg_values_supported
[
  "none",
  "RSA-OAEP",
  "RSA-OAEP-256"
]
request_object_encryption_enc_values_supported
[
  "none",
  "A128GCM",
  "A192GCM",
  "A256GCM"
]
request_object_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "PS256",
  "PS384",
  "PS512",
  "ES256",
  "ES384",
  "ES512"
]
request_parameter_supported
true
request_uri_parameter_supported
false
require_pushed_authorization_requests
false
require_request_uri_registration
false
response_modes_supported
[
  "query",
  "fragment",
  "form_post",
  "jwt",
  "query.jwt",
  "fragment.jwt",
  "form_post.jwt"
]
response_types_supported
[
  "none",
  "code",
  "token",
  "id_token",
  "code token",
  "code id_token",
  "token id_token",
  "code token id_token"
]
revocation_endpoint
https://isamfed.com:6443/isvaop/oauth2/revoke
scopes_supported
[
  "openid",
  "accounts"
]
subject_types_supported
[
  "public"
]
tls_client_certificate_bound_access_tokens
true
token_endpoint
https://isamfed.com:6443/isvaop/oauth2/token
token_endpoint_auth_methods_supported
[
  "client_secret_basic",
  "client_secret_post",
  "private_key_jwt",
  "tls_client_auth"
]
token_endpoint_auth_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "PS256",
  "PS384",
  "PS512",
  "ES256",
  "ES384",
  "ES512"
]
userinfo_encryption_alg_values_supported
[
  "none"
]
userinfo_encryption_enc_values_supported
[
  "none"
]
userinfo_endpoint
https://isamfed.com:6443/isvaop/oauth2/userinfo
userinfo_signing_alg_values_supported
[
  "PS256"
]
2022-10-17 09:24:43 SUCCESS
AddMTLSEndpointAliasesToEnvironment
Added mtls_endpoint_aliases to environment
2022-10-17 09:24:43 SUCCESS
CheckServerConfiguration
Found required server configuration keys
required
[
  "authorization_endpoint",
  "token_endpoint",
  "issuer"
]
2022-10-17 09:24:43
FetchServerKeys
Fetching server key
jwks_uri
https://isamfed.com:6443/isvaop/oauth2/jwks
2022-10-17 09:24:43
FetchServerKeys
HTTP request
request_uri
https://isamfed.com:6443/isvaop/oauth2/jwks
request_method
GET
request_headers
{
  "accept": "text/plain, application/json, application/*+json, */*",
  "content-length": "0"
}
request_body

                                
2022-10-17 09:24:44 RESPONSE
FetchServerKeys
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "content-length": "419",
  "content-type": "application/json",
  "date": "Mon, 17 Oct 2022 09:24:44 GMT",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-correlation-id": "CORR_ID-f6e3aad9-d915-4f9a-9995-e06dfa2aeda9",
  "strict-transport-security": "max-age\u003d31536000; includeSubDomains"
}
response_body
{"keys":[{"use":"sig","kty":"RSA","kid":"httpserverkey","n":"3H8uKbaU0gNgxIzNOI8z19pzicShxM4nd_cs4DqmQU9SCxtjfzyVHpxe-Arg8gr01YoEkIOrz2JJ1G12fNDu7Fepgyy_ZCfqqqstPCj7vmQFC7_XHrDi_xooPT2kfrzHgxUANMe1Kd0Ry2gVexQCrJyDHnLvuYGyA_wQwN3GTHhwB2SfECwnTL87-HICyviTfEqlIU3ymu3u3YeTB5J765i9uT2JtZco9VMtoiR4Hm_e5xSnQmNx3StTiUQrsMo28IxLFgNKAq-aUDvaZ0ulgOp9V-DOlGpBnxSd0G2I58otDC7J7oQ5xhkX6FB1RnMBHgiFSZ492fyJgILkxoUCwQ","e":"AQAB"}]}
2022-10-17 09:24:44
FetchServerKeys
Found JWK set string
jwk_string
{"keys":[{"use":"sig","kty":"RSA","kid":"httpserverkey","n":"3H8uKbaU0gNgxIzNOI8z19pzicShxM4nd_cs4DqmQU9SCxtjfzyVHpxe-Arg8gr01YoEkIOrz2JJ1G12fNDu7Fepgyy_ZCfqqqstPCj7vmQFC7_XHrDi_xooPT2kfrzHgxUANMe1Kd0Ry2gVexQCrJyDHnLvuYGyA_wQwN3GTHhwB2SfECwnTL87-HICyviTfEqlIU3ymu3u3YeTB5J765i9uT2JtZco9VMtoiR4Hm_e5xSnQmNx3StTiUQrsMo28IxLFgNKAq-aUDvaZ0ulgOp9V-DOlGpBnxSd0G2I58otDC7J7oQ5xhkX6FB1RnMBHgiFSZ492fyJgILkxoUCwQ","e":"AQAB"}]}
2022-10-17 09:24:44 SUCCESS
FetchServerKeys
Found server JWK set
server_jwks
{
  "keys": [
    {
      "use": "sig",
      "kty": "RSA",
      "kid": "httpserverkey",
      "n": "3H8uKbaU0gNgxIzNOI8z19pzicShxM4nd_cs4DqmQU9SCxtjfzyVHpxe-Arg8gr01YoEkIOrz2JJ1G12fNDu7Fepgyy_ZCfqqqstPCj7vmQFC7_XHrDi_xooPT2kfrzHgxUANMe1Kd0Ry2gVexQCrJyDHnLvuYGyA_wQwN3GTHhwB2SfECwnTL87-HICyviTfEqlIU3ymu3u3YeTB5J765i9uT2JtZco9VMtoiR4Hm_e5xSnQmNx3StTiUQrsMo28IxLFgNKAq-aUDvaZ0ulgOp9V-DOlGpBnxSd0G2I58otDC7J7oQ5xhkX6FB1RnMBHgiFSZ492fyJgILkxoUCwQ",
      "e": "AQAB"
    }
  ]
}
2022-10-17 09:24:44 SUCCESS
CheckServerKeysIsValid
Server JWKs is valid
server_jwks
{
  "keys": [
    {
      "use": "sig",
      "kty": "RSA",
      "kid": "httpserverkey",
      "n": "3H8uKbaU0gNgxIzNOI8z19pzicShxM4nd_cs4DqmQU9SCxtjfzyVHpxe-Arg8gr01YoEkIOrz2JJ1G12fNDu7Fepgyy_ZCfqqqstPCj7vmQFC7_XHrDi_xooPT2kfrzHgxUANMe1Kd0Ry2gVexQCrJyDHnLvuYGyA_wQwN3GTHhwB2SfECwnTL87-HICyviTfEqlIU3ymu3u3YeTB5J765i9uT2JtZco9VMtoiR4Hm_e5xSnQmNx3StTiUQrsMo28IxLFgNKAq-aUDvaZ0ulgOp9V-DOlGpBnxSd0G2I58otDC7J7oQ5xhkX6FB1RnMBHgiFSZ492fyJgILkxoUCwQ",
      "e": "AQAB"
    }
  ]
}
2022-10-17 09:24:44 SUCCESS
ValidateServerJWKs
Valid server JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2022-10-17 09:24:44 SUCCESS
CheckForKeyIdInServerJWKs
All keys contain kids
2022-10-17 09:24:44 SUCCESS
EnsureServerJwksDoesNotContainPrivateOrSymmetricKeys
Jwks does not contain any private or symmetric keys
2022-10-17 09:24:44 SUCCESS
FAPIEnsureMinimumServerKeyLength
Validated minimum key lengths for server_jwks
server_jwks
{
  "keys": [
    {
      "use": "sig",
      "kty": "RSA",
      "kid": "httpserverkey",
      "n": "3H8uKbaU0gNgxIzNOI8z19pzicShxM4nd_cs4DqmQU9SCxtjfzyVHpxe-Arg8gr01YoEkIOrz2JJ1G12fNDu7Fepgyy_ZCfqqqstPCj7vmQFC7_XHrDi_xooPT2kfrzHgxUANMe1Kd0Ry2gVexQCrJyDHnLvuYGyA_wQwN3GTHhwB2SfECwnTL87-HICyviTfEqlIU3ymu3u3YeTB5J765i9uT2JtZco9VMtoiR4Hm_e5xSnQmNx3StTiUQrsMo28IxLFgNKAq-aUDvaZ0ulgOp9V-DOlGpBnxSd0G2I58otDC7J7oQ5xhkX6FB1RnMBHgiFSZ492fyJgILkxoUCwQ",
      "e": "AQAB"
    }
  ]
}
2022-10-17 09:24:44 SUCCESS
GetStaticClientConfiguration
Found a static client object
client_id
client_ukob01
scope
openid email
jwks
{
  "keys": [
    {
      "p": "5POsvBfNiTqioCBLGaWsOQwTCPkGAECgCeWXqQykp6Cfbfoi1mvbRDAbNPjoLP88bOOt9v528Tpsi8ZuwQRn9XiK8IyyuxIrDaGBvfZCLCK513R8rX3gj-raer-FMaEIpr1bYCTOKBhyhcP46nTwfXNxTwfKFY7O0H8sWcBfF_M",
      "kty": "RSA",
      "q": "oqadQZ4jqFife7hlA2viAEGjJMu8ZRRIx15U19XKw4LbgHYAs3p965WO2lHJqkRUwD1YXZwqOcapUs2samp8JmoZ9j3OavwuRV7qW68_xV3W5xG8lV41RfKLX0c1ny7jJhPWOAbuJzjp3okjqy3hUBZ8Y2B25A2u8fxuhf7U3x0",
      "d": "Z-mgweEYkai9vr_dBYL0LaaHcfVv4D0X638cQIl99VNzZ8h3GqwtLC_zN6kx89S9C8nprfP2NvTegKxs-2bh-FN08k16zolcx6jEkZSgmUOhMLlpmB0qhHWOnYT047y-h9rQ9rZCVxIClJu5Whh8pa_Xlm3BDlbgJBEZSZAwbuWojQ3a-1J6Z8dP6aGqICUxOofz8z2KGxfQnCTmDIyfdCePmBlx7zdFvgq7SI9fDywkfo0ReBmVA4UX9DIbeR2nShZ53Q54rAPzbBLdwD3NzGeGN7Fk53PT3uYVBUq8nNzIwtdaeTRJ7_QxBBy769uG6I2yKIEE3hHldQT0hTs5AQ",
      "e": "AQAB",
      "use": "sig",
      "kid": "ristrettotest",
      "qi": "uzQHF2KOelrHJhOYBmoHkbiQqczkA3AQXOwAQME3P32dFJgOOB6QdCfrg1C2JTobx8Q3EVoko1j96QE2XCrWEBs9oW-4gg4CPGaU7BmVFt0lB88-ZD6E2N0byg2mekYtdGR3ifispEZHdIBP7TxW82in3fn-nB08YMqQAqqIGes",
      "dp": "UcoLBxapwkBEIFfo_DyHDcoWcrojPqvXgDGYwDdYCtoCmlMlZtwY9H8K-R2CM7DqcSvU1cuJyhtI85XrsuBUEwkA-XYJ03JmFvR_WNFESmgNY76lW4UAV-laK0eH2XbhlE9I-Uusqf4xyz97CKbF0ssOy2DI_HKLx0fnHBjw36k",
      "alg": "PS256",
      "dq": "KSaoYMKm2N_bMc0cWXpBCrmQki2ts5EnPLHEG3tuunpwGJdCZCZYl3MWWmwY7qgtHRooMj7hfA6kJlv9BEt-r6VmfiNzByRYfJqgBqRXKRMt3PZi1ROpvNG5q1hz25tcQvT_3Nr8BBZlLTVbPeL0v3OA8w-j5N0FZxnryKEJsI0",
      "n": "kXc19SlD_vUPcIA9Rf43Nd2kyvaPmsF8_BnwmX3N8svnIFlpAcSMeDKRGjpSZpOaVnrHyTeq19CFoTgRt1DT5mUJp9JmsXSZumMbcQBzCiwQvBO988nFCiZAJedAyo05PpuFQgIP0kQInEAevcduDeRWedE7pdb1TGMGnsLl7C3A7KdNBzU0sYooA04OYUGtJAdGaja-tSkZpHUAit7ywS2cBOx5UuNc2_oqWDoE7S_RfxYqouoIV36o0nR_IukvhpdGQ3aX8JVXHSdiuAgOmu3v3X6JKem20f2rt8-mKG0kqBLIYbYHErTwPtaXbs2H6vtRECrTSPlRIbh_j95jhw"
    }
  ]
}
hint_type
login_hint
hint_value
testuser
2022-10-17 09:24:44 SUCCESS
ValidateMTLSCertificatesHeader
MTLS certificates header is valid
2022-10-17 09:24:44 SUCCESS
ExtractMTLSCertificatesFromConfiguration
Mutual TLS authentication credentials loaded
cert
MIIDtzCCAp+gAwIBAgIUecoZmREQNgLwFH/TMEWLTwb1CB8wDQYJKoZIhvcNAQELBQAwazELMAkGA1UEBhMCU0cxEjAQBgNVBAgMCXNpbmdhcG9yZTESMBAGA1UEBwwJc2luZ2Fwb3JlMQwwCgYDVQQKDANJQk0xETAPBgNVBAsMCHNlY3VyaXR5MRMwEQYDVQQDDApjbGllbnRJRDAxMB4XDTIyMDEwNDA0MzE1M1oXDTQxMDkyMTA0MzE1M1owazELMAkGA1UEBhMCU0cxEjAQBgNVBAgMCXNpbmdhcG9yZTESMBAGA1UEBwwJc2luZ2Fwb3JlMQwwCgYDVQQKDANJQk0xETAPBgNVBAsMCHNlY3VyaXR5MRMwEQYDVQQDDApjbGllbnRJRDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2CIojMF5NdBrY48wKHtvzUHUPlMcHSYgJM4wv67sDXVSCQOZd07spVW6VG4OdDLvCK+fhdX+EH5+jUkCfCxn1vCiyK/T6ArZJzdcsjFTtEbqAH+jbITYLa1Og38EI0ARvWyPbU4jRd53PKliCRYoZXoKHnEL2fz6voUlIgyBh+0Et++A3RLWPDUnFslJpwwDZl4NkttpTrAgbxMt07vyZuO9nmsiC/Ax9u9lFNrtUtX87Njd957IoLE+hOgEKpNp0cwrw/P8y0/Vk8HtdzHWf6mqmw4gxnmk9s2MIUxoYRJewqgDU4/f7ukY2Kl++ptLUDRUfCuTckS7r+aLIipxQIDAQABo1MwUTAdBgNVHQ4EFgQU/UtMjt5v2kVdyNfPDjijZi42WIQwHwYDVR0jBBgwFoAU/UtMjt5v2kVdyNfPDjijZi42WIQwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAWex3c0yfWkszPtF6B4cPUwwTMiwQ2GyQxxeV9iOuXoMQ6Nf7IBi3KijaWb17E690/Es4cS0P6WWyWa0pd9e/OWq/7HtA86TTiHUp8lkYM0Bc6317SjOYR3E0oIx53pHXtM/afK+ROzAux9xzztKjGyE13cNJYErSggLeMhW0kwUwRU3Wsl4DYwfqbuT62vvbya/Zf6u/lGvMGHoFozRTqPXtboFKoPLmQXzo92tw1UxRyPmeFiZfIjzee7gOShseCuD2dS59Ie+aD/ymI1FdElDB29J4flhKfJxQl0EQTjXaXR4kRw+zB4OzNIjv3FD2F4kq7qsxzyFb14z8bkp/gA==
key
MIIEpAIBAAKCAQEAp2CIojMF5NdBrY48wKHtvzUHUPlMcHSYgJM4wv67sDXVSCQOZd07spVW6VG4OdDLvCK+fhdX+EH5+jUkCfCxn1vCiyK/T6ArZJzdcsjFTtEbqAH+jbITYLa1Og38EI0ARvWyPbU4jRd53PKliCRYoZXoKHnEL2fz6voUlIgyBh+0Et++A3RLWPDUnFslJpwwDZl4NkttpTrAgbxMt07vyZuO9nmsiC/Ax9u9lFNrtUtX87Njd957IoLE+hOgEKpNp0cwrw/P8y0/Vk8HtdzHWf6mqmw4gxnmk9s2MIUxoYRJewqgDU4/f7ukY2Kl++ptLUDRUfCuTckS7r+aLIipxQIDAQABAoIBAEOmr/MnPlWdb41vtTyC9q5XB6sB6JR3fABUARhHj6MMTzWGZU9k2TE4TVWm0xiDPSXAwVADrWnJePlZq0RdRd3MX9iO5daQPZnAEX3Iin9t44jHrZSmClEH6D4b0ur5osgLnMx2R/I3L+lPJfrd/fjpt1lMxjAHCz7Jb7INTnLMjBl8Lji9witoeQseo2+SRLanNckCw9t2/WkqlpyTUnVg6icB9QLAh0ASE/zlMdFMYlo1llfxToRpZKQuE0zTXtvMqfkutqSUb8hLSBTYuMHOh8aycMB//JgiAMwrHVSVcRn2oMqnk5vm08i/sLK8TT8AGAf8Evn0GJJ88kKHvqECgYEA2Xnd/4+98ZiEnLbkgRPVX7pWVa2ZqCAZ4Cf75cv+IlQ3crJniX0IEOpFS71fF8/Ei7DIAELe9zeopQvkUdfzMlC7Rg5AuhJzRIL+FaUFlLJOMz+S7eqiLeabclYGIbZrX+n8Xic01oQxRipgV1XMKj+D3MROUoRCWNMS1Xqghe0CgYEAxQbFsTjipyvk6ZvrpucqAZ1IVIGiVELGMlUEGmyJ8CgXd3gwmU88RahmwBes0GNzm5hws9J+C/S/zt6gu1pP1g/lEpx4/yxg6MZk8AQEk3VG63Tg2rEzjEIQsz0fTXbO1AVSJvEuReB8VCgQEKNYMxrqdHXvpSFHOhQLbvebODkCgYEAgK7e0IjCkQF5fq2t+j69JD7DNUFayaPtC7k9EVWqk6+Xe7PbFfy42CF3TYDJkvJqz2mUfqsS+d+iV774pAEPM3eXyLVIUZH3SNPl+vLBoaH8KdD1ZPhQbK6mznneePZTBNcUcLXsSv6/lVAf362x+FHK+cfivGrsQ1jqLQ25jGUCgYBVrLY2dDgK3YlzE/wK3aZkgVI8fQprfYXVySY5n0z0A1sA9mCbqdrZp3rWuPTKwRQ6arVHXJa2+DyX5jMahREGUm8YAraSr2eMkQi/Xd/nhy3JoU9NiZSSvv+oEUIVWz5g79djW6j1dcJajfk+Yuktf9zHu6jzs17XoHPAUydJ8QKBgQCreujKz7G5EEXkwdEqFFolM9A8ZMB2k3t6FaM4P/lEUs+nFkxYz2+rxI4HMCE0UOCw58ukQjNmXJhumAAB0HIC28gFVuk8FXPRI46ZRQ4uuqQcSCr3/0yPSrJe3uU+IC74iHff9XHmwiHwcpmgsDclyg4Ga5eCf1XNKmZLtu/4Xg==
ca
MIIDtzCCAp+gAwIBAgIUecoZmREQNgLwFH/TMEWLTwb1CB8wDQYJKoZIhvcNAQELBQAwazELMAkGA1UEBhMCU0cxEjAQBgNVBAgMCXNpbmdhcG9yZTESMBAGA1UEBwwJc2luZ2Fwb3JlMQwwCgYDVQQKDANJQk0xETAPBgNVBAsMCHNlY3VyaXR5MRMwEQYDVQQDDApjbGllbnRJRDAxMB4XDTIyMDEwNDA0MzE1M1oXDTQxMDkyMTA0MzE1M1owazELMAkGA1UEBhMCU0cxEjAQBgNVBAgMCXNpbmdhcG9yZTESMBAGA1UEBwwJc2luZ2Fwb3JlMQwwCgYDVQQKDANJQk0xETAPBgNVBAsMCHNlY3VyaXR5MRMwEQYDVQQDDApjbGllbnRJRDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2CIojMF5NdBrY48wKHtvzUHUPlMcHSYgJM4wv67sDXVSCQOZd07spVW6VG4OdDLvCK+fhdX+EH5+jUkCfCxn1vCiyK/T6ArZJzdcsjFTtEbqAH+jbITYLa1Og38EI0ARvWyPbU4jRd53PKliCRYoZXoKHnEL2fz6voUlIgyBh+0Et++A3RLWPDUnFslJpwwDZl4NkttpTrAgbxMt07vyZuO9nmsiC/Ax9u9lFNrtUtX87Njd957IoLE+hOgEKpNp0cwrw/P8y0/Vk8HtdzHWf6mqmw4gxnmk9s2MIUxoYRJewqgDU4/f7ukY2Kl++ptLUDRUfCuTckS7r+aLIipxQIDAQABo1MwUTAdBgNVHQ4EFgQU/UtMjt5v2kVdyNfPDjijZi42WIQwHwYDVR0jBBgwFoAU/UtMjt5v2kVdyNfPDjijZi42WIQwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAWex3c0yfWkszPtF6B4cPUwwTMiwQ2GyQxxeV9iOuXoMQ6Nf7IBi3KijaWb17E690/Es4cS0P6WWyWa0pd9e/OWq/7HtA86TTiHUp8lkYM0Bc6317SjOYR3E0oIx53pHXtM/afK+ROzAux9xzztKjGyE13cNJYErSggLeMhW0kwUwRU3Wsl4DYwfqbuT62vvbya/Zf6u/lGvMGHoFozRTqPXtboFKoPLmQXzo92tw1UxRyPmeFiZfIjzee7gOShseCuD2dS59Ie+aD/ymI1FdElDB29J4flhKfJxQl0EQTjXaXR4kRw+zB4OzNIjv3FD2F4kq7qsxzyFb14z8bkp/gA==
2022-10-17 09:24:44 SUCCESS
ValidateClientJWKsPrivatePart
Valid client JWKs: keys are valid JSON, contain the required fields, the private/public exponents match and are correctly encoded using unpadded base64url
2022-10-17 09:24:44 SUCCESS
ExtractJWKsFromStaticClientConfiguration
Extracted client JWK
client_jwks
{
  "keys": [
    {
      "p": "5POsvBfNiTqioCBLGaWsOQwTCPkGAECgCeWXqQykp6Cfbfoi1mvbRDAbNPjoLP88bOOt9v528Tpsi8ZuwQRn9XiK8IyyuxIrDaGBvfZCLCK513R8rX3gj-raer-FMaEIpr1bYCTOKBhyhcP46nTwfXNxTwfKFY7O0H8sWcBfF_M",
      "kty": "RSA",
      "q": "oqadQZ4jqFife7hlA2viAEGjJMu8ZRRIx15U19XKw4LbgHYAs3p965WO2lHJqkRUwD1YXZwqOcapUs2samp8JmoZ9j3OavwuRV7qW68_xV3W5xG8lV41RfKLX0c1ny7jJhPWOAbuJzjp3okjqy3hUBZ8Y2B25A2u8fxuhf7U3x0",
      "d": "Z-mgweEYkai9vr_dBYL0LaaHcfVv4D0X638cQIl99VNzZ8h3GqwtLC_zN6kx89S9C8nprfP2NvTegKxs-2bh-FN08k16zolcx6jEkZSgmUOhMLlpmB0qhHWOnYT047y-h9rQ9rZCVxIClJu5Whh8pa_Xlm3BDlbgJBEZSZAwbuWojQ3a-1J6Z8dP6aGqICUxOofz8z2KGxfQnCTmDIyfdCePmBlx7zdFvgq7SI9fDywkfo0ReBmVA4UX9DIbeR2nShZ53Q54rAPzbBLdwD3NzGeGN7Fk53PT3uYVBUq8nNzIwtdaeTRJ7_QxBBy769uG6I2yKIEE3hHldQT0hTs5AQ",
      "e": "AQAB",
      "use": "sig",
      "kid": "ristrettotest",
      "qi": "uzQHF2KOelrHJhOYBmoHkbiQqczkA3AQXOwAQME3P32dFJgOOB6QdCfrg1C2JTobx8Q3EVoko1j96QE2XCrWEBs9oW-4gg4CPGaU7BmVFt0lB88-ZD6E2N0byg2mekYtdGR3ifispEZHdIBP7TxW82in3fn-nB08YMqQAqqIGes",
      "dp": "UcoLBxapwkBEIFfo_DyHDcoWcrojPqvXgDGYwDdYCtoCmlMlZtwY9H8K-R2CM7DqcSvU1cuJyhtI85XrsuBUEwkA-XYJ03JmFvR_WNFESmgNY76lW4UAV-laK0eH2XbhlE9I-Uusqf4xyz97CKbF0ssOy2DI_HKLx0fnHBjw36k",
      "alg": "PS256",
      "dq": "KSaoYMKm2N_bMc0cWXpBCrmQki2ts5EnPLHEG3tuunpwGJdCZCZYl3MWWmwY7qgtHRooMj7hfA6kJlv9BEt-r6VmfiNzByRYfJqgBqRXKRMt3PZi1ROpvNG5q1hz25tcQvT_3Nr8BBZlLTVbPeL0v3OA8w-j5N0FZxnryKEJsI0",
      "n": "kXc19SlD_vUPcIA9Rf43Nd2kyvaPmsF8_BnwmX3N8svnIFlpAcSMeDKRGjpSZpOaVnrHyTeq19CFoTgRt1DT5mUJp9JmsXSZumMbcQBzCiwQvBO988nFCiZAJedAyo05PpuFQgIP0kQInEAevcduDeRWedE7pdb1TGMGnsLl7C3A7KdNBzU0sYooA04OYUGtJAdGaja-tSkZpHUAit7ywS2cBOx5UuNc2_oqWDoE7S_RfxYqouoIV36o0nR_IukvhpdGQ3aX8JVXHSdiuAgOmu3v3X6JKem20f2rt8-mKG0kqBLIYbYHErTwPtaXbs2H6vtRECrTSPlRIbh_j95jhw"
    }
  ]
}
public_client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "ristrettotest",
      "alg": "PS256",
      "n": "kXc19SlD_vUPcIA9Rf43Nd2kyvaPmsF8_BnwmX3N8svnIFlpAcSMeDKRGjpSZpOaVnrHyTeq19CFoTgRt1DT5mUJp9JmsXSZumMbcQBzCiwQvBO988nFCiZAJedAyo05PpuFQgIP0kQInEAevcduDeRWedE7pdb1TGMGnsLl7C3A7KdNBzU0sYooA04OYUGtJAdGaja-tSkZpHUAit7ywS2cBOx5UuNc2_oqWDoE7S_RfxYqouoIV36o0nR_IukvhpdGQ3aX8JVXHSdiuAgOmu3v3X6JKem20f2rt8-mKG0kqBLIYbYHErTwPtaXbs2H6vtRECrTSPlRIbh_j95jhw"
    }
  ]
}
2022-10-17 09:24:44 SUCCESS
CheckForKeyIdInClientJWKs
All keys contain kids
2022-10-17 09:24:44 SUCCESS
CheckDistinctKeyIdValueInClientJWKs
Distinct 'kid' value in all keys of client_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2022-10-17 09:24:44 SUCCESS
FAPICheckKeyAlgInClientJWKs
Keys in client JWKS all have permitted 'alg'
permitted
[
  "ES256",
  "PS256"
]
2022-10-17 09:24:44 SUCCESS
FAPIEnsureMinimumClientKeyLength
Validated minimum key lengths for client_jwks
client_jwks
{
  "keys": [
    {
      "p": "5POsvBfNiTqioCBLGaWsOQwTCPkGAECgCeWXqQykp6Cfbfoi1mvbRDAbNPjoLP88bOOt9v528Tpsi8ZuwQRn9XiK8IyyuxIrDaGBvfZCLCK513R8rX3gj-raer-FMaEIpr1bYCTOKBhyhcP46nTwfXNxTwfKFY7O0H8sWcBfF_M",
      "kty": "RSA",
      "q": "oqadQZ4jqFife7hlA2viAEGjJMu8ZRRIx15U19XKw4LbgHYAs3p965WO2lHJqkRUwD1YXZwqOcapUs2samp8JmoZ9j3OavwuRV7qW68_xV3W5xG8lV41RfKLX0c1ny7jJhPWOAbuJzjp3okjqy3hUBZ8Y2B25A2u8fxuhf7U3x0",
      "d": "Z-mgweEYkai9vr_dBYL0LaaHcfVv4D0X638cQIl99VNzZ8h3GqwtLC_zN6kx89S9C8nprfP2NvTegKxs-2bh-FN08k16zolcx6jEkZSgmUOhMLlpmB0qhHWOnYT047y-h9rQ9rZCVxIClJu5Whh8pa_Xlm3BDlbgJBEZSZAwbuWojQ3a-1J6Z8dP6aGqICUxOofz8z2KGxfQnCTmDIyfdCePmBlx7zdFvgq7SI9fDywkfo0ReBmVA4UX9DIbeR2nShZ53Q54rAPzbBLdwD3NzGeGN7Fk53PT3uYVBUq8nNzIwtdaeTRJ7_QxBBy769uG6I2yKIEE3hHldQT0hTs5AQ",
      "e": "AQAB",
      "use": "sig",
      "kid": "ristrettotest",
      "qi": "uzQHF2KOelrHJhOYBmoHkbiQqczkA3AQXOwAQME3P32dFJgOOB6QdCfrg1C2JTobx8Q3EVoko1j96QE2XCrWEBs9oW-4gg4CPGaU7BmVFt0lB88-ZD6E2N0byg2mekYtdGR3ifispEZHdIBP7TxW82in3fn-nB08YMqQAqqIGes",
      "dp": "UcoLBxapwkBEIFfo_DyHDcoWcrojPqvXgDGYwDdYCtoCmlMlZtwY9H8K-R2CM7DqcSvU1cuJyhtI85XrsuBUEwkA-XYJ03JmFvR_WNFESmgNY76lW4UAV-laK0eH2XbhlE9I-Uusqf4xyz97CKbF0ssOy2DI_HKLx0fnHBjw36k",
      "alg": "PS256",
      "dq": "KSaoYMKm2N_bMc0cWXpBCrmQki2ts5EnPLHEG3tuunpwGJdCZCZYl3MWWmwY7qgtHRooMj7hfA6kJlv9BEt-r6VmfiNzByRYfJqgBqRXKRMt3PZi1ROpvNG5q1hz25tcQvT_3Nr8BBZlLTVbPeL0v3OA8w-j5N0FZxnryKEJsI0",
      "n": "kXc19SlD_vUPcIA9Rf43Nd2kyvaPmsF8_BnwmX3N8svnIFlpAcSMeDKRGjpSZpOaVnrHyTeq19CFoTgRt1DT5mUJp9JmsXSZumMbcQBzCiwQvBO988nFCiZAJedAyo05PpuFQgIP0kQInEAevcduDeRWedE7pdb1TGMGnsLl7C3A7KdNBzU0sYooA04OYUGtJAdGaja-tSkZpHUAit7ywS2cBOx5UuNc2_oqWDoE7S_RfxYqouoIV36o0nR_IukvhpdGQ3aX8JVXHSdiuAgOmu3v3X6JKem20f2rt8-mKG0kqBLIYbYHErTwPtaXbs2H6vtRECrTSPlRIbh_j95jhw"
    }
  ]
}
2022-10-17 09:24:44 SUCCESS
ValidateMTLSCertificatesAsX509
Mutual TLS authentication cert validated as X.509
Verify configuration of second client
2022-10-17 09:24:44 SUCCESS
GetStaticClient2Configuration
Found a static second client object
client_id
client_ukob02
scope
openid
jwks
{
  "keys": [
    {
      "p": "_a4hJlGIgqTgO5MjxTa4j4-rnui8ofinPAs2lh5D3YQEQfpVPrEYlv8eo_sPpwkeU1M-PXVT2U59Os56IiKzDhqdQgaIRbq6Si8fhPxPrI4ei-wXuihqF1QDbbAuXf7ZV8_Yx1XCPKadrRNa8TKZWO4vDR30EdDsjL2uhyxdcI8",
      "kty": "RSA",
      "q": "x4GpCUG5Kwo6xv6Wl5UWUuV817mccDDnWVSLqK7Msb58BSfcK7kLrdzSFxBuo_DoK4RYu5K34HbAIzoZuC4cRJXR5QDf6BKxuyyF0qMNrHWpoXSpQOXHR6UowPaNHKfa4pXhcRCj4yo47VkipXEm2tD9bdTB0ydVZTJXrRKw9IE",
      "d": "moWnAjS47_t0jdjYHaubEY3f0MI5lVKwZblDqbkKoYUVfguFTI55opUg6EUGJDX74SM1acfPRpe6P7V9Iet_PoGpunQ4TdD3H4yCetqLBniZPNDn8oeVKkhhj97v-GyLyAWumaEDntO0O566TGUL-a0GwrcfT63Z_A4e0-NCTNyrn-hyy5Ljlw17r9MehxwXhi6wZdZJnu7iPT2UJGYeO9R-qedE_UiBzPYsXCjXV6FrY4awDGvWAr4R24hkI9naj6hIcmJhL-34xh6_hWomFtCHtKkNRSVHjMcIP5HOeK4yUqlRssvr61xzDwxrtv32Tj5JCDFUCc-NM8YVYy3oAQ",
      "e": "AQAB",
      "use": "sig",
      "kid": "conformancetest",
      "qi": "ZIgXA-QKu5WscOoA4paq3INWIFNf34tPa1I2MTe30_fLShaDwwF3F_CzUscVd1k7Mbn_VpuKfK2C5Vqupoyj7uyk1gm-iuWtJYcxTkE61udn5vRq4lnjNzxtQCjHm48ZRnVmpFCMrSbcb2oJMzWFH1aM2vyCwuMcrSckR7YVVUI",
      "dp": "HSWmtWpkzu32vaGYWI6DAiu1wlpnYgzZ2jJHoVP05DzI6HPE26EpfB_v-1NbZwvLKjPEUPdsHOnBxcH3knh-Lj6slut9ONXNlbx4WKVM2jyyEc2cpE0Ec425nx7BFRe1DTvaYnzeBm32a-5vYos3x1oGmfE5G9rvcvRQW0OjsM0",
      "alg": "PS256",
      "dq": "XyYfkCKgRT6jubRB7hlUhESevePwEDHCpIAF-3UiesL2Mx9HijK-tzTRnd5gZh_HGroL96mJuKvqBuL20ThskulBKY65Ot1vlm0thb_uDYowVKhm8GSmHi1Ounjb5AbKBbalxl7BSt4gOFKCi5TjiwiRVYhayHHB8HmKByka7AE",
      "n": "xbLYBJ3SXWsNcLG03ieLj3UcqOQa0z4KHgjDSIytAv9GgKotTJU9skUvXWLJJuHlAh1MjI9rBZenMuUTqvaHvxMxMpDn5sc2GOLxmoM_dJBAPKmLWhNPNlKAJCVDAWHGcydBNLu8_ZkGCKaXbLStWjPl2djokKNU7gJLGEdv_PaT8-DUKH65xJ7sAaEqgsaFjXUuK7eLQG3Dxd64CLpfiCl9szHZldQkV3t44zfdB9KdaZyWiHwqRUe0mdc4Nn3-QZ7PhfY1z2q0fxEetcMyjr_5RLDWgOltneNmxyrbaxNHUMuiSnroemaRXZMxLyx_c8rDL8YRZ5VXToQw2q4EDw"
    }
  ]
}
acr_value
urn:acr2
2022-10-17 09:24:44 SUCCESS
ValidateMTLSCertificates2Header
MTLS certificates header is valid
2022-10-17 09:24:44 SUCCESS
ExtractMTLSCertificates2FromConfiguration
Mutual TLS authentication credentials loaded
cert
MIIDtzCCAp+gAwIBAgIUWzVEE6ZzNUl6kwxJgrUgERqiDXkwDQYJKoZIhvcNAQELBQAwazELMAkGA1UEBhMCU0cxEjAQBgNVBAgMCXNpbmdhcG9yZTESMBAGA1UEBwwJc2luZ2Fwb3JlMQwwCgYDVQQKDANJQk0xETAPBgNVBAsMCHNlY3VyaXR5MRMwEQYDVQQDDApjbGllbnRJRDAyMB4XDTIyMDEwNDA0MzQxNloXDTQxMDkyMTA0MzQxNlowazELMAkGA1UEBhMCU0cxEjAQBgNVBAgMCXNpbmdhcG9yZTESMBAGA1UEBwwJc2luZ2Fwb3JlMQwwCgYDVQQKDANJQk0xETAPBgNVBAsMCHNlY3VyaXR5MRMwEQYDVQQDDApjbGllbnRJRDAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxFSV37045EHSIKgQ+yofftUN/Ym1kv17rx1G92uepLHgw1Ar+Qvoq2w6La1k9tGZuMMYC8RmlqT+7S6Z5LP4AjKByW+1vX6zJPN6xmEnDFDd420MIqC56cqs3JyfJEybhVRdLCgGvz3uZ7dewKm+oiLECOGAST0jzMc5szzxtvkN5jyURUAaYhLqjlsqpS2XM79AsJIRQy/XsYux1wf42CFvS1Ves3N/aTbO5N6VA5h4KA1k+7/F1HlP+J1rB2dk7zsSnwvsGLvV1r5Eb5XP8DphKZ+xtJmANNo3NiNONxuV0T7HOXzrqgp2VDt9tXuJOClrEJEJJnAUJ7cYXtn8uQIDAQABo1MwUTAdBgNVHQ4EFgQUAZeJHIZu9VunYouyoHf/QODzbREwHwYDVR0jBBgwFoAUAZeJHIZu9VunYouyoHf/QODzbREwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAft9Mp/WpGdRF1sCzVG2r7SHxaxTGfWC+iZJBVZfFTJcthDawCW3xIfQb0RUrtGWTKBgpCp8GSCxFYPuri/nZn2vRbujn3woK2siXWS64bYDUOJ3xHvt3/j0PPGRfQ3faSXjdvtkE7ayLRKdb132rBd2k7oBqIZkM3ezvXg49KupJfOYTaqNezA4TTXaLFL+7BbY8IFPYHE+t66K68DNbypr3Q8pP2ZCHE3YLS3RG+Ql2EYSGABKNbeRcipONYPvtsiZt4k44vCDRUC5DXdC6C9KeEjrLp5ycJYgdT+YqD34Rd89u/yjgvlo3Bcv0mhEO1sS4jaG3IRkZZsCoUEFSvQ==
key
MIIEogIBAAKCAQEAxFSV37045EHSIKgQ+yofftUN/Ym1kv17rx1G92uepLHgw1Ar+Qvoq2w6La1k9tGZuMMYC8RmlqT+7S6Z5LP4AjKByW+1vX6zJPN6xmEnDFDd420MIqC56cqs3JyfJEybhVRdLCgGvz3uZ7dewKm+oiLECOGAST0jzMc5szzxtvkN5jyURUAaYhLqjlsqpS2XM79AsJIRQy/XsYux1wf42CFvS1Ves3N/aTbO5N6VA5h4KA1k+7/F1HlP+J1rB2dk7zsSnwvsGLvV1r5Eb5XP8DphKZ+xtJmANNo3NiNONxuV0T7HOXzrqgp2VDt9tXuJOClrEJEJJnAUJ7cYXtn8uQIDAQABAoIBABZVROM5pCIa9qsuUxgvF3wXAktoAdahrRMjcnIstNQpQ9cT5Jyk5Sey3P9bLRQCjcj9sFuOUNksFa+nUGw6qKifVDI02eifZAN9CudMH+P/wu3e9rVtsRhOLNG/oz6+1CYbjam7N+FDSz5TFp018fCBoekctbofEVZ3BzJDaX+VrBn6TSBpzMzibDfnnfbkFkep+91okF9TTLIZ+Bjl/f1dVfbMZ6scs2rc7Slp52Od0HZ69gerc7l4IFxCiH2pMMbI6lRESYXlaf4j/mTJR/sFnDvbyET1UVU5paAhZ/TLGougAGzLtOEhlxLSjNv/5RfFIs1NPLW8iu68OgKL94ECgYEA6Ya6XBXydFof+aeHub7AlYdEA9qnQdqQR88AHlHcLIxkyNlVsPh+5/t0SrkJtrspBp233Ne9JTflQYk8/+wBE59NutnKJfzzV04ftm1bmW+gBHT36rZRW8WT2Kto73A9SLzhhQSp1a14ff9vULoRwQLtWpAANkqTCUD0Zwe4v+kCgYEA1zl7LSMmUpjjR1thITcfHnVtI+0U4ilqcDXUZzoaJsSQ4/oSr8Xc2EbF2KsxqPhq6HKOhINsPeN+iA1F0F3+oc32k4PI8NrQtIfLsVEvTQ2LuYsR4a8TNyGH/zk0i/XpRy632BrKcYp6iyb3qQgGMdjsK+PW6PChTa6TaopUpFECgYAWozHTlWkQcGAjImNc1Sn0FM26FesaziYoX9+iEMtoIh/u/Gp7IkujD1Qhnjhb117NvmJBbURvpDB8HuKj6GveTBYL4+rdrdyk/PTECWvUvuZjKDeUMCJI5ClF2q/sbhPyxiSScXZJOWyxwh43VCI+dJsvqT/sA2Sng/1tM2lsaQKBgGitkWZTuTjlGW3EWQpxp9YFoO6fSc/x+s3WsJcAYGXIpvvqzhnlr1MVoPaP1RhssnqZ9Q0oaoXzVsBPTExa2xTRewMmTp4unuGfRofYh5v/YZz9sdXFdCAVU/LjXNZR5YL0iwA1j48HnjB95Gi2+WRXMA7swsMK/jktFo/z9dTxAoGAYk2kwzCs7xwhsa3/xH5xJauvlclDqelC4R1cS2pzQI+MQIfjR4JccZ8xly7HMv+2D9vBModxo/msXGq3QJaAmDHzNhee2+OTuKcDLd7wlwSwqZ9EBvxHuLwI7/QZejw68iLHZWQMH57daNZL9X/8VwmF/C8tawAvXmflv+ra3Ec=
ca
MIIDtzCCAp+gAwIBAgIUWzVEE6ZzNUl6kwxJgrUgERqiDXkwDQYJKoZIhvcNAQELBQAwazELMAkGA1UEBhMCU0cxEjAQBgNVBAgMCXNpbmdhcG9yZTESMBAGA1UEBwwJc2luZ2Fwb3JlMQwwCgYDVQQKDANJQk0xETAPBgNVBAsMCHNlY3VyaXR5MRMwEQYDVQQDDApjbGllbnRJRDAyMB4XDTIyMDEwNDA0MzQxNloXDTQxMDkyMTA0MzQxNlowazELMAkGA1UEBhMCU0cxEjAQBgNVBAgMCXNpbmdhcG9yZTESMBAGA1UEBwwJc2luZ2Fwb3JlMQwwCgYDVQQKDANJQk0xETAPBgNVBAsMCHNlY3VyaXR5MRMwEQYDVQQDDApjbGllbnRJRDAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxFSV37045EHSIKgQ+yofftUN/Ym1kv17rx1G92uepLHgw1Ar+Qvoq2w6La1k9tGZuMMYC8RmlqT+7S6Z5LP4AjKByW+1vX6zJPN6xmEnDFDd420MIqC56cqs3JyfJEybhVRdLCgGvz3uZ7dewKm+oiLECOGAST0jzMc5szzxtvkN5jyURUAaYhLqjlsqpS2XM79AsJIRQy/XsYux1wf42CFvS1Ves3N/aTbO5N6VA5h4KA1k+7/F1HlP+J1rB2dk7zsSnwvsGLvV1r5Eb5XP8DphKZ+xtJmANNo3NiNONxuV0T7HOXzrqgp2VDt9tXuJOClrEJEJJnAUJ7cYXtn8uQIDAQABo1MwUTAdBgNVHQ4EFgQUAZeJHIZu9VunYouyoHf/QODzbREwHwYDVR0jBBgwFoAUAZeJHIZu9VunYouyoHf/QODzbREwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAft9Mp/WpGdRF1sCzVG2r7SHxaxTGfWC+iZJBVZfFTJcthDawCW3xIfQb0RUrtGWTKBgpCp8GSCxFYPuri/nZn2vRbujn3woK2siXWS64bYDUOJ3xHvt3/j0PPGRfQ3faSXjdvtkE7ayLRKdb132rBd2k7oBqIZkM3ezvXg49KupJfOYTaqNezA4TTXaLFL+7BbY8IFPYHE+t66K68DNbypr3Q8pP2ZCHE3YLS3RG+Ql2EYSGABKNbeRcipONYPvtsiZt4k44vCDRUC5DXdC6C9KeEjrLp5ycJYgdT+YqD34Rd89u/yjgvlo3Bcv0mhEO1sS4jaG3IRkZZsCoUEFSvQ==
2022-10-17 09:24:44 SUCCESS
ValidateClientJWKsPrivatePart
Valid client JWKs: keys are valid JSON, contain the required fields, the private/public exponents match and are correctly encoded using unpadded base64url
2022-10-17 09:24:44 SUCCESS
ExtractJWKsFromStaticClientConfiguration
Extracted client JWK
client_jwks
{
  "keys": [
    {
      "p": "_a4hJlGIgqTgO5MjxTa4j4-rnui8ofinPAs2lh5D3YQEQfpVPrEYlv8eo_sPpwkeU1M-PXVT2U59Os56IiKzDhqdQgaIRbq6Si8fhPxPrI4ei-wXuihqF1QDbbAuXf7ZV8_Yx1XCPKadrRNa8TKZWO4vDR30EdDsjL2uhyxdcI8",
      "kty": "RSA",
      "q": "x4GpCUG5Kwo6xv6Wl5UWUuV817mccDDnWVSLqK7Msb58BSfcK7kLrdzSFxBuo_DoK4RYu5K34HbAIzoZuC4cRJXR5QDf6BKxuyyF0qMNrHWpoXSpQOXHR6UowPaNHKfa4pXhcRCj4yo47VkipXEm2tD9bdTB0ydVZTJXrRKw9IE",
      "d": "moWnAjS47_t0jdjYHaubEY3f0MI5lVKwZblDqbkKoYUVfguFTI55opUg6EUGJDX74SM1acfPRpe6P7V9Iet_PoGpunQ4TdD3H4yCetqLBniZPNDn8oeVKkhhj97v-GyLyAWumaEDntO0O566TGUL-a0GwrcfT63Z_A4e0-NCTNyrn-hyy5Ljlw17r9MehxwXhi6wZdZJnu7iPT2UJGYeO9R-qedE_UiBzPYsXCjXV6FrY4awDGvWAr4R24hkI9naj6hIcmJhL-34xh6_hWomFtCHtKkNRSVHjMcIP5HOeK4yUqlRssvr61xzDwxrtv32Tj5JCDFUCc-NM8YVYy3oAQ",
      "e": "AQAB",
      "use": "sig",
      "kid": "conformancetest",
      "qi": "ZIgXA-QKu5WscOoA4paq3INWIFNf34tPa1I2MTe30_fLShaDwwF3F_CzUscVd1k7Mbn_VpuKfK2C5Vqupoyj7uyk1gm-iuWtJYcxTkE61udn5vRq4lnjNzxtQCjHm48ZRnVmpFCMrSbcb2oJMzWFH1aM2vyCwuMcrSckR7YVVUI",
      "dp": "HSWmtWpkzu32vaGYWI6DAiu1wlpnYgzZ2jJHoVP05DzI6HPE26EpfB_v-1NbZwvLKjPEUPdsHOnBxcH3knh-Lj6slut9ONXNlbx4WKVM2jyyEc2cpE0Ec425nx7BFRe1DTvaYnzeBm32a-5vYos3x1oGmfE5G9rvcvRQW0OjsM0",
      "alg": "PS256",
      "dq": "XyYfkCKgRT6jubRB7hlUhESevePwEDHCpIAF-3UiesL2Mx9HijK-tzTRnd5gZh_HGroL96mJuKvqBuL20ThskulBKY65Ot1vlm0thb_uDYowVKhm8GSmHi1Ounjb5AbKBbalxl7BSt4gOFKCi5TjiwiRVYhayHHB8HmKByka7AE",
      "n": "xbLYBJ3SXWsNcLG03ieLj3UcqOQa0z4KHgjDSIytAv9GgKotTJU9skUvXWLJJuHlAh1MjI9rBZenMuUTqvaHvxMxMpDn5sc2GOLxmoM_dJBAPKmLWhNPNlKAJCVDAWHGcydBNLu8_ZkGCKaXbLStWjPl2djokKNU7gJLGEdv_PaT8-DUKH65xJ7sAaEqgsaFjXUuK7eLQG3Dxd64CLpfiCl9szHZldQkV3t44zfdB9KdaZyWiHwqRUe0mdc4Nn3-QZ7PhfY1z2q0fxEetcMyjr_5RLDWgOltneNmxyrbaxNHUMuiSnroemaRXZMxLyx_c8rDL8YRZ5VXToQw2q4EDw"
    }
  ]
}
public_client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "conformancetest",
      "alg": "PS256",
      "n": "xbLYBJ3SXWsNcLG03ieLj3UcqOQa0z4KHgjDSIytAv9GgKotTJU9skUvXWLJJuHlAh1MjI9rBZenMuUTqvaHvxMxMpDn5sc2GOLxmoM_dJBAPKmLWhNPNlKAJCVDAWHGcydBNLu8_ZkGCKaXbLStWjPl2djokKNU7gJLGEdv_PaT8-DUKH65xJ7sAaEqgsaFjXUuK7eLQG3Dxd64CLpfiCl9szHZldQkV3t44zfdB9KdaZyWiHwqRUe0mdc4Nn3-QZ7PhfY1z2q0fxEetcMyjr_5RLDWgOltneNmxyrbaxNHUMuiSnroemaRXZMxLyx_c8rDL8YRZ5VXToQw2q4EDw"
    }
  ]
}
2022-10-17 09:24:44 SUCCESS
CheckForKeyIdInClientJWKs
All keys contain kids
2022-10-17 09:24:44 SUCCESS
CheckDistinctKeyIdValueInClientJWKs
Distinct 'kid' value in all keys of client_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2022-10-17 09:24:44 SUCCESS
FAPICheckKeyAlgInClientJWKs
Keys in client JWKS all have permitted 'alg'
permitted
[
  "ES256",
  "PS256"
]
2022-10-17 09:24:44 SUCCESS
FAPIEnsureMinimumClientKeyLength
Validated minimum key lengths for client_jwks
client_jwks
{
  "keys": [
    {
      "p": "_a4hJlGIgqTgO5MjxTa4j4-rnui8ofinPAs2lh5D3YQEQfpVPrEYlv8eo_sPpwkeU1M-PXVT2U59Os56IiKzDhqdQgaIRbq6Si8fhPxPrI4ei-wXuihqF1QDbbAuXf7ZV8_Yx1XCPKadrRNa8TKZWO4vDR30EdDsjL2uhyxdcI8",
      "kty": "RSA",
      "q": "x4GpCUG5Kwo6xv6Wl5UWUuV817mccDDnWVSLqK7Msb58BSfcK7kLrdzSFxBuo_DoK4RYu5K34HbAIzoZuC4cRJXR5QDf6BKxuyyF0qMNrHWpoXSpQOXHR6UowPaNHKfa4pXhcRCj4yo47VkipXEm2tD9bdTB0ydVZTJXrRKw9IE",
      "d": "moWnAjS47_t0jdjYHaubEY3f0MI5lVKwZblDqbkKoYUVfguFTI55opUg6EUGJDX74SM1acfPRpe6P7V9Iet_PoGpunQ4TdD3H4yCetqLBniZPNDn8oeVKkhhj97v-GyLyAWumaEDntO0O566TGUL-a0GwrcfT63Z_A4e0-NCTNyrn-hyy5Ljlw17r9MehxwXhi6wZdZJnu7iPT2UJGYeO9R-qedE_UiBzPYsXCjXV6FrY4awDGvWAr4R24hkI9naj6hIcmJhL-34xh6_hWomFtCHtKkNRSVHjMcIP5HOeK4yUqlRssvr61xzDwxrtv32Tj5JCDFUCc-NM8YVYy3oAQ",
      "e": "AQAB",
      "use": "sig",
      "kid": "conformancetest",
      "qi": "ZIgXA-QKu5WscOoA4paq3INWIFNf34tPa1I2MTe30_fLShaDwwF3F_CzUscVd1k7Mbn_VpuKfK2C5Vqupoyj7uyk1gm-iuWtJYcxTkE61udn5vRq4lnjNzxtQCjHm48ZRnVmpFCMrSbcb2oJMzWFH1aM2vyCwuMcrSckR7YVVUI",
      "dp": "HSWmtWpkzu32vaGYWI6DAiu1wlpnYgzZ2jJHoVP05DzI6HPE26EpfB_v-1NbZwvLKjPEUPdsHOnBxcH3knh-Lj6slut9ONXNlbx4WKVM2jyyEc2cpE0Ec425nx7BFRe1DTvaYnzeBm32a-5vYos3x1oGmfE5G9rvcvRQW0OjsM0",
      "alg": "PS256",
      "dq": "XyYfkCKgRT6jubRB7hlUhESevePwEDHCpIAF-3UiesL2Mx9HijK-tzTRnd5gZh_HGroL96mJuKvqBuL20ThskulBKY65Ot1vlm0thb_uDYowVKhm8GSmHi1Ounjb5AbKBbalxl7BSt4gOFKCi5TjiwiRVYhayHHB8HmKByka7AE",
      "n": "xbLYBJ3SXWsNcLG03ieLj3UcqOQa0z4KHgjDSIytAv9GgKotTJU9skUvXWLJJuHlAh1MjI9rBZenMuUTqvaHvxMxMpDn5sc2GOLxmoM_dJBAPKmLWhNPNlKAJCVDAWHGcydBNLu8_ZkGCKaXbLStWjPl2djokKNU7gJLGEdv_PaT8-DUKH65xJ7sAaEqgsaFjXUuK7eLQG3Dxd64CLpfiCl9szHZldQkV3t44zfdB9KdaZyWiHwqRUe0mdc4Nn3-QZ7PhfY1z2q0fxEetcMyjr_5RLDWgOltneNmxyrbaxNHUMuiSnroemaRXZMxLyx_c8rDL8YRZ5VXToQw2q4EDw"
    }
  ]
}
2022-10-17 09:24:44 SUCCESS
ValidateMTLSCertificatesAsX509
Mutual TLS authentication cert validated as X.509
2022-10-17 09:24:44 SUCCESS
ValidateClientPrivateKeysAreDifferent
Client signing JWKs have different thumbprints
jwk1
{
  "p": "5POsvBfNiTqioCBLGaWsOQwTCPkGAECgCeWXqQykp6Cfbfoi1mvbRDAbNPjoLP88bOOt9v528Tpsi8ZuwQRn9XiK8IyyuxIrDaGBvfZCLCK513R8rX3gj-raer-FMaEIpr1bYCTOKBhyhcP46nTwfXNxTwfKFY7O0H8sWcBfF_M",
  "kty": "RSA",
  "q": "oqadQZ4jqFife7hlA2viAEGjJMu8ZRRIx15U19XKw4LbgHYAs3p965WO2lHJqkRUwD1YXZwqOcapUs2samp8JmoZ9j3OavwuRV7qW68_xV3W5xG8lV41RfKLX0c1ny7jJhPWOAbuJzjp3okjqy3hUBZ8Y2B25A2u8fxuhf7U3x0",
  "d": "Z-mgweEYkai9vr_dBYL0LaaHcfVv4D0X638cQIl99VNzZ8h3GqwtLC_zN6kx89S9C8nprfP2NvTegKxs-2bh-FN08k16zolcx6jEkZSgmUOhMLlpmB0qhHWOnYT047y-h9rQ9rZCVxIClJu5Whh8pa_Xlm3BDlbgJBEZSZAwbuWojQ3a-1J6Z8dP6aGqICUxOofz8z2KGxfQnCTmDIyfdCePmBlx7zdFvgq7SI9fDywkfo0ReBmVA4UX9DIbeR2nShZ53Q54rAPzbBLdwD3NzGeGN7Fk53PT3uYVBUq8nNzIwtdaeTRJ7_QxBBy769uG6I2yKIEE3hHldQT0hTs5AQ",
  "e": "AQAB",
  "use": "sig",
  "kid": "ristrettotest",
  "qi": "uzQHF2KOelrHJhOYBmoHkbiQqczkA3AQXOwAQME3P32dFJgOOB6QdCfrg1C2JTobx8Q3EVoko1j96QE2XCrWEBs9oW-4gg4CPGaU7BmVFt0lB88-ZD6E2N0byg2mekYtdGR3ifispEZHdIBP7TxW82in3fn-nB08YMqQAqqIGes",
  "dp": "UcoLBxapwkBEIFfo_DyHDcoWcrojPqvXgDGYwDdYCtoCmlMlZtwY9H8K-R2CM7DqcSvU1cuJyhtI85XrsuBUEwkA-XYJ03JmFvR_WNFESmgNY76lW4UAV-laK0eH2XbhlE9I-Uusqf4xyz97CKbF0ssOy2DI_HKLx0fnHBjw36k",
  "alg": "PS256",
  "dq": "KSaoYMKm2N_bMc0cWXpBCrmQki2ts5EnPLHEG3tuunpwGJdCZCZYl3MWWmwY7qgtHRooMj7hfA6kJlv9BEt-r6VmfiNzByRYfJqgBqRXKRMt3PZi1ROpvNG5q1hz25tcQvT_3Nr8BBZlLTVbPeL0v3OA8w-j5N0FZxnryKEJsI0",
  "n": "kXc19SlD_vUPcIA9Rf43Nd2kyvaPmsF8_BnwmX3N8svnIFlpAcSMeDKRGjpSZpOaVnrHyTeq19CFoTgRt1DT5mUJp9JmsXSZumMbcQBzCiwQvBO988nFCiZAJedAyo05PpuFQgIP0kQInEAevcduDeRWedE7pdb1TGMGnsLl7C3A7KdNBzU0sYooA04OYUGtJAdGaja-tSkZpHUAit7ywS2cBOx5UuNc2_oqWDoE7S_RfxYqouoIV36o0nR_IukvhpdGQ3aX8JVXHSdiuAgOmu3v3X6JKem20f2rt8-mKG0kqBLIYbYHErTwPtaXbs2H6vtRECrTSPlRIbh_j95jhw"
}
jwk2
{
  "p": "_a4hJlGIgqTgO5MjxTa4j4-rnui8ofinPAs2lh5D3YQEQfpVPrEYlv8eo_sPpwkeU1M-PXVT2U59Os56IiKzDhqdQgaIRbq6Si8fhPxPrI4ei-wXuihqF1QDbbAuXf7ZV8_Yx1XCPKadrRNa8TKZWO4vDR30EdDsjL2uhyxdcI8",
  "kty": "RSA",
  "q": "x4GpCUG5Kwo6xv6Wl5UWUuV817mccDDnWVSLqK7Msb58BSfcK7kLrdzSFxBuo_DoK4RYu5K34HbAIzoZuC4cRJXR5QDf6BKxuyyF0qMNrHWpoXSpQOXHR6UowPaNHKfa4pXhcRCj4yo47VkipXEm2tD9bdTB0ydVZTJXrRKw9IE",
  "d": "moWnAjS47_t0jdjYHaubEY3f0MI5lVKwZblDqbkKoYUVfguFTI55opUg6EUGJDX74SM1acfPRpe6P7V9Iet_PoGpunQ4TdD3H4yCetqLBniZPNDn8oeVKkhhj97v-GyLyAWumaEDntO0O566TGUL-a0GwrcfT63Z_A4e0-NCTNyrn-hyy5Ljlw17r9MehxwXhi6wZdZJnu7iPT2UJGYeO9R-qedE_UiBzPYsXCjXV6FrY4awDGvWAr4R24hkI9naj6hIcmJhL-34xh6_hWomFtCHtKkNRSVHjMcIP5HOeK4yUqlRssvr61xzDwxrtv32Tj5JCDFUCc-NM8YVYy3oAQ",
  "e": "AQAB",
  "use": "sig",
  "kid": "conformancetest",
  "qi": "ZIgXA-QKu5WscOoA4paq3INWIFNf34tPa1I2MTe30_fLShaDwwF3F_CzUscVd1k7Mbn_VpuKfK2C5Vqupoyj7uyk1gm-iuWtJYcxTkE61udn5vRq4lnjNzxtQCjHm48ZRnVmpFCMrSbcb2oJMzWFH1aM2vyCwuMcrSckR7YVVUI",
  "dp": "HSWmtWpkzu32vaGYWI6DAiu1wlpnYgzZ2jJHoVP05DzI6HPE26EpfB_v-1NbZwvLKjPEUPdsHOnBxcH3knh-Lj6slut9ONXNlbx4WKVM2jyyEc2cpE0Ec425nx7BFRe1DTvaYnzeBm32a-5vYos3x1oGmfE5G9rvcvRQW0OjsM0",
  "alg": "PS256",
  "dq": "XyYfkCKgRT6jubRB7hlUhESevePwEDHCpIAF-3UiesL2Mx9HijK-tzTRnd5gZh_HGroL96mJuKvqBuL20ThskulBKY65Ot1vlm0thb_uDYowVKhm8GSmHi1Ounjb5AbKBbalxl7BSt4gOFKCi5TjiwiRVYhayHHB8HmKByka7AE",
  "n": "xbLYBJ3SXWsNcLG03ieLj3UcqOQa0z4KHgjDSIytAv9GgKotTJU9skUvXWLJJuHlAh1MjI9rBZenMuUTqvaHvxMxMpDn5sc2GOLxmoM_dJBAPKmLWhNPNlKAJCVDAWHGcydBNLu8_ZkGCKaXbLStWjPl2djokKNU7gJLGEdv_PaT8-DUKH65xJ7sAaEqgsaFjXUuK7eLQG3Dxd64CLpfiCl9szHZldQkV3t44zfdB9KdaZyWiHwqRUe0mdc4Nn3-QZ7PhfY1z2q0fxEetcMyjr_5RLDWgOltneNmxyrbaxNHUMuiSnroemaRXZMxLyx_c8rDL8YRZ5VXToQw2q4EDw"
}
2022-10-17 09:24:44 SUCCESS
GetResourceEndpointConfiguration
Found a resource endpoint object
resourceUrl
https://isamfed.com:6443/isvaop/oauth2/open-banking/v3.1/aisp/
resourceUrlAccountRequests
https://isamfed.com:6443/isvaop/oauth2/open-banking/v3.1/aisp/
resourceUrlAccountsResource
https://isamfed.com:6443/isvaop/oauth2/open-banking/v3.1/aisp/
2022-10-17 09:24:44 SUCCESS
SetProtectedResourceUrlToAccountsEndpoint
Set protected resource URL
protected_resource_url
https://isamfed.com:6443/isvaop/oauth2/open-banking/v3.1/aisp/accounts
2022-10-17 09:24:44 SUCCESS
ExtractTLSTestValuesFromResourceConfiguration
Extracted TLS information from resource endpoint
resource_endpoint
{
  "testHost": "isamfed.com",
  "testPort": 6443
}
2022-10-17 09:24:44 SUCCESS
ExtractTLSTestValuesFromOBResourceConfiguration
Extracted TLS information from resource endpoint
accounts_resource_endpoint
{
  "testHost": "isamfed.com",
  "testPort": 6443
}
accounts_request_endpoint
{
  "testHost": "isamfed.com",
  "testPort": 6443
}
2022-10-17 09:24:44
fapi1-advanced-final-ensure-request-object-with-long-nonce
Setup Done
Use client_credentials grant to obtain OpenBanking UK intent_id
2022-10-17 09:24:44 SUCCESS
CreateTokenEndpointRequestForClientCredentialsGrant
Created token endpoint request
grant_type
client_credentials
scope
openid email
2022-10-17 09:24:44 SUCCESS
SetAccountScopeOnTokenEndpointRequest
Set scope parameter to accounts for OB testing
grant_type
client_credentials
scope
accounts
2022-10-17 09:24:44 SUCCESS
CreateClientAuthenticationAssertionClaims
Created client assertion claims
iss
client_ukob01
sub
client_ukob01
aud
https://isamfed.com:6443/isvaop/oauth2/token
jti
gBlhlgiBr9eyzwMQjKfV
iat
1665998684
exp
1665998744
2022-10-17 09:24:44 SUCCESS
SignClientAuthenticationAssertion
Signed the client assertion
client_assertion
eyJraWQiOiJyaXN0cmV0dG90ZXN0IiwiYWxnIjoiUFMyNTYifQ.eyJzdWIiOiJjbGllbnRfdWtvYjAxIiwiYXVkIjoiaHR0cHM6XC9cL2lzYW1mZWQuY29tOjY0NDNcL2lzdmFvcFwvb2F1dGgyXC90b2tlbiIsImlzcyI6ImNsaWVudF91a29iMDEiLCJleHAiOjE2NjU5OTg3NDQsImlhdCI6MTY2NTk5ODY4NCwianRpIjoiZ0JsaGxnaUJyOWV5endNUWpLZlYifQ.GnJ5A_RgabaOOcMLgVaWjJUDs1nQD1d37DKaQFNZH7f4vVpftG6wXkl7wY6xNrOPYaRKr1heVRaIO3uQkAqwOXDm5zdArYz73bIft-8H6NYRo2RDr7_FBeKp0jGIYvKahCz3_7L0QIiUv1tINjkfhUqUjIVX6ezxC6OV-krKkFBpwm-zt_DPlEseSchTPHAmQA9hyWlbbKeMUtxJpqykfKVAxQvFzTUVuUh430Q3oibdT9XeWTjQUwAyDYBoPtuKVhBfJSa_K6mSJ03Lb9LgUhSo0RuJWAPKr1UYIdvNFttmDqCG6UCHu652ZqmLEpDquzb_yenso1NiAhDqi7ZA6g
2022-10-17 09:24:44
AddClientAssertionToTokenEndpointRequest
Added client assertion
grant_type
client_credentials
scope
accounts
client_assertion
eyJraWQiOiJyaXN0cmV0dG90ZXN0IiwiYWxnIjoiUFMyNTYifQ.eyJzdWIiOiJjbGllbnRfdWtvYjAxIiwiYXVkIjoiaHR0cHM6XC9cL2lzYW1mZWQuY29tOjY0NDNcL2lzdmFvcFwvb2F1dGgyXC90b2tlbiIsImlzcyI6ImNsaWVudF91a29iMDEiLCJleHAiOjE2NjU5OTg3NDQsImlhdCI6MTY2NTk5ODY4NCwianRpIjoiZ0JsaGxnaUJyOWV5endNUWpLZlYifQ.GnJ5A_RgabaOOcMLgVaWjJUDs1nQD1d37DKaQFNZH7f4vVpftG6wXkl7wY6xNrOPYaRKr1heVRaIO3uQkAqwOXDm5zdArYz73bIft-8H6NYRo2RDr7_FBeKp0jGIYvKahCz3_7L0QIiUv1tINjkfhUqUjIVX6ezxC6OV-krKkFBpwm-zt_DPlEseSchTPHAmQA9hyWlbbKeMUtxJpqykfKVAxQvFzTUVuUh430Q3oibdT9XeWTjQUwAyDYBoPtuKVhBfJSa_K6mSJ03Lb9LgUhSo0RuJWAPKr1UYIdvNFttmDqCG6UCHu652ZqmLEpDquzb_yenso1NiAhDqi7ZA6g
client_assertion_type
urn:ietf:params:oauth:client-assertion-type:jwt-bearer
2022-10-17 09:24:44
CallTokenEndpoint
HTTP request
request_uri
https://isamfed.com:6443/isvaop/oauth2/token
request_method
POST
request_headers
{
  "accept": "application/json",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "765"
}
request_body
grant_type=client_credentials&scope=accounts&client_assertion=eyJraWQiOiJyaXN0cmV0dG90ZXN0IiwiYWxnIjoiUFMyNTYifQ.eyJzdWIiOiJjbGllbnRfdWtvYjAxIiwiYXVkIjoiaHR0cHM6XC9cL2lzYW1mZWQuY29tOjY0NDNcL2lzdmFvcFwvb2F1dGgyXC90b2tlbiIsImlzcyI6ImNsaWVudF91a29iMDEiLCJleHAiOjE2NjU5OTg3NDQsImlhdCI6MTY2NTk5ODY4NCwianRpIjoiZ0JsaGxnaUJyOWV5endNUWpLZlYifQ.GnJ5A_RgabaOOcMLgVaWjJUDs1nQD1d37DKaQFNZH7f4vVpftG6wXkl7wY6xNrOPYaRKr1heVRaIO3uQkAqwOXDm5zdArYz73bIft-8H6NYRo2RDr7_FBeKp0jGIYvKahCz3_7L0QIiUv1tINjkfhUqUjIVX6ezxC6OV-krKkFBpwm-zt_DPlEseSchTPHAmQA9hyWlbbKeMUtxJpqykfKVAxQvFzTUVuUh430Q3oibdT9XeWTjQUwAyDYBoPtuKVhBfJSa_K6mSJ03Lb9LgUhSo0RuJWAPKr1UYIdvNFttmDqCG6UCHu652ZqmLEpDquzb_yenso1NiAhDqi7ZA6g&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer
request_mutual_tls
{
  "cert": "MIIDtzCCAp+gAwIBAgIUecoZmREQNgLwFH/TMEWLTwb1CB8wDQYJKoZIhvcNAQELBQAwazELMAkGA1UEBhMCU0cxEjAQBgNVBAgMCXNpbmdhcG9yZTESMBAGA1UEBwwJc2luZ2Fwb3JlMQwwCgYDVQQKDANJQk0xETAPBgNVBAsMCHNlY3VyaXR5MRMwEQYDVQQDDApjbGllbnRJRDAxMB4XDTIyMDEwNDA0MzE1M1oXDTQxMDkyMTA0MzE1M1owazELMAkGA1UEBhMCU0cxEjAQBgNVBAgMCXNpbmdhcG9yZTESMBAGA1UEBwwJc2luZ2Fwb3JlMQwwCgYDVQQKDANJQk0xETAPBgNVBAsMCHNlY3VyaXR5MRMwEQYDVQQDDApjbGllbnRJRDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2CIojMF5NdBrY48wKHtvzUHUPlMcHSYgJM4wv67sDXVSCQOZd07spVW6VG4OdDLvCK+fhdX+EH5+jUkCfCxn1vCiyK/T6ArZJzdcsjFTtEbqAH+jbITYLa1Og38EI0ARvWyPbU4jRd53PKliCRYoZXoKHnEL2fz6voUlIgyBh+0Et++A3RLWPDUnFslJpwwDZl4NkttpTrAgbxMt07vyZuO9nmsiC/Ax9u9lFNrtUtX87Njd957IoLE+hOgEKpNp0cwrw/P8y0/Vk8HtdzHWf6mqmw4gxnmk9s2MIUxoYRJewqgDU4/f7ukY2Kl++ptLUDRUfCuTckS7r+aLIipxQIDAQABo1MwUTAdBgNVHQ4EFgQU/UtMjt5v2kVdyNfPDjijZi42WIQwHwYDVR0jBBgwFoAU/UtMjt5v2kVdyNfPDjijZi42WIQwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAWex3c0yfWkszPtF6B4cPUwwTMiwQ2GyQxxeV9iOuXoMQ6Nf7IBi3KijaWb17E690/Es4cS0P6WWyWa0pd9e/OWq/7HtA86TTiHUp8lkYM0Bc6317SjOYR3E0oIx53pHXtM/afK+ROzAux9xzztKjGyE13cNJYErSggLeMhW0kwUwRU3Wsl4DYwfqbuT62vvbya/Zf6u/lGvMGHoFozRTqPXtboFKoPLmQXzo92tw1UxRyPmeFiZfIjzee7gOShseCuD2dS59Ie+aD/ymI1FdElDB29J4flhKfJxQl0EQTjXaXR4kRw+zB4OzNIjv3FD2F4kq7qsxzyFb14z8bkp/gA\u003d\u003d",
  "key": "MIIEpAIBAAKCAQEAp2CIojMF5NdBrY48wKHtvzUHUPlMcHSYgJM4wv67sDXVSCQOZd07spVW6VG4OdDLvCK+fhdX+EH5+jUkCfCxn1vCiyK/T6ArZJzdcsjFTtEbqAH+jbITYLa1Og38EI0ARvWyPbU4jRd53PKliCRYoZXoKHnEL2fz6voUlIgyBh+0Et++A3RLWPDUnFslJpwwDZl4NkttpTrAgbxMt07vyZuO9nmsiC/Ax9u9lFNrtUtX87Njd957IoLE+hOgEKpNp0cwrw/P8y0/Vk8HtdzHWf6mqmw4gxnmk9s2MIUxoYRJewqgDU4/f7ukY2Kl++ptLUDRUfCuTckS7r+aLIipxQIDAQABAoIBAEOmr/MnPlWdb41vtTyC9q5XB6sB6JR3fABUARhHj6MMTzWGZU9k2TE4TVWm0xiDPSXAwVADrWnJePlZq0RdRd3MX9iO5daQPZnAEX3Iin9t44jHrZSmClEH6D4b0ur5osgLnMx2R/I3L+lPJfrd/fjpt1lMxjAHCz7Jb7INTnLMjBl8Lji9witoeQseo2+SRLanNckCw9t2/WkqlpyTUnVg6icB9QLAh0ASE/zlMdFMYlo1llfxToRpZKQuE0zTXtvMqfkutqSUb8hLSBTYuMHOh8aycMB//JgiAMwrHVSVcRn2oMqnk5vm08i/sLK8TT8AGAf8Evn0GJJ88kKHvqECgYEA2Xnd/4+98ZiEnLbkgRPVX7pWVa2ZqCAZ4Cf75cv+IlQ3crJniX0IEOpFS71fF8/Ei7DIAELe9zeopQvkUdfzMlC7Rg5AuhJzRIL+FaUFlLJOMz+S7eqiLeabclYGIbZrX+n8Xic01oQxRipgV1XMKj+D3MROUoRCWNMS1Xqghe0CgYEAxQbFsTjipyvk6ZvrpucqAZ1IVIGiVELGMlUEGmyJ8CgXd3gwmU88RahmwBes0GNzm5hws9J+C/S/zt6gu1pP1g/lEpx4/yxg6MZk8AQEk3VG63Tg2rEzjEIQsz0fTXbO1AVSJvEuReB8VCgQEKNYMxrqdHXvpSFHOhQLbvebODkCgYEAgK7e0IjCkQF5fq2t+j69JD7DNUFayaPtC7k9EVWqk6+Xe7PbFfy42CF3TYDJkvJqz2mUfqsS+d+iV774pAEPM3eXyLVIUZH3SNPl+vLBoaH8KdD1ZPhQbK6mznneePZTBNcUcLXsSv6/lVAf362x+FHK+cfivGrsQ1jqLQ25jGUCgYBVrLY2dDgK3YlzE/wK3aZkgVI8fQprfYXVySY5n0z0A1sA9mCbqdrZp3rWuPTKwRQ6arVHXJa2+DyX5jMahREGUm8YAraSr2eMkQi/Xd/nhy3JoU9NiZSSvv+oEUIVWz5g79djW6j1dcJajfk+Yuktf9zHu6jzs17XoHPAUydJ8QKBgQCreujKz7G5EEXkwdEqFFolM9A8ZMB2k3t6FaM4P/lEUs+nFkxYz2+rxI4HMCE0UOCw58ukQjNmXJhumAAB0HIC28gFVuk8FXPRI46ZRQ4uuqQcSCr3/0yPSrJe3uU+IC74iHff9XHmwiHwcpmgsDclyg4Ga5eCf1XNKmZLtu/4Xg\u003d\u003d",
  "ca": "MIIDtzCCAp+gAwIBAgIUecoZmREQNgLwFH/TMEWLTwb1CB8wDQYJKoZIhvcNAQELBQAwazELMAkGA1UEBhMCU0cxEjAQBgNVBAgMCXNpbmdhcG9yZTESMBAGA1UEBwwJc2luZ2Fwb3JlMQwwCgYDVQQKDANJQk0xETAPBgNVBAsMCHNlY3VyaXR5MRMwEQYDVQQDDApjbGllbnRJRDAxMB4XDTIyMDEwNDA0MzE1M1oXDTQxMDkyMTA0MzE1M1owazELMAkGA1UEBhMCU0cxEjAQBgNVBAgMCXNpbmdhcG9yZTESMBAGA1UEBwwJc2luZ2Fwb3JlMQwwCgYDVQQKDANJQk0xETAPBgNVBAsMCHNlY3VyaXR5MRMwEQYDVQQDDApjbGllbnRJRDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2CIojMF5NdBrY48wKHtvzUHUPlMcHSYgJM4wv67sDXVSCQOZd07spVW6VG4OdDLvCK+fhdX+EH5+jUkCfCxn1vCiyK/T6ArZJzdcsjFTtEbqAH+jbITYLa1Og38EI0ARvWyPbU4jRd53PKliCRYoZXoKHnEL2fz6voUlIgyBh+0Et++A3RLWPDUnFslJpwwDZl4NkttpTrAgbxMt07vyZuO9nmsiC/Ax9u9lFNrtUtX87Njd957IoLE+hOgEKpNp0cwrw/P8y0/Vk8HtdzHWf6mqmw4gxnmk9s2MIUxoYRJewqgDU4/f7ukY2Kl++ptLUDRUfCuTckS7r+aLIipxQIDAQABo1MwUTAdBgNVHQ4EFgQU/UtMjt5v2kVdyNfPDjijZi42WIQwHwYDVR0jBBgwFoAU/UtMjt5v2kVdyNfPDjijZi42WIQwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAWex3c0yfWkszPtF6B4cPUwwTMiwQ2GyQxxeV9iOuXoMQ6Nf7IBi3KijaWb17E690/Es4cS0P6WWyWa0pd9e/OWq/7HtA86TTiHUp8lkYM0Bc6317SjOYR3E0oIx53pHXtM/afK+ROzAux9xzztKjGyE13cNJYErSggLeMhW0kwUwRU3Wsl4DYwfqbuT62vvbya/Zf6u/lGvMGHoFozRTqPXtboFKoPLmQXzo92tw1UxRyPmeFiZfIjzee7gOShseCuD2dS59Ie+aD/ymI1FdElDB29J4flhKfJxQl0EQTjXaXR4kRw+zB4OzNIjv3FD2F4kq7qsxzyFb14z8bkp/gA\u003d\u003d"
}
2022-10-17 09:24:45 RESPONSE
CallTokenEndpoint
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "content-length": "208",
  "content-type": "application/json;charset\u003dUTF-8",
  "date": "Mon, 17 Oct 2022 09:24:45 GMT",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "cache-control": "no-store",
  "x-correlation-id": "CORR_ID-3cd82d08-6eb7-49b6-98e1-4fa269bdef3c",
  "strict-transport-security": "max-age\u003d31536000; includeSubDomains",
  "pragma": "no-cache",
  "set-cookie": "PD-S-SESSION-ID\u003d1_2_1_GwnmvZHeVA3lUpbBFlrYpjYG4CJ7I2DFV8No-yM48nK2Z0K2; Path\u003d/; Secure; HttpOnly"
}
response_body
{"access_token":"w_35R7QDXWVZAZFauI9QmkyuK1QIPNrkZ-UjgW2gIQQ.BGgmv-w7qD5ezCCocrfwTiC3Anq5QS5b2OUyiOfWrKQUDd6Rr-loc5n8BWx5js4OJLqeVk-th5ghTJNTeglDNA","expires_in":7199,"scope":"accounts","token_type":"bearer"}
2022-10-17 09:24:45 SUCCESS
CallTokenEndpoint
Parsed token endpoint response
access_token
w_35R7QDXWVZAZFauI9QmkyuK1QIPNrkZ-UjgW2gIQQ.BGgmv-w7qD5ezCCocrfwTiC3Anq5QS5b2OUyiOfWrKQUDd6Rr-loc5n8BWx5js4OJLqeVk-th5ghTJNTeglDNA
expires_in
7199
scope
accounts
token_type
bearer
2022-10-17 09:24:45 SUCCESS
CheckIfTokenEndpointResponseError
No error from token endpoint
2022-10-17 09:24:45 SUCCESS
CheckForAccessTokenValue
Found an access token
access_token
w_35R7QDXWVZAZFauI9QmkyuK1QIPNrkZ-UjgW2gIQQ.BGgmv-w7qD5ezCCocrfwTiC3Anq5QS5b2OUyiOfWrKQUDd6Rr-loc5n8BWx5js4OJLqeVk-th5ghTJNTeglDNA
2022-10-17 09:24:45 SUCCESS
ExtractAccessTokenFromTokenResponse
Extracted the access token
value
w_35R7QDXWVZAZFauI9QmkyuK1QIPNrkZ-UjgW2gIQQ.BGgmv-w7qD5ezCCocrfwTiC3Anq5QS5b2OUyiOfWrKQUDd6Rr-loc5n8BWx5js4OJLqeVk-th5ghTJNTeglDNA
type
bearer
2022-10-17 09:24:45 SUCCESS
ExtractExpiresInFromTokenEndpointResponse
Extracted 'expires_in'
expires_in
7199
2022-10-17 09:24:45 SUCCESS
ValidateExpiresIn
expires_in passed all validation checks
expires_in
7199
2022-10-17 09:24:45
CreateEmptyResourceEndpointRequestHeaders
Created empty headers
resource_endpoint_request_headers
{}
2022-10-17 09:24:45 SUCCESS
AddFAPIAuthDateToResourceEndpointRequest
Added x-fapi-auth-date to resource endpoint request headers
resource_endpoint_request_headers
{
  "x-fapi-auth-date": "Mon, 17 Oct 2022 09:24:45 GMT"
}
2022-10-17 09:24:45 SUCCESS
CreateCreateAccountRequestRequest
account_requests_endpoint_request
{
  "Data": {
    "Permissions": [
      "ReadAccountsBasic"
    ]
  },
  "Risk": {}
}
2022-10-17 09:24:45
CallAccountRequestsEndpointWithBearerToken
Found '/v3.' in the resource url, using OB V3 API 'account-access-consents'
resource_endpoint
https://isamfed.com:6443/isvaop/oauth2/open-banking/v3.1/aisp/
2022-10-17 09:24:45
CallAccountRequestsEndpointWithBearerToken
HTTP request
request_uri
https://isamfed.com:6443/isvaop/oauth2/open-banking/v3.1/aisp/account-access-consents
request_method
POST
request_headers
{
  "accept": "application/json",
  "x-fapi-auth-date": "Mon, 17 Oct 2022 09:24:45 GMT",
  "content-type": "application/json",
  "authorization": "Bearer w_35R7QDXWVZAZFauI9QmkyuK1QIPNrkZ-UjgW2gIQQ.BGgmv-w7qD5ezCCocrfwTiC3Anq5QS5b2OUyiOfWrKQUDd6Rr-loc5n8BWx5js4OJLqeVk-th5ghTJNTeglDNA",
  "content-length": "56"
}
request_body
{"Data":{"Permissions":["ReadAccountsBasic"]},"Risk":{}}
request_mutual_tls
{
  "cert": "MIIDtzCCAp+gAwIBAgIUecoZmREQNgLwFH/TMEWLTwb1CB8wDQYJKoZIhvcNAQELBQAwazELMAkGA1UEBhMCU0cxEjAQBgNVBAgMCXNpbmdhcG9yZTESMBAGA1UEBwwJc2luZ2Fwb3JlMQwwCgYDVQQKDANJQk0xETAPBgNVBAsMCHNlY3VyaXR5MRMwEQYDVQQDDApjbGllbnRJRDAxMB4XDTIyMDEwNDA0MzE1M1oXDTQxMDkyMTA0MzE1M1owazELMAkGA1UEBhMCU0cxEjAQBgNVBAgMCXNpbmdhcG9yZTESMBAGA1UEBwwJc2luZ2Fwb3JlMQwwCgYDVQQKDANJQk0xETAPBgNVBAsMCHNlY3VyaXR5MRMwEQYDVQQDDApjbGllbnRJRDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2CIojMF5NdBrY48wKHtvzUHUPlMcHSYgJM4wv67sDXVSCQOZd07spVW6VG4OdDLvCK+fhdX+EH5+jUkCfCxn1vCiyK/T6ArZJzdcsjFTtEbqAH+jbITYLa1Og38EI0ARvWyPbU4jRd53PKliCRYoZXoKHnEL2fz6voUlIgyBh+0Et++A3RLWPDUnFslJpwwDZl4NkttpTrAgbxMt07vyZuO9nmsiC/Ax9u9lFNrtUtX87Njd957IoLE+hOgEKpNp0cwrw/P8y0/Vk8HtdzHWf6mqmw4gxnmk9s2MIUxoYRJewqgDU4/f7ukY2Kl++ptLUDRUfCuTckS7r+aLIipxQIDAQABo1MwUTAdBgNVHQ4EFgQU/UtMjt5v2kVdyNfPDjijZi42WIQwHwYDVR0jBBgwFoAU/UtMjt5v2kVdyNfPDjijZi42WIQwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAWex3c0yfWkszPtF6B4cPUwwTMiwQ2GyQxxeV9iOuXoMQ6Nf7IBi3KijaWb17E690/Es4cS0P6WWyWa0pd9e/OWq/7HtA86TTiHUp8lkYM0Bc6317SjOYR3E0oIx53pHXtM/afK+ROzAux9xzztKjGyE13cNJYErSggLeMhW0kwUwRU3Wsl4DYwfqbuT62vvbya/Zf6u/lGvMGHoFozRTqPXtboFKoPLmQXzo92tw1UxRyPmeFiZfIjzee7gOShseCuD2dS59Ie+aD/ymI1FdElDB29J4flhKfJxQl0EQTjXaXR4kRw+zB4OzNIjv3FD2F4kq7qsxzyFb14z8bkp/gA\u003d\u003d",
  "key": "MIIEpAIBAAKCAQEAp2CIojMF5NdBrY48wKHtvzUHUPlMcHSYgJM4wv67sDXVSCQOZd07spVW6VG4OdDLvCK+fhdX+EH5+jUkCfCxn1vCiyK/T6ArZJzdcsjFTtEbqAH+jbITYLa1Og38EI0ARvWyPbU4jRd53PKliCRYoZXoKHnEL2fz6voUlIgyBh+0Et++A3RLWPDUnFslJpwwDZl4NkttpTrAgbxMt07vyZuO9nmsiC/Ax9u9lFNrtUtX87Njd957IoLE+hOgEKpNp0cwrw/P8y0/Vk8HtdzHWf6mqmw4gxnmk9s2MIUxoYRJewqgDU4/f7ukY2Kl++ptLUDRUfCuTckS7r+aLIipxQIDAQABAoIBAEOmr/MnPlWdb41vtTyC9q5XB6sB6JR3fABUARhHj6MMTzWGZU9k2TE4TVWm0xiDPSXAwVADrWnJePlZq0RdRd3MX9iO5daQPZnAEX3Iin9t44jHrZSmClEH6D4b0ur5osgLnMx2R/I3L+lPJfrd/fjpt1lMxjAHCz7Jb7INTnLMjBl8Lji9witoeQseo2+SRLanNckCw9t2/WkqlpyTUnVg6icB9QLAh0ASE/zlMdFMYlo1llfxToRpZKQuE0zTXtvMqfkutqSUb8hLSBTYuMHOh8aycMB//JgiAMwrHVSVcRn2oMqnk5vm08i/sLK8TT8AGAf8Evn0GJJ88kKHvqECgYEA2Xnd/4+98ZiEnLbkgRPVX7pWVa2ZqCAZ4Cf75cv+IlQ3crJniX0IEOpFS71fF8/Ei7DIAELe9zeopQvkUdfzMlC7Rg5AuhJzRIL+FaUFlLJOMz+S7eqiLeabclYGIbZrX+n8Xic01oQxRipgV1XMKj+D3MROUoRCWNMS1Xqghe0CgYEAxQbFsTjipyvk6ZvrpucqAZ1IVIGiVELGMlUEGmyJ8CgXd3gwmU88RahmwBes0GNzm5hws9J+C/S/zt6gu1pP1g/lEpx4/yxg6MZk8AQEk3VG63Tg2rEzjEIQsz0fTXbO1AVSJvEuReB8VCgQEKNYMxrqdHXvpSFHOhQLbvebODkCgYEAgK7e0IjCkQF5fq2t+j69JD7DNUFayaPtC7k9EVWqk6+Xe7PbFfy42CF3TYDJkvJqz2mUfqsS+d+iV774pAEPM3eXyLVIUZH3SNPl+vLBoaH8KdD1ZPhQbK6mznneePZTBNcUcLXsSv6/lVAf362x+FHK+cfivGrsQ1jqLQ25jGUCgYBVrLY2dDgK3YlzE/wK3aZkgVI8fQprfYXVySY5n0z0A1sA9mCbqdrZp3rWuPTKwRQ6arVHXJa2+DyX5jMahREGUm8YAraSr2eMkQi/Xd/nhy3JoU9NiZSSvv+oEUIVWz5g79djW6j1dcJajfk+Yuktf9zHu6jzs17XoHPAUydJ8QKBgQCreujKz7G5EEXkwdEqFFolM9A8ZMB2k3t6FaM4P/lEUs+nFkxYz2+rxI4HMCE0UOCw58ukQjNmXJhumAAB0HIC28gFVuk8FXPRI46ZRQ4uuqQcSCr3/0yPSrJe3uU+IC74iHff9XHmwiHwcpmgsDclyg4Ga5eCf1XNKmZLtu/4Xg\u003d\u003d",
  "ca": "MIIDtzCCAp+gAwIBAgIUecoZmREQNgLwFH/TMEWLTwb1CB8wDQYJKoZIhvcNAQELBQAwazELMAkGA1UEBhMCU0cxEjAQBgNVBAgMCXNpbmdhcG9yZTESMBAGA1UEBwwJc2luZ2Fwb3JlMQwwCgYDVQQKDANJQk0xETAPBgNVBAsMCHNlY3VyaXR5MRMwEQYDVQQDDApjbGllbnRJRDAxMB4XDTIyMDEwNDA0MzE1M1oXDTQxMDkyMTA0MzE1M1owazELMAkGA1UEBhMCU0cxEjAQBgNVBAgMCXNpbmdhcG9yZTESMBAGA1UEBwwJc2luZ2Fwb3JlMQwwCgYDVQQKDANJQk0xETAPBgNVBAsMCHNlY3VyaXR5MRMwEQYDVQQDDApjbGllbnRJRDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2CIojMF5NdBrY48wKHtvzUHUPlMcHSYgJM4wv67sDXVSCQOZd07spVW6VG4OdDLvCK+fhdX+EH5+jUkCfCxn1vCiyK/T6ArZJzdcsjFTtEbqAH+jbITYLa1Og38EI0ARvWyPbU4jRd53PKliCRYoZXoKHnEL2fz6voUlIgyBh+0Et++A3RLWPDUnFslJpwwDZl4NkttpTrAgbxMt07vyZuO9nmsiC/Ax9u9lFNrtUtX87Njd957IoLE+hOgEKpNp0cwrw/P8y0/Vk8HtdzHWf6mqmw4gxnmk9s2MIUxoYRJewqgDU4/f7ukY2Kl++ptLUDRUfCuTckS7r+aLIipxQIDAQABo1MwUTAdBgNVHQ4EFgQU/UtMjt5v2kVdyNfPDjijZi42WIQwHwYDVR0jBBgwFoAU/UtMjt5v2kVdyNfPDjijZi42WIQwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAWex3c0yfWkszPtF6B4cPUwwTMiwQ2GyQxxeV9iOuXoMQ6Nf7IBi3KijaWb17E690/Es4cS0P6WWyWa0pd9e/OWq/7HtA86TTiHUp8lkYM0Bc6317SjOYR3E0oIx53pHXtM/afK+ROzAux9xzztKjGyE13cNJYErSggLeMhW0kwUwRU3Wsl4DYwfqbuT62vvbya/Zf6u/lGvMGHoFozRTqPXtboFKoPLmQXzo92tw1UxRyPmeFiZfIjzee7gOShseCuD2dS59Ie+aD/ymI1FdElDB29J4flhKfJxQl0EQTjXaXR4kRw+zB4OzNIjv3FD2F4kq7qsxzyFb14z8bkp/gA\u003d\u003d"
}
2022-10-17 09:24:48 RESPONSE
CallAccountRequestsEndpointWithBearerToken
HTTP response
response_status_code
201 CREATED
response_status_text
Created
response_headers
{
  "content-length": "276",
  "content-type": "application/json;charset\u003dUTF-8",
  "date": "Mon, 17 Oct 2022 09:24:48 GMT",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-correlation-id": "CORR_ID-fe6a2920-31c0-4824-81c3-77624829d141",
  "x-fapi-interaction-id": "47c51ac0-2bfd-4042-a9b1-ca5ce7edcfb4",
  "strict-transport-security": "max-age\u003d31536000; includeSubDomains",
  "set-cookie": "PD-S-SESSION-ID\u003d1_2_1_TJ0U1cWsxF-40JAPbic+Pb9QRG76y-hm3t24Mp7Vctlgj-10; Path\u003d/; Secure; HttpOnly"
}
response_body
{"Data":{"Permissions":["ReadAccountsBasic"],"ConsentId":"client_ukob01.926afc11-f79e-49b1-94fe-1a0952bc3c38","Status":"AwaitingAuthorisation","CreationDateTime":"2022-10-17T09:24:48+07:00","StatusUpdateDateTime":"2022-10-17T09:24:48+07:00"},"Meta":{"TotalPages":1},"Risk":{}}
2022-10-17 09:24:48
CallAccountRequestsEndpointWithBearerToken
Account requests endpoint response
account_requests_endpoint_response
{"Data":{"Permissions":["ReadAccountsBasic"],"ConsentId":"client_ukob01.926afc11-f79e-49b1-94fe-1a0952bc3c38","Status":"AwaitingAuthorisation","CreationDateTime":"2022-10-17T09:24:48+07:00","StatusUpdateDateTime":"2022-10-17T09:24:48+07:00"},"Meta":{"TotalPages":1},"Risk":{}}
2022-10-17 09:24:48 SUCCESS
CallAccountRequestsEndpointWithBearerToken
Parsed account requests endpoint response
headers
{
  "content-length": "276",
  "content-type": "application/json;charset\u003dUTF-8",
  "date": "Mon, 17 Oct 2022 09:24:48 GMT",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-correlation-id": "CORR_ID-fe6a2920-31c0-4824-81c3-77624829d141",
  "x-fapi-interaction-id": "47c51ac0-2bfd-4042-a9b1-ca5ce7edcfb4",
  "strict-transport-security": "max-age\u003d31536000; includeSubDomains",
  "set-cookie": "PD-S-SESSION-ID\u003d1_2_1_TJ0U1cWsxF-40JAPbic+Pb9QRG76y-hm3t24Mp7Vctlgj-10; Path\u003d/; Secure; HttpOnly"
}
body
{"Data":{"Permissions":["ReadAccountsBasic"],"ConsentId":"client_ukob01.926afc11-f79e-49b1-94fe-1a0952bc3c38","Status":"AwaitingAuthorisation","CreationDateTime":"2022-10-17T09:24:48+07:00","StatusUpdateDateTime":"2022-10-17T09:24:48+07:00"},"Meta":{"TotalPages":1},"Risk":{}}
2022-10-17 09:24:48 SUCCESS
CheckIfAccountRequestsEndpointResponseError
No error from account requests endpoint
2022-10-17 09:24:48 SUCCESS
CheckForFAPIInteractionIdInResourceResponse
Found x-fapi-interaction-id
interaction_id
47c51ac0-2bfd-4042-a9b1-ca5ce7edcfb4
2022-10-17 09:24:48 SUCCESS
ExtractAccountRequestIdFromAccountRequestsEndpointResponse
Extracted the account request ID
account_request_id
client_ukob01.926afc11-f79e-49b1-94fe-1a0952bc3c38
Make request to authorization endpoint
2022-10-17 09:24:48 SUCCESS
CreateAuthorizationEndpointRequestFromClientInformation
Created authorization endpoint request
client_id
client_ukob01
redirect_uri
https://www.certification.openid.net/test/a/ISVAOP/callback
scope
openid email
2022-10-17 09:24:48 SUCCESS
AddAccountRequestIdToAuthorizationEndpointRequest
Added openbanking_intent_id claim to authorization_endpoint_request
authorization_endpoint_request
{
  "client_id": "client_ukob01",
  "redirect_uri": "https://www.certification.openid.net/test/a/ISVAOP/callback",
  "scope": "openid email",
  "claims": {
    "id_token": {
      "openbanking_intent_id": {
        "value": "client_ukob01.926afc11-f79e-49b1-94fe-1a0952bc3c38",
        "essential": true
      }
    }
  }
}
2022-10-17 09:24:48 SUCCESS
OpenBankingUkAddMultipleAcrClaimsToAuthorizationEndpointRequest
Added acr to request as an essential id_token claim
authorization_endpoint_request
{
  "client_id": "client_ukob01",
  "redirect_uri": "https://www.certification.openid.net/test/a/ISVAOP/callback",
  "scope": "openid email",
  "claims": {
    "id_token": {
      "openbanking_intent_id": {
        "value": "client_ukob01.926afc11-f79e-49b1-94fe-1a0952bc3c38",
        "essential": true
      },
      "acr": {
        "values": [
          "urn:openbanking:psd2:sca",
          "urn:openbanking:psd2:ca"
        ],
        "essential": true
      }
    }
  }
}
2022-10-17 09:24:48
CreateRandomStateValue
Created state value
requested_state_length
10
state
iC0gTaQsPN
2022-10-17 09:24:48 SUCCESS
AddStateToAuthorizationEndpointRequest
Added state parameter to request
client_id
client_ukob01
redirect_uri
https://www.certification.openid.net/test/a/ISVAOP/callback
scope
openid email
claims
{
  "id_token": {
    "openbanking_intent_id": {
      "value": "client_ukob01.926afc11-f79e-49b1-94fe-1a0952bc3c38",
      "essential": true
    },
    "acr": {
      "values": [
        "urn:openbanking:psd2:sca",
        "urn:openbanking:psd2:ca"
      ],
      "essential": true
    }
  }
}
state
iC0gTaQsPN
2022-10-17 09:24:48
CreateRandomNonceValue
Created nonce value
requested_nonce_length
384
nonce
DqpSvelNLI0EeWioznMGdCm4gCq5mtx3MECZCaQD8NMXAZrrZMQLnLbBO2gvBurh36s9LR8ASkOzK6NgZwXIqaBexl4P5WndvIjc93Slc3f9HajQbb59qAWU5GZspUUdtZFS0KCI8BlaPH2oRILUK083mVYlX7ZVVlKrI1eHog4cVFkgZtuTFx05Ck6PZE7TVcXjuuBv8ufdVPyIbuPNVheUUgsFVeG6PRhNGAf8EkH3wCXwDCtFKb7VrkLnwwsWEuHoXnHAMic60S3Pd5OS14VNdbTs6i5Sny1HoZWJC1zb51B91hHpdF2KxS2eXiWhxgx44ZIESm0YIHDhs3EOt4as4EDg0YbHOX1kaqLoTX98vhAc0WxIvdOX1ONMOomc
2022-10-17 09:24:48 SUCCESS
AddNonceToAuthorizationEndpointRequest
Added nonce parameter to request
client_id
client_ukob01
redirect_uri
https://www.certification.openid.net/test/a/ISVAOP/callback
scope
openid email
claims
{
  "id_token": {
    "openbanking_intent_id": {
      "value": "client_ukob01.926afc11-f79e-49b1-94fe-1a0952bc3c38",
      "essential": true
    },
    "acr": {
      "values": [
        "urn:openbanking:psd2:sca",
        "urn:openbanking:psd2:ca"
      ],
      "essential": true
    }
  }
}
state
iC0gTaQsPN
nonce
DqpSvelNLI0EeWioznMGdCm4gCq5mtx3MECZCaQD8NMXAZrrZMQLnLbBO2gvBurh36s9LR8ASkOzK6NgZwXIqaBexl4P5WndvIjc93Slc3f9HajQbb59qAWU5GZspUUdtZFS0KCI8BlaPH2oRILUK083mVYlX7ZVVlKrI1eHog4cVFkgZtuTFx05Ck6PZE7TVcXjuuBv8ufdVPyIbuPNVheUUgsFVeG6PRhNGAf8EkH3wCXwDCtFKb7VrkLnwwsWEuHoXnHAMic60S3Pd5OS14VNdbTs6i5Sny1HoZWJC1zb51B91hHpdF2KxS2eXiWhxgx44ZIESm0YIHDhs3EOt4as4EDg0YbHOX1kaqLoTX98vhAc0WxIvdOX1ONMOomc
2022-10-17 09:24:48 SUCCESS
SetAuthorizationEndpointRequestResponseTypeToCodeIdtoken
Added response_type parameter to request
client_id
client_ukob01
redirect_uri
https://www.certification.openid.net/test/a/ISVAOP/callback
scope
openid email
claims
{
  "id_token": {
    "openbanking_intent_id": {
      "value": "client_ukob01.926afc11-f79e-49b1-94fe-1a0952bc3c38",
      "essential": true
    },
    "acr": {
      "values": [
        "urn:openbanking:psd2:sca",
        "urn:openbanking:psd2:ca"
      ],
      "essential": true
    }
  }
}
state
iC0gTaQsPN
nonce
DqpSvelNLI0EeWioznMGdCm4gCq5mtx3MECZCaQD8NMXAZrrZMQLnLbBO2gvBurh36s9LR8ASkOzK6NgZwXIqaBexl4P5WndvIjc93Slc3f9HajQbb59qAWU5GZspUUdtZFS0KCI8BlaPH2oRILUK083mVYlX7ZVVlKrI1eHog4cVFkgZtuTFx05Ck6PZE7TVcXjuuBv8ufdVPyIbuPNVheUUgsFVeG6PRhNGAf8EkH3wCXwDCtFKb7VrkLnwwsWEuHoXnHAMic60S3Pd5OS14VNdbTs6i5Sny1HoZWJC1zb51B91hHpdF2KxS2eXiWhxgx44ZIESm0YIHDhs3EOt4as4EDg0YbHOX1kaqLoTX98vhAc0WxIvdOX1ONMOomc
response_type
code id_token
2022-10-17 09:24:48 SUCCESS
ConvertAuthorizationEndpointRequestToRequestObject
Created request object claims
request_object_claims
{
  "client_id": "client_ukob01",
  "redirect_uri": "https://www.certification.openid.net/test/a/ISVAOP/callback",
  "scope": "openid email",
  "claims": {
    "id_token": {
      "openbanking_intent_id": {
        "value": "client_ukob01.926afc11-f79e-49b1-94fe-1a0952bc3c38",
        "essential": true
      },
      "acr": {
        "values": [
          "urn:openbanking:psd2:sca",
          "urn:openbanking:psd2:ca"
        ],
        "essential": true
      }
    }
  },
  "state": "iC0gTaQsPN",
  "nonce": "DqpSvelNLI0EeWioznMGdCm4gCq5mtx3MECZCaQD8NMXAZrrZMQLnLbBO2gvBurh36s9LR8ASkOzK6NgZwXIqaBexl4P5WndvIjc93Slc3f9HajQbb59qAWU5GZspUUdtZFS0KCI8BlaPH2oRILUK083mVYlX7ZVVlKrI1eHog4cVFkgZtuTFx05Ck6PZE7TVcXjuuBv8ufdVPyIbuPNVheUUgsFVeG6PRhNGAf8EkH3wCXwDCtFKb7VrkLnwwsWEuHoXnHAMic60S3Pd5OS14VNdbTs6i5Sny1HoZWJC1zb51B91hHpdF2KxS2eXiWhxgx44ZIESm0YIHDhs3EOt4as4EDg0YbHOX1kaqLoTX98vhAc0WxIvdOX1ONMOomc",
  "response_type": "code id_token"
}
2022-10-17 09:24:48 SUCCESS
AddNbfToRequestObject
Added nbf to request object claims
nbf
1.665998688E9
2022-10-17 09:24:48 SUCCESS
AddExpToRequestObject
Added exp to request object claims
exp
1.665998988E9
2022-10-17 09:24:48 SUCCESS
AddAudToRequestObject
Added aud to request object claims
aud
https://isamfed.com:6443/isvaop/oauth2
2022-10-17 09:24:48 SUCCESS
AddIssToRequestObject
Added iss to request object claims
iss
client_ukob01
2022-10-17 09:24:48 SUCCESS
AddClientIdToRequestObject
Added client_id to request object claims
client_id
client_ukob01
2022-10-17 09:24:48 SUCCESS
SignRequestObject
Signed the request object
claims
{
  "aud": "https://isamfed.com:6443/isvaop/oauth2",
  "nbf": 1665998688,
  "scope": "openid email",
  "claims": {
    "id_token": {
      "acr": {
        "values": [
          "urn:openbanking:psd2:sca",
          "urn:openbanking:psd2:ca"
        ],
        "essential": true
      },
      "openbanking_intent_id": {
        "value": "client_ukob01.926afc11-f79e-49b1-94fe-1a0952bc3c38",
        "essential": true
      }
    }
  },
  "iss": "client_ukob01",
  "response_type": "code id_token",
  "redirect_uri": "https://www.certification.openid.net/test/a/ISVAOP/callback",
  "state": "iC0gTaQsPN",
  "exp": 1665998988,
  "nonce": "DqpSvelNLI0EeWioznMGdCm4gCq5mtx3MECZCaQD8NMXAZrrZMQLnLbBO2gvBurh36s9LR8ASkOzK6NgZwXIqaBexl4P5WndvIjc93Slc3f9HajQbb59qAWU5GZspUUdtZFS0KCI8BlaPH2oRILUK083mVYlX7ZVVlKrI1eHog4cVFkgZtuTFx05Ck6PZE7TVcXjuuBv8ufdVPyIbuPNVheUUgsFVeG6PRhNGAf8EkH3wCXwDCtFKb7VrkLnwwsWEuHoXnHAMic60S3Pd5OS14VNdbTs6i5Sny1HoZWJC1zb51B91hHpdF2KxS2eXiWhxgx44ZIESm0YIHDhs3EOt4as4EDg0YbHOX1kaqLoTX98vhAc0WxIvdOX1ONMOomc",
  "client_id": "client_ukob01"
}
header
{
  "kid": "ristrettotest",
  "alg": "PS256"
}
request_object
eyJraWQiOiJyaXN0cmV0dG90ZXN0IiwiYWxnIjoiUFMyNTYifQ.eyJhdWQiOiJodHRwczpcL1wvaXNhbWZlZC5jb206NjQ0M1wvaXN2YW9wXC9vYXV0aDIiLCJuYmYiOjE2NjU5OTg2ODgsInNjb3BlIjoib3BlbmlkIGVtYWlsIiwiY2xhaW1zIjp7ImlkX3Rva2VuIjp7ImFjciI6eyJ2YWx1ZXMiOlsidXJuOm9wZW5iYW5raW5nOnBzZDI6c2NhIiwidXJuOm9wZW5iYW5raW5nOnBzZDI6Y2EiXSwiZXNzZW50aWFsIjp0cnVlfSwib3BlbmJhbmtpbmdfaW50ZW50X2lkIjp7InZhbHVlIjoiY2xpZW50X3Vrb2IwMS45MjZhZmMxMS1mNzllLTQ5YjEtOTRmZS0xYTA5NTJiYzNjMzgiLCJlc3NlbnRpYWwiOnRydWV9fX0sImlzcyI6ImNsaWVudF91a29iMDEiLCJyZXNwb25zZV90eXBlIjoiY29kZSBpZF90b2tlbiIsInJlZGlyZWN0X3VyaSI6Imh0dHBzOlwvXC93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0XC90ZXN0XC9hXC9JU1ZBT1BcL2NhbGxiYWNrIiwic3RhdGUiOiJpQzBnVGFRc1BOIiwiZXhwIjoxNjY1OTk4OTg4LCJub25jZSI6IkRxcFN2ZWxOTEkwRWVXaW96bk1HZENtNGdDcTVtdHgzTUVDWkNhUUQ4Tk1YQVpyclpNUUxuTGJCTzJndkJ1cmgzNnM5TFI4QVNrT3pLNk5nWndYSXFhQmV4bDRQNVduZHZJamM5M1NsYzNmOUhhalFiYjU5cUFXVTVHWnNwVVVkdFpGUzBLQ0k4QmxhUEgyb1JJTFVLMDgzbVZZbFg3WlZWbEtySTFlSG9nNGNWRmtnWnR1VEZ4MDVDazZQWkU3VFZjWGp1dUJ2OHVmZFZQeUlidVBOVmhlVVVnc0ZWZUc2UFJoTkdBZjhFa0gzd0NYd0RDdEZLYjdWcmtMbnd3c1dFdUhvWG5IQU1pYzYwUzNQZDVPUzE0Vk5kYlRzNmk1U255MUhvWldKQzF6YjUxQjkxaEhwZEYyS3hTMmVYaVdoeGd4NDRaSUVTbTBZSUhEaHMzRU90NGFzNEVEZzBZYkhPWDFrYXFMb1RYOTh2aEFjMFd4SXZkT1gxT05NT29tYyIsImNsaWVudF9pZCI6ImNsaWVudF91a29iMDEifQ.XhpkYzbxnpDmZeJ52RfrLrvmGb1j8QMXGPvkMr_HHMN_y6e6bXolnp0vw3BWLzYK1eUTPNhsQ8LABdagAdjZI7Mg3tkSJSCDsOVB3WvdbKRxt6tHslEJqBTnX-ZcvnvzJSX3XWnt7sUt0LtzOE87Azq5nLXjl1xkNHgpHb2jpldOs3RzwedNqwC4lQfHR-yhuiB8vswDhbTynMqT_tsksr-2nLxTUWfvXThLIM5N3dyLoLm3bLW_M_recq6mv0gdhYk8stbhdvx95acw1jV8fUEO3lSP20E5ZiNy81V5uHv8wO2VzS2_zCMtKsX-5OJfdJlNJcTmWkt3zCB1-vypWw
key
{
  "p": "5POsvBfNiTqioCBLGaWsOQwTCPkGAECgCeWXqQykp6Cfbfoi1mvbRDAbNPjoLP88bOOt9v528Tpsi8ZuwQRn9XiK8IyyuxIrDaGBvfZCLCK513R8rX3gj-raer-FMaEIpr1bYCTOKBhyhcP46nTwfXNxTwfKFY7O0H8sWcBfF_M",
  "kty": "RSA",
  "q": "oqadQZ4jqFife7hlA2viAEGjJMu8ZRRIx15U19XKw4LbgHYAs3p965WO2lHJqkRUwD1YXZwqOcapUs2samp8JmoZ9j3OavwuRV7qW68_xV3W5xG8lV41RfKLX0c1ny7jJhPWOAbuJzjp3okjqy3hUBZ8Y2B25A2u8fxuhf7U3x0",
  "d": "Z-mgweEYkai9vr_dBYL0LaaHcfVv4D0X638cQIl99VNzZ8h3GqwtLC_zN6kx89S9C8nprfP2NvTegKxs-2bh-FN08k16zolcx6jEkZSgmUOhMLlpmB0qhHWOnYT047y-h9rQ9rZCVxIClJu5Whh8pa_Xlm3BDlbgJBEZSZAwbuWojQ3a-1J6Z8dP6aGqICUxOofz8z2KGxfQnCTmDIyfdCePmBlx7zdFvgq7SI9fDywkfo0ReBmVA4UX9DIbeR2nShZ53Q54rAPzbBLdwD3NzGeGN7Fk53PT3uYVBUq8nNzIwtdaeTRJ7_QxBBy769uG6I2yKIEE3hHldQT0hTs5AQ",
  "e": "AQAB",
  "use": "sig",
  "kid": "ristrettotest",
  "qi": "uzQHF2KOelrHJhOYBmoHkbiQqczkA3AQXOwAQME3P32dFJgOOB6QdCfrg1C2JTobx8Q3EVoko1j96QE2XCrWEBs9oW-4gg4CPGaU7BmVFt0lB88-ZD6E2N0byg2mekYtdGR3ifispEZHdIBP7TxW82in3fn-nB08YMqQAqqIGes",
  "dp": "UcoLBxapwkBEIFfo_DyHDcoWcrojPqvXgDGYwDdYCtoCmlMlZtwY9H8K-R2CM7DqcSvU1cuJyhtI85XrsuBUEwkA-XYJ03JmFvR_WNFESmgNY76lW4UAV-laK0eH2XbhlE9I-Uusqf4xyz97CKbF0ssOy2DI_HKLx0fnHBjw36k",
  "alg": "PS256",
  "dq": "KSaoYMKm2N_bMc0cWXpBCrmQki2ts5EnPLHEG3tuunpwGJdCZCZYl3MWWmwY7qgtHRooMj7hfA6kJlv9BEt-r6VmfiNzByRYfJqgBqRXKRMt3PZi1ROpvNG5q1hz25tcQvT_3Nr8BBZlLTVbPeL0v3OA8w-j5N0FZxnryKEJsI0",
  "n": "kXc19SlD_vUPcIA9Rf43Nd2kyvaPmsF8_BnwmX3N8svnIFlpAcSMeDKRGjpSZpOaVnrHyTeq19CFoTgRt1DT5mUJp9JmsXSZumMbcQBzCiwQvBO988nFCiZAJedAyo05PpuFQgIP0kQInEAevcduDeRWedE7pdb1TGMGnsLl7C3A7KdNBzU0sYooA04OYUGtJAdGaja-tSkZpHUAit7ywS2cBOx5UuNc2_oqWDoE7S_RfxYqouoIV36o0nR_IukvhpdGQ3aX8JVXHSdiuAgOmu3v3X6JKem20f2rt8-mKG0kqBLIYbYHErTwPtaXbs2H6vtRECrTSPlRIbh_j95jhw"
}
2022-10-17 09:24:48 SUCCESS
BuildRequestObjectByValueRedirectToAuthorizationEndpoint
Sending to authorization endpoint
redirect_to_authorization_endpoint
https://isamfed.com:6443/isvaop/oauth2/authorize?request=eyJraWQiOiJyaXN0cmV0dG90ZXN0IiwiYWxnIjoiUFMyNTYifQ.eyJhdWQiOiJodHRwczpcL1wvaXNhbWZlZC5jb206NjQ0M1wvaXN2YW9wXC9vYXV0aDIiLCJuYmYiOjE2NjU5OTg2ODgsInNjb3BlIjoib3BlbmlkIGVtYWlsIiwiY2xhaW1zIjp7ImlkX3Rva2VuIjp7ImFjciI6eyJ2YWx1ZXMiOlsidXJuOm9wZW5iYW5raW5nOnBzZDI6c2NhIiwidXJuOm9wZW5iYW5raW5nOnBzZDI6Y2EiXSwiZXNzZW50aWFsIjp0cnVlfSwib3BlbmJhbmtpbmdfaW50ZW50X2lkIjp7InZhbHVlIjoiY2xpZW50X3Vrb2IwMS45MjZhZmMxMS1mNzllLTQ5YjEtOTRmZS0xYTA5NTJiYzNjMzgiLCJlc3NlbnRpYWwiOnRydWV9fX0sImlzcyI6ImNsaWVudF91a29iMDEiLCJyZXNwb25zZV90eXBlIjoiY29kZSBpZF90b2tlbiIsInJlZGlyZWN0X3VyaSI6Imh0dHBzOlwvXC93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0XC90ZXN0XC9hXC9JU1ZBT1BcL2NhbGxiYWNrIiwic3RhdGUiOiJpQzBnVGFRc1BOIiwiZXhwIjoxNjY1OTk4OTg4LCJub25jZSI6IkRxcFN2ZWxOTEkwRWVXaW96bk1HZENtNGdDcTVtdHgzTUVDWkNhUUQ4Tk1YQVpyclpNUUxuTGJCTzJndkJ1cmgzNnM5TFI4QVNrT3pLNk5nWndYSXFhQmV4bDRQNVduZHZJamM5M1NsYzNmOUhhalFiYjU5cUFXVTVHWnNwVVVkdFpGUzBLQ0k4QmxhUEgyb1JJTFVLMDgzbVZZbFg3WlZWbEtySTFlSG9nNGNWRmtnWnR1VEZ4MDVDazZQWkU3VFZjWGp1dUJ2OHVmZFZQeUlidVBOVmhlVVVnc0ZWZUc2UFJoTkdBZjhFa0gzd0NYd0RDdEZLYjdWcmtMbnd3c1dFdUhvWG5IQU1pYzYwUzNQZDVPUzE0Vk5kYlRzNmk1U255MUhvWldKQzF6YjUxQjkxaEhwZEYyS3hTMmVYaVdoeGd4NDRaSUVTbTBZSUhEaHMzRU90NGFzNEVEZzBZYkhPWDFrYXFMb1RYOTh2aEFjMFd4SXZkT1gxT05NT29tYyIsImNsaWVudF9pZCI6ImNsaWVudF91a29iMDEifQ.XhpkYzbxnpDmZeJ52RfrLrvmGb1j8QMXGPvkMr_HHMN_y6e6bXolnp0vw3BWLzYK1eUTPNhsQ8LABdagAdjZI7Mg3tkSJSCDsOVB3WvdbKRxt6tHslEJqBTnX-ZcvnvzJSX3XWnt7sUt0LtzOE87Azq5nLXjl1xkNHgpHb2jpldOs3RzwedNqwC4lQfHR-yhuiB8vswDhbTynMqT_tsksr-2nLxTUWfvXThLIM5N3dyLoLm3bLW_M_recq6mv0gdhYk8stbhdvx95acw1jV8fUEO3lSP20E5ZiNy81V5uHv8wO2VzS2_zCMtKsX-5OJfdJlNJcTmWkt3zCB1-vypWw&client_id=client_ukob01&redirect_uri=https://www.certification.openid.net/test/a/ISVAOP/callback&scope=openid%20email&response_type=code%20id_token
2022-10-17 09:24:48 REDIRECT
fapi1-advanced-final-ensure-request-object-with-long-nonce
Redirecting to authorization endpoint
redirect_to
https://isamfed.com:6443/isvaop/oauth2/authorize?request=eyJraWQiOiJyaXN0cmV0dG90ZXN0IiwiYWxnIjoiUFMyNTYifQ.eyJhdWQiOiJodHRwczpcL1wvaXNhbWZlZC5jb206NjQ0M1wvaXN2YW9wXC9vYXV0aDIiLCJuYmYiOjE2NjU5OTg2ODgsInNjb3BlIjoib3BlbmlkIGVtYWlsIiwiY2xhaW1zIjp7ImlkX3Rva2VuIjp7ImFjciI6eyJ2YWx1ZXMiOlsidXJuOm9wZW5iYW5raW5nOnBzZDI6c2NhIiwidXJuOm9wZW5iYW5raW5nOnBzZDI6Y2EiXSwiZXNzZW50aWFsIjp0cnVlfSwib3BlbmJhbmtpbmdfaW50ZW50X2lkIjp7InZhbHVlIjoiY2xpZW50X3Vrb2IwMS45MjZhZmMxMS1mNzllLTQ5YjEtOTRmZS0xYTA5NTJiYzNjMzgiLCJlc3NlbnRpYWwiOnRydWV9fX0sImlzcyI6ImNsaWVudF91a29iMDEiLCJyZXNwb25zZV90eXBlIjoiY29kZSBpZF90b2tlbiIsInJlZGlyZWN0X3VyaSI6Imh0dHBzOlwvXC93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0XC90ZXN0XC9hXC9JU1ZBT1BcL2NhbGxiYWNrIiwic3RhdGUiOiJpQzBnVGFRc1BOIiwiZXhwIjoxNjY1OTk4OTg4LCJub25jZSI6IkRxcFN2ZWxOTEkwRWVXaW96bk1HZENtNGdDcTVtdHgzTUVDWkNhUUQ4Tk1YQVpyclpNUUxuTGJCTzJndkJ1cmgzNnM5TFI4QVNrT3pLNk5nWndYSXFhQmV4bDRQNVduZHZJamM5M1NsYzNmOUhhalFiYjU5cUFXVTVHWnNwVVVkdFpGUzBLQ0k4QmxhUEgyb1JJTFVLMDgzbVZZbFg3WlZWbEtySTFlSG9nNGNWRmtnWnR1VEZ4MDVDazZQWkU3VFZjWGp1dUJ2OHVmZFZQeUlidVBOVmhlVVVnc0ZWZUc2UFJoTkdBZjhFa0gzd0NYd0RDdEZLYjdWcmtMbnd3c1dFdUhvWG5IQU1pYzYwUzNQZDVPUzE0Vk5kYlRzNmk1U255MUhvWldKQzF6YjUxQjkxaEhwZEYyS3hTMmVYaVdoeGd4NDRaSUVTbTBZSUhEaHMzRU90NGFzNEVEZzBZYkhPWDFrYXFMb1RYOTh2aEFjMFd4SXZkT1gxT05NT29tYyIsImNsaWVudF9pZCI6ImNsaWVudF91a29iMDEifQ.XhpkYzbxnpDmZeJ52RfrLrvmGb1j8QMXGPvkMr_HHMN_y6e6bXolnp0vw3BWLzYK1eUTPNhsQ8LABdagAdjZI7Mg3tkSJSCDsOVB3WvdbKRxt6tHslEJqBTnX-ZcvnvzJSX3XWnt7sUt0LtzOE87Azq5nLXjl1xkNHgpHb2jpldOs3RzwedNqwC4lQfHR-yhuiB8vswDhbTynMqT_tsksr-2nLxTUWfvXThLIM5N3dyLoLm3bLW_M_recq6mv0gdhYk8stbhdvx95acw1jV8fUEO3lSP20E5ZiNy81V5uHv8wO2VzS2_zCMtKsX-5OJfdJlNJcTmWkt3zCB1-vypWw&client_id=client_ukob01&redirect_uri=https://www.certification.openid.net/test/a/ISVAOP/callback&scope=openid%20email&response_type=code%20id_token
2022-10-17 09:24:48 REVIEW
ExpectRequestObjectWithLongNonceErrorPage
If the server does not return an invalid_request error back to the client, it must show an error page (saying server rejects long nonce at authorization endpoint - upload a screenshot of the error page) or must successfully authenticate and return the nonce correctly.
image_no_longer_required
true
2022-10-17 09:24:58 INCOMING
fapi1-advanced-final-ensure-request-object-with-long-nonce
Incoming HTTP request to /test/a/ISVAOP/callback
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,image/avif,image/webp,*/*;q\u003d0.8",
  "accept-language": "en,fr;q\u003d0.8,et;q\u003d0.5,en-US;q\u003d0.3",
  "accept-encoding": "gzip, deflate, br",
  "referer": "https://isamfed.com:6443/",
  "cookie": "__utma\u003d201319536.734078888.1579071622.1665495005.1665619380.47; __utmz\u003d201319536.1660655184.40.23.utmcsr\u003dcertification.openid.net|utmccn\u003d(referral)|utmcmd\u003dreferral|utmcct\u003d/; _ga\u003dGA1.2.734078888.1579071622; JSESSIONID\u003dE4A71C0427A072DDA46C3AA210D26FBB",
  "upgrade-insecure-requests": "1",
  "sec-fetch-dest": "document",
  "sec-fetch-mode": "navigate",
  "sec-fetch-site": "cross-site",
  "sec-fetch-user": "?1",
  "connection": "close"
}
incoming_path
/test/a/ISVAOP/callback
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cert
incoming_query_string_params
{}
incoming_body
incoming_tls_chain
[
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL"
]
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_body_json
2022-10-17 09:24:58 SUCCESS
CreateRandomImplicitSubmitUrl
Created random implicit submission URL
implicit_submit
{
  "path": "implicit/NbQD9nQWVOPyV9kz6TZf",
  "fullUrl": "https://www.certification.openid.net/test/a/ISVAOP/implicit/NbQD9nQWVOPyV9kz6TZf"
}
2022-10-17 09:24:58 OUTGOING
fapi1-advanced-final-ensure-request-object-with-long-nonce
Response to HTTP request to test instance KmhvT1rgPIoE7a6
outgoing
ModelAndView [view="implicitCallback"; model={implicitSubmitUrl=https://www.certification.openid.net/test/a/ISVAOP/implicit/NbQD9nQWVOPyV9kz6TZf, returnUrl=/log-detail.html?log=KmhvT1rgPIoE7a6}]
outgoing_path
callback
2022-10-17 09:24:59 INCOMING
fapi1-advanced-final-ensure-request-object-with-long-nonce
Incoming HTTP request to /test/a/ISVAOP/implicit/NbQD9nQWVOPyV9kz6TZf
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0",
  "accept": "*/*",
  "accept-language": "en,fr;q\u003d0.8,et;q\u003d0.5,en-US;q\u003d0.3",
  "accept-encoding": "gzip, deflate, br",
  "content-type": "text/plain",
  "x-requested-with": "XMLHttpRequest",
  "origin": "https://www.certification.openid.net",
  "referer": "https://www.certification.openid.net/test/a/ISVAOP/callback",
  "cookie": "__utma\u003d201319536.734078888.1579071622.1665495005.1665619380.47; __utmz\u003d201319536.1660655184.40.23.utmcsr\u003dcertification.openid.net|utmccn\u003d(referral)|utmcmd\u003dreferral|utmcct\u003d/; _ga\u003dGA1.2.734078888.1579071622; JSESSIONID\u003dE4A71C0427A072DDA46C3AA210D26FBB",
  "sec-fetch-dest": "empty",
  "sec-fetch-mode": "cors",
  "sec-fetch-site": "same-origin",
  "connection": "close",
  "content-length": "1651"
}
incoming_path
/test/a/ISVAOP/implicit/NbQD9nQWVOPyV9kz6TZf
incoming_body_form_params
incoming_method
POST
incoming_tls_version
TLSv1.2
incoming_tls_cert
incoming_query_string_params
{}
incoming_body
#code=YsMp4OQsP4rEwSOOGlLjU9KVFVoFAt4CVbldz5PK_5Y.UuV5SQwC-fiF2zBxPdR63bTva_Uc-OM0BJWnCZdkQnzxbUXUPetTToFu0BlfJ7yZEmhazLS4Wmd-FEWRRx3VUA&id_token=eyJhbGciOiJQUzI1NiIsImtpZCI6Imh0dHBzZXJ2ZXJrZXkiLCJ0eXAiOiJKV1QifQ.eyJhY3IiOiJ1cm46b3BlbmJhbmtpbmc6cHNkMjpjYSIsImF1ZCI6WyJjbGllbnRfdWtvYjAxIl0sImF1dGhfdGltZSI6MTY2NTk5ODY5OCwiY19oYXNoIjoidVFQQWFsSlQtWjlyQjRIOVFDN1NTdyIsImVtYWlsX3ZlcmlmaWVkIjp0cnVlLCJleHAiOjE2NjYwMDIyOTgsImlhdCI6MTY2NTk5ODY5OCwiaXNzIjoiaHR0cHM6Ly9pc2FtZmVkLmNvbTo2NDQzL2lzdmFvcC9vYXV0aDIiLCJqdGkiOiJmYTM2NDcwMy01ZWQ5LTRjOGQtOGFhMi1hYjI4NzdlZDI5YTIiLCJub25jZSI6IkRxcFN2ZWxOTEkwRWVXaW96bk1HZENtNGdDcTVtdHgzTUVDWkNhUUQ4Tk1YQVpyclpNUUxuTGJCTzJndkJ1cmgzNnM5TFI4QVNrT3pLNk5nWndYSXFhQmV4bDRQNVduZHZJamM5M1NsYzNmOUhhalFiYjU5cUFXVTVHWnNwVVVkdFpGUzBLQ0k4QmxhUEgyb1JJTFVLMDgzbVZZbFg3WlZWbEtySTFlSG9nNGNWRmtnWnR1VEZ4MDVDazZQWkU3VFZjWGp1dUJ2OHVmZFZQeUlidVBOVmhlVVVnc0ZWZUc2UFJoTkdBZjhFa0gzd0NYd0RDdEZLYjdWcmtMbnd3c1dFdUhvWG5IQU1pYzYwUzNQZDVPUzE0Vk5kYlRzNmk1U255MUhvWldKQzF6YjUxQjkxaEhwZEYyS3hTMmVYaVdoeGd4NDRaSUVTbTBZSUhEaHMzRU90NGFzNEVEZzBZYkhPWDFrYXFMb1RYOTh2aEFjMFd4SXZkT1gxT05NT29tYyIsIm9wZW5iYW5raW5nX2ludGVudF9pZCI6ImNsaWVudF91a29iMDEuOTI2YWZjMTEtZjc5ZS00OWIxLTk0ZmUtMWEwOTUyYmMzYzM4IiwicmF0IjoxNjY1OTk4NjkzLCJzX2hhc2giOiJkUGZSTGphWTJfcjFaOE9JWWhvMHhnIiwic3ViIjoiY2xpZW50Y2VydHVzZXIifQ.tKAGb4c0RpBbuKM1xefEUWoWgqG7FumROxeY0HQqNJPDgPetncP2Ra8ytpNP6ZsvQZebIjlcuEm62RD_YRISeLrkTz_CkuBF6Xiaq3ABNTsIFWLGEoxvEhXoNVM16vmXOVSdAsSSnIKk6UCb3H-AycF8D64wZIHLLTjEXA57KA6N-e1yVj3bFqtQ5bTbP6aSUrqaXzmGHFsKZUKA8tq15hXf80hz6C_xdFZO1Z2d6J_FSl29bxq-Al9965kXk0d7SFDtHr_Ws0qPtdPZV2mgtH1Nzf7rvCc9f3tB-pca9JYuK0i2B-11gtUSiDDD5pe_cOwAEZYsQqzX1eyjFVC-gw&state=iC0gTaQsPN
incoming_tls_chain
[
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL"
]
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_body_json
2022-10-17 09:24:59 OUTGOING
fapi1-advanced-final-ensure-request-object-with-long-nonce
Response to HTTP request to test instance KmhvT1rgPIoE7a6
outgoing_status_code
204
outgoing_headers
{}
outgoing_body

                                
outgoing_path
implicit/NbQD9nQWVOPyV9kz6TZf
2022-10-17 09:24:59
ExtractImplicitHashToCallbackResponse
Extracted response from URL fragment
parameters
[
  {
    "name": "code",
    "value": "YsMp4OQsP4rEwSOOGlLjU9KVFVoFAt4CVbldz5PK_5Y.UuV5SQwC-fiF2zBxPdR63bTva_Uc-OM0BJWnCZdkQnzxbUXUPetTToFu0BlfJ7yZEmhazLS4Wmd-FEWRRx3VUA"
  },
  {
    "name": "id_token",
    "value": "eyJhbGciOiJQUzI1NiIsImtpZCI6Imh0dHBzZXJ2ZXJrZXkiLCJ0eXAiOiJKV1QifQ.eyJhY3IiOiJ1cm46b3BlbmJhbmtpbmc6cHNkMjpjYSIsImF1ZCI6WyJjbGllbnRfdWtvYjAxIl0sImF1dGhfdGltZSI6MTY2NTk5ODY5OCwiY19oYXNoIjoidVFQQWFsSlQtWjlyQjRIOVFDN1NTdyIsImVtYWlsX3ZlcmlmaWVkIjp0cnVlLCJleHAiOjE2NjYwMDIyOTgsImlhdCI6MTY2NTk5ODY5OCwiaXNzIjoiaHR0cHM6Ly9pc2FtZmVkLmNvbTo2NDQzL2lzdmFvcC9vYXV0aDIiLCJqdGkiOiJmYTM2NDcwMy01ZWQ5LTRjOGQtOGFhMi1hYjI4NzdlZDI5YTIiLCJub25jZSI6IkRxcFN2ZWxOTEkwRWVXaW96bk1HZENtNGdDcTVtdHgzTUVDWkNhUUQ4Tk1YQVpyclpNUUxuTGJCTzJndkJ1cmgzNnM5TFI4QVNrT3pLNk5nWndYSXFhQmV4bDRQNVduZHZJamM5M1NsYzNmOUhhalFiYjU5cUFXVTVHWnNwVVVkdFpGUzBLQ0k4QmxhUEgyb1JJTFVLMDgzbVZZbFg3WlZWbEtySTFlSG9nNGNWRmtnWnR1VEZ4MDVDazZQWkU3VFZjWGp1dUJ2OHVmZFZQeUlidVBOVmhlVVVnc0ZWZUc2UFJoTkdBZjhFa0gzd0NYd0RDdEZLYjdWcmtMbnd3c1dFdUhvWG5IQU1pYzYwUzNQZDVPUzE0Vk5kYlRzNmk1U255MUhvWldKQzF6YjUxQjkxaEhwZEYyS3hTMmVYaVdoeGd4NDRaSUVTbTBZSUhEaHMzRU90NGFzNEVEZzBZYkhPWDFrYXFMb1RYOTh2aEFjMFd4SXZkT1gxT05NT29tYyIsIm9wZW5iYW5raW5nX2ludGVudF9pZCI6ImNsaWVudF91a29iMDEuOTI2YWZjMTEtZjc5ZS00OWIxLTk0ZmUtMWEwOTUyYmMzYzM4IiwicmF0IjoxNjY1OTk4NjkzLCJzX2hhc2giOiJkUGZSTGphWTJfcjFaOE9JWWhvMHhnIiwic3ViIjoiY2xpZW50Y2VydHVzZXIifQ.tKAGb4c0RpBbuKM1xefEUWoWgqG7FumROxeY0HQqNJPDgPetncP2Ra8ytpNP6ZsvQZebIjlcuEm62RD_YRISeLrkTz_CkuBF6Xiaq3ABNTsIFWLGEoxvEhXoNVM16vmXOVSdAsSSnIKk6UCb3H-AycF8D64wZIHLLTjEXA57KA6N-e1yVj3bFqtQ5bTbP6aSUrqaXzmGHFsKZUKA8tq15hXf80hz6C_xdFZO1Z2d6J_FSl29bxq-Al9965kXk0d7SFDtHr_Ws0qPtdPZV2mgtH1Nzf7rvCc9f3tB-pca9JYuK0i2B-11gtUSiDDD5pe_cOwAEZYsQqzX1eyjFVC-gw"
  },
  {
    "name": "state",
    "value": "iC0gTaQsPN"
  }
]
2022-10-17 09:24:59 SUCCESS
ExtractImplicitHashToCallbackResponse
Extracted the hash values
code
YsMp4OQsP4rEwSOOGlLjU9KVFVoFAt4CVbldz5PK_5Y.UuV5SQwC-fiF2zBxPdR63bTva_Uc-OM0BJWnCZdkQnzxbUXUPetTToFu0BlfJ7yZEmhazLS4Wmd-FEWRRx3VUA
id_token
eyJhbGciOiJQUzI1NiIsImtpZCI6Imh0dHBzZXJ2ZXJrZXkiLCJ0eXAiOiJKV1QifQ.eyJhY3IiOiJ1cm46b3BlbmJhbmtpbmc6cHNkMjpjYSIsImF1ZCI6WyJjbGllbnRfdWtvYjAxIl0sImF1dGhfdGltZSI6MTY2NTk5ODY5OCwiY19oYXNoIjoidVFQQWFsSlQtWjlyQjRIOVFDN1NTdyIsImVtYWlsX3ZlcmlmaWVkIjp0cnVlLCJleHAiOjE2NjYwMDIyOTgsImlhdCI6MTY2NTk5ODY5OCwiaXNzIjoiaHR0cHM6Ly9pc2FtZmVkLmNvbTo2NDQzL2lzdmFvcC9vYXV0aDIiLCJqdGkiOiJmYTM2NDcwMy01ZWQ5LTRjOGQtOGFhMi1hYjI4NzdlZDI5YTIiLCJub25jZSI6IkRxcFN2ZWxOTEkwRWVXaW96bk1HZENtNGdDcTVtdHgzTUVDWkNhUUQ4Tk1YQVpyclpNUUxuTGJCTzJndkJ1cmgzNnM5TFI4QVNrT3pLNk5nWndYSXFhQmV4bDRQNVduZHZJamM5M1NsYzNmOUhhalFiYjU5cUFXVTVHWnNwVVVkdFpGUzBLQ0k4QmxhUEgyb1JJTFVLMDgzbVZZbFg3WlZWbEtySTFlSG9nNGNWRmtnWnR1VEZ4MDVDazZQWkU3VFZjWGp1dUJ2OHVmZFZQeUlidVBOVmhlVVVnc0ZWZUc2UFJoTkdBZjhFa0gzd0NYd0RDdEZLYjdWcmtMbnd3c1dFdUhvWG5IQU1pYzYwUzNQZDVPUzE0Vk5kYlRzNmk1U255MUhvWldKQzF6YjUxQjkxaEhwZEYyS3hTMmVYaVdoeGd4NDRaSUVTbTBZSUhEaHMzRU90NGFzNEVEZzBZYkhPWDFrYXFMb1RYOTh2aEFjMFd4SXZkT1gxT05NT29tYyIsIm9wZW5iYW5raW5nX2ludGVudF9pZCI6ImNsaWVudF91a29iMDEuOTI2YWZjMTEtZjc5ZS00OWIxLTk0ZmUtMWEwOTUyYmMzYzM4IiwicmF0IjoxNjY1OTk4NjkzLCJzX2hhc2giOiJkUGZSTGphWTJfcjFaOE9JWWhvMHhnIiwic3ViIjoiY2xpZW50Y2VydHVzZXIifQ.tKAGb4c0RpBbuKM1xefEUWoWgqG7FumROxeY0HQqNJPDgPetncP2Ra8ytpNP6ZsvQZebIjlcuEm62RD_YRISeLrkTz_CkuBF6Xiaq3ABNTsIFWLGEoxvEhXoNVM16vmXOVSdAsSSnIKk6UCb3H-AycF8D64wZIHLLTjEXA57KA6N-e1yVj3bFqtQ5bTbP6aSUrqaXzmGHFsKZUKA8tq15hXf80hz6C_xdFZO1Z2d6J_FSl29bxq-Al9965kXk0d7SFDtHr_Ws0qPtdPZV2mgtH1Nzf7rvCc9f3tB-pca9JYuK0i2B-11gtUSiDDD5pe_cOwAEZYsQqzX1eyjFVC-gw
state
iC0gTaQsPN
2022-10-17 09:24:59 REDIRECT-IN
fapi1-advanced-final-ensure-request-object-with-long-nonce
Authorization endpoint response captured
url_query
{}
headers
{
  "host": "www.certification.openid.net",
  "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,image/avif,image/webp,*/*;q\u003d0.8",
  "accept-language": "en,fr;q\u003d0.8,et;q\u003d0.5,en-US;q\u003d0.3",
  "accept-encoding": "gzip, deflate, br",
  "referer": "https://isamfed.com:6443/",
  "cookie": "__utma\u003d201319536.734078888.1579071622.1665495005.1665619380.47; __utmz\u003d201319536.1660655184.40.23.utmcsr\u003dcertification.openid.net|utmccn\u003d(referral)|utmcmd\u003dreferral|utmcct\u003d/; _ga\u003dGA1.2.734078888.1579071622; JSESSIONID\u003dE4A71C0427A072DDA46C3AA210D26FBB",
  "upgrade-insecure-requests": "1",
  "sec-fetch-dest": "document",
  "sec-fetch-mode": "navigate",
  "sec-fetch-site": "cross-site",
  "sec-fetch-user": "?1",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "x-forwarded-proto": "https",
  "x-forwarded-port": "443",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
http_method
GET
url_fragment
{
  "code": "YsMp4OQsP4rEwSOOGlLjU9KVFVoFAt4CVbldz5PK_5Y.UuV5SQwC-fiF2zBxPdR63bTva_Uc-OM0BJWnCZdkQnzxbUXUPetTToFu0BlfJ7yZEmhazLS4Wmd-FEWRRx3VUA",
  "id_token": "eyJhbGciOiJQUzI1NiIsImtpZCI6Imh0dHBzZXJ2ZXJrZXkiLCJ0eXAiOiJKV1QifQ.eyJhY3IiOiJ1cm46b3BlbmJhbmtpbmc6cHNkMjpjYSIsImF1ZCI6WyJjbGllbnRfdWtvYjAxIl0sImF1dGhfdGltZSI6MTY2NTk5ODY5OCwiY19oYXNoIjoidVFQQWFsSlQtWjlyQjRIOVFDN1NTdyIsImVtYWlsX3ZlcmlmaWVkIjp0cnVlLCJleHAiOjE2NjYwMDIyOTgsImlhdCI6MTY2NTk5ODY5OCwiaXNzIjoiaHR0cHM6Ly9pc2FtZmVkLmNvbTo2NDQzL2lzdmFvcC9vYXV0aDIiLCJqdGkiOiJmYTM2NDcwMy01ZWQ5LTRjOGQtOGFhMi1hYjI4NzdlZDI5YTIiLCJub25jZSI6IkRxcFN2ZWxOTEkwRWVXaW96bk1HZENtNGdDcTVtdHgzTUVDWkNhUUQ4Tk1YQVpyclpNUUxuTGJCTzJndkJ1cmgzNnM5TFI4QVNrT3pLNk5nWndYSXFhQmV4bDRQNVduZHZJamM5M1NsYzNmOUhhalFiYjU5cUFXVTVHWnNwVVVkdFpGUzBLQ0k4QmxhUEgyb1JJTFVLMDgzbVZZbFg3WlZWbEtySTFlSG9nNGNWRmtnWnR1VEZ4MDVDazZQWkU3VFZjWGp1dUJ2OHVmZFZQeUlidVBOVmhlVVVnc0ZWZUc2UFJoTkdBZjhFa0gzd0NYd0RDdEZLYjdWcmtMbnd3c1dFdUhvWG5IQU1pYzYwUzNQZDVPUzE0Vk5kYlRzNmk1U255MUhvWldKQzF6YjUxQjkxaEhwZEYyS3hTMmVYaVdoeGd4NDRaSUVTbTBZSUhEaHMzRU90NGFzNEVEZzBZYkhPWDFrYXFMb1RYOTh2aEFjMFd4SXZkT1gxT05NT29tYyIsIm9wZW5iYW5raW5nX2ludGVudF9pZCI6ImNsaWVudF91a29iMDEuOTI2YWZjMTEtZjc5ZS00OWIxLTk0ZmUtMWEwOTUyYmMzYzM4IiwicmF0IjoxNjY1OTk4NjkzLCJzX2hhc2giOiJkUGZSTGphWTJfcjFaOE9JWWhvMHhnIiwic3ViIjoiY2xpZW50Y2VydHVzZXIifQ.tKAGb4c0RpBbuKM1xefEUWoWgqG7FumROxeY0HQqNJPDgPetncP2Ra8ytpNP6ZsvQZebIjlcuEm62RD_YRISeLrkTz_CkuBF6Xiaq3ABNTsIFWLGEoxvEhXoNVM16vmXOVSdAsSSnIKk6UCb3H-AycF8D64wZIHLLTjEXA57KA6N-e1yVj3bFqtQ5bTbP6aSUrqaXzmGHFsKZUKA8tq15hXf80hz6C_xdFZO1Z2d6J_FSl29bxq-Al9965kXk0d7SFDtHr_Ws0qPtdPZV2mgtH1Nzf7rvCc9f3tB-pca9JYuK0i2B-11gtUSiDDD5pe_cOwAEZYsQqzX1eyjFVC-gw",
  "state": "iC0gTaQsPN"
}
post_body
Verify authorization endpoint response
2022-10-17 09:24:59 SUCCESS
RejectErrorInUrlQuery
'error' is not present in URL query returned from authorization endpoint
2022-10-17 09:24:59 SUCCESS
RejectAuthCodeInUrlQuery
Authorization code is not present in URL query returned from authorization endpoint
2022-10-17 09:24:59 SUCCESS
CheckMatchingCallbackParameters
Callback parameters successfully verified
2022-10-17 09:24:59 SUCCESS
RejectStateInUrlQueryForHybridFlow
state is correctly not present in URL query returned from authorization endpoint (as in the hybrid flow it must be returned in the URL fragment/hash only)
2022-10-17 09:24:59 SUCCESS
CheckIfAuthorizationEndpointError
No error from authorization endpoint
2022-10-17 09:24:59 SUCCESS
ValidateSuccessfulHybridResponseFromAuthorizationEndpoint
authorization endpoint response does not include unexpected parameters
code
YsMp4OQsP4rEwSOOGlLjU9KVFVoFAt4CVbldz5PK_5Y.UuV5SQwC-fiF2zBxPdR63bTva_Uc-OM0BJWnCZdkQnzxbUXUPetTToFu0BlfJ7yZEmhazLS4Wmd-FEWRRx3VUA
id_token
eyJhbGciOiJQUzI1NiIsImtpZCI6Imh0dHBzZXJ2ZXJrZXkiLCJ0eXAiOiJKV1QifQ.eyJhY3IiOiJ1cm46b3BlbmJhbmtpbmc6cHNkMjpjYSIsImF1ZCI6WyJjbGllbnRfdWtvYjAxIl0sImF1dGhfdGltZSI6MTY2NTk5ODY5OCwiY19oYXNoIjoidVFQQWFsSlQtWjlyQjRIOVFDN1NTdyIsImVtYWlsX3ZlcmlmaWVkIjp0cnVlLCJleHAiOjE2NjYwMDIyOTgsImlhdCI6MTY2NTk5ODY5OCwiaXNzIjoiaHR0cHM6Ly9pc2FtZmVkLmNvbTo2NDQzL2lzdmFvcC9vYXV0aDIiLCJqdGkiOiJmYTM2NDcwMy01ZWQ5LTRjOGQtOGFhMi1hYjI4NzdlZDI5YTIiLCJub25jZSI6IkRxcFN2ZWxOTEkwRWVXaW96bk1HZENtNGdDcTVtdHgzTUVDWkNhUUQ4Tk1YQVpyclpNUUxuTGJCTzJndkJ1cmgzNnM5TFI4QVNrT3pLNk5nWndYSXFhQmV4bDRQNVduZHZJamM5M1NsYzNmOUhhalFiYjU5cUFXVTVHWnNwVVVkdFpGUzBLQ0k4QmxhUEgyb1JJTFVLMDgzbVZZbFg3WlZWbEtySTFlSG9nNGNWRmtnWnR1VEZ4MDVDazZQWkU3VFZjWGp1dUJ2OHVmZFZQeUlidVBOVmhlVVVnc0ZWZUc2UFJoTkdBZjhFa0gzd0NYd0RDdEZLYjdWcmtMbnd3c1dFdUhvWG5IQU1pYzYwUzNQZDVPUzE0Vk5kYlRzNmk1U255MUhvWldKQzF6YjUxQjkxaEhwZEYyS3hTMmVYaVdoeGd4NDRaSUVTbTBZSUhEaHMzRU90NGFzNEVEZzBZYkhPWDFrYXFMb1RYOTh2aEFjMFd4SXZkT1gxT05NT29tYyIsIm9wZW5iYW5raW5nX2ludGVudF9pZCI6ImNsaWVudF91a29iMDEuOTI2YWZjMTEtZjc5ZS00OWIxLTk0ZmUtMWEwOTUyYmMzYzM4IiwicmF0IjoxNjY1OTk4NjkzLCJzX2hhc2giOiJkUGZSTGphWTJfcjFaOE9JWWhvMHhnIiwic3ViIjoiY2xpZW50Y2VydHVzZXIifQ.tKAGb4c0RpBbuKM1xefEUWoWgqG7FumROxeY0HQqNJPDgPetncP2Ra8ytpNP6ZsvQZebIjlcuEm62RD_YRISeLrkTz_CkuBF6Xiaq3ABNTsIFWLGEoxvEhXoNVM16vmXOVSdAsSSnIKk6UCb3H-AycF8D64wZIHLLTjEXA57KA6N-e1yVj3bFqtQ5bTbP6aSUrqaXzmGHFsKZUKA8tq15hXf80hz6C_xdFZO1Z2d6J_FSl29bxq-Al9965kXk0d7SFDtHr_Ws0qPtdPZV2mgtH1Nzf7rvCc9f3tB-pca9JYuK0i2B-11gtUSiDDD5pe_cOwAEZYsQqzX1eyjFVC-gw
state
iC0gTaQsPN
2022-10-17 09:24:59 SUCCESS
CheckStateInAuthorizationResponse
State in response correctly returned
state
iC0gTaQsPN
2022-10-17 09:24:59
ValidateIssInAuthorizationResponse
No 'iss' value in authorization response.
2022-10-17 09:24:59 SUCCESS
ExtractAuthorizationCodeFromAuthorizationResponse
Found authorization code
code
YsMp4OQsP4rEwSOOGlLjU9KVFVoFAt4CVbldz5PK_5Y.UuV5SQwC-fiF2zBxPdR63bTva_Uc-OM0BJWnCZdkQnzxbUXUPetTToFu0BlfJ7yZEmhazLS4Wmd-FEWRRx3VUA
2022-10-17 09:24:59 SUCCESS
EnsureMinimumAuthorizationCodeLength
Authorization code is of sufficient length
actual
1040
required
128
2022-10-17 09:24:59 SUCCESS
EnsureMinimumAuthorizationCodeEntropy
Calculated shannon entropy seems sufficient
actual
734.3652222123737
expected
96.0
value
YsMp4OQsP4rEwSOOGlLjU9KVFVoFAt4CVbldz5PK_5Y.UuV5SQwC-fiF2zBxPdR63bTva_Uc-OM0BJWnCZdkQnzxbUXUPetTToFu0BlfJ7yZEmhazLS4Wmd-FEWRRx3VUA
2022-10-17 09:24:59 SUCCESS
ExtractIdTokenFromAuthorizationResponse
Found and parsed the id_token from authorization_endpoint_response
value
eyJhbGciOiJQUzI1NiIsImtpZCI6Imh0dHBzZXJ2ZXJrZXkiLCJ0eXAiOiJKV1QifQ.eyJhY3IiOiJ1cm46b3BlbmJhbmtpbmc6cHNkMjpjYSIsImF1ZCI6WyJjbGllbnRfdWtvYjAxIl0sImF1dGhfdGltZSI6MTY2NTk5ODY5OCwiY19oYXNoIjoidVFQQWFsSlQtWjlyQjRIOVFDN1NTdyIsImVtYWlsX3ZlcmlmaWVkIjp0cnVlLCJleHAiOjE2NjYwMDIyOTgsImlhdCI6MTY2NTk5ODY5OCwiaXNzIjoiaHR0cHM6Ly9pc2FtZmVkLmNvbTo2NDQzL2lzdmFvcC9vYXV0aDIiLCJqdGkiOiJmYTM2NDcwMy01ZWQ5LTRjOGQtOGFhMi1hYjI4NzdlZDI5YTIiLCJub25jZSI6IkRxcFN2ZWxOTEkwRWVXaW96bk1HZENtNGdDcTVtdHgzTUVDWkNhUUQ4Tk1YQVpyclpNUUxuTGJCTzJndkJ1cmgzNnM5TFI4QVNrT3pLNk5nWndYSXFhQmV4bDRQNVduZHZJamM5M1NsYzNmOUhhalFiYjU5cUFXVTVHWnNwVVVkdFpGUzBLQ0k4QmxhUEgyb1JJTFVLMDgzbVZZbFg3WlZWbEtySTFlSG9nNGNWRmtnWnR1VEZ4MDVDazZQWkU3VFZjWGp1dUJ2OHVmZFZQeUlidVBOVmhlVVVnc0ZWZUc2UFJoTkdBZjhFa0gzd0NYd0RDdEZLYjdWcmtMbnd3c1dFdUhvWG5IQU1pYzYwUzNQZDVPUzE0Vk5kYlRzNmk1U255MUhvWldKQzF6YjUxQjkxaEhwZEYyS3hTMmVYaVdoeGd4NDRaSUVTbTBZSUhEaHMzRU90NGFzNEVEZzBZYkhPWDFrYXFMb1RYOTh2aEFjMFd4SXZkT1gxT05NT29tYyIsIm9wZW5iYW5raW5nX2ludGVudF9pZCI6ImNsaWVudF91a29iMDEuOTI2YWZjMTEtZjc5ZS00OWIxLTk0ZmUtMWEwOTUyYmMzYzM4IiwicmF0IjoxNjY1OTk4NjkzLCJzX2hhc2giOiJkUGZSTGphWTJfcjFaOE9JWWhvMHhnIiwic3ViIjoiY2xpZW50Y2VydHVzZXIifQ.tKAGb4c0RpBbuKM1xefEUWoWgqG7FumROxeY0HQqNJPDgPetncP2Ra8ytpNP6ZsvQZebIjlcuEm62RD_YRISeLrkTz_CkuBF6Xiaq3ABNTsIFWLGEoxvEhXoNVM16vmXOVSdAsSSnIKk6UCb3H-AycF8D64wZIHLLTjEXA57KA6N-e1yVj3bFqtQ5bTbP6aSUrqaXzmGHFsKZUKA8tq15hXf80hz6C_xdFZO1Z2d6J_FSl29bxq-Al9965kXk0d7SFDtHr_Ws0qPtdPZV2mgtH1Nzf7rvCc9f3tB-pca9JYuK0i2B-11gtUSiDDD5pe_cOwAEZYsQqzX1eyjFVC-gw
header
{
  "kid": "httpserverkey",
  "typ": "JWT",
  "alg": "PS256"
}
claims
{
  "sub": "clientcertuser",
  "email_verified": true,
  "rat": 1665998693,
  "iss": "https://isamfed.com:6443/isvaop/oauth2",
  "nonce": "DqpSvelNLI0EeWioznMGdCm4gCq5mtx3MECZCaQD8NMXAZrrZMQLnLbBO2gvBurh36s9LR8ASkOzK6NgZwXIqaBexl4P5WndvIjc93Slc3f9HajQbb59qAWU5GZspUUdtZFS0KCI8BlaPH2oRILUK083mVYlX7ZVVlKrI1eHog4cVFkgZtuTFx05Ck6PZE7TVcXjuuBv8ufdVPyIbuPNVheUUgsFVeG6PRhNGAf8EkH3wCXwDCtFKb7VrkLnwwsWEuHoXnHAMic60S3Pd5OS14VNdbTs6i5Sny1HoZWJC1zb51B91hHpdF2KxS2eXiWhxgx44ZIESm0YIHDhs3EOt4as4EDg0YbHOX1kaqLoTX98vhAc0WxIvdOX1ONMOomc",
  "acr": "urn:openbanking:psd2:ca",
  "aud": "client_ukob01",
  "c_hash": "uQPAalJT-Z9rB4H9QC7SSw",
  "openbanking_intent_id": "client_ukob01.926afc11-f79e-49b1-94fe-1a0952bc3c38",
  "s_hash": "dPfRLjaY2_r1Z8OIYho0xg",
  "auth_time": 1665998698,
  "exp": 1666002298,
  "iat": 1665998698,
  "jti": "fa364703-5ed9-4c8d-8aa2-ab2877ed29a2"
}
2022-10-17 09:24:59 SUCCESS
ValidateIdToken
ID token iss, aud, exp, iat, auth_time, acr & nbf claims passed validation checks
2022-10-17 09:24:59
ValidateIdTokenStandardClaims
sub is a string with content
2022-10-17 09:24:59
ValidateIdTokenStandardClaims
email_verified is a boolean
2022-10-17 09:24:59
ValidateIdTokenStandardClaims
Skipping unknown claim: rat
2022-10-17 09:24:59
ValidateIdTokenStandardClaims
Skipping unknown claim: openbanking_intent_id
2022-10-17 09:24:59 SUCCESS
ValidateIdTokenStandardClaims
id_token claims are valid
2022-10-17 09:24:59 SUCCESS
ValidateIdTokenNonce
Nonce values match
nonce
DqpSvelNLI0EeWioznMGdCm4gCq5mtx3MECZCaQD8NMXAZrrZMQLnLbBO2gvBurh36s9LR8ASkOzK6NgZwXIqaBexl4P5WndvIjc93Slc3f9HajQbb59qAWU5GZspUUdtZFS0KCI8BlaPH2oRILUK083mVYlX7ZVVlKrI1eHog4cVFkgZtuTFx05Ck6PZE7TVcXjuuBv8ufdVPyIbuPNVheUUgsFVeG6PRhNGAf8EkH3wCXwDCtFKb7VrkLnwwsWEuHoXnHAMic60S3Pd5OS14VNdbTs6i5Sny1HoZWJC1zb51B91hHpdF2KxS2eXiWhxgx44ZIESm0YIHDhs3EOt4as4EDg0YbHOX1kaqLoTX98vhAc0WxIvdOX1ONMOomc
2022-10-17 09:24:59 SUCCESS
ValidateIdTokenACRClaimAgainstRequest
acr value in id_token is (one of) the requested values
actual
urn:openbanking:psd2:ca
requested
[
  "urn:openbanking:psd2:sca",
  "urn:openbanking:psd2:ca"
]
2022-10-17 09:24:59 SUCCESS
ValidateIdTokenSignature
id_token signature validated
id_token
eyJhbGciOiJQUzI1NiIsImtpZCI6Imh0dHBzZXJ2ZXJrZXkiLCJ0eXAiOiJKV1QifQ.eyJhY3IiOiJ1cm46b3BlbmJhbmtpbmc6cHNkMjpjYSIsImF1ZCI6WyJjbGllbnRfdWtvYjAxIl0sImF1dGhfdGltZSI6MTY2NTk5ODY5OCwiY19oYXNoIjoidVFQQWFsSlQtWjlyQjRIOVFDN1NTdyIsImVtYWlsX3ZlcmlmaWVkIjp0cnVlLCJleHAiOjE2NjYwMDIyOTgsImlhdCI6MTY2NTk5ODY5OCwiaXNzIjoiaHR0cHM6Ly9pc2FtZmVkLmNvbTo2NDQzL2lzdmFvcC9vYXV0aDIiLCJqdGkiOiJmYTM2NDcwMy01ZWQ5LTRjOGQtOGFhMi1hYjI4NzdlZDI5YTIiLCJub25jZSI6IkRxcFN2ZWxOTEkwRWVXaW96bk1HZENtNGdDcTVtdHgzTUVDWkNhUUQ4Tk1YQVpyclpNUUxuTGJCTzJndkJ1cmgzNnM5TFI4QVNrT3pLNk5nWndYSXFhQmV4bDRQNVduZHZJamM5M1NsYzNmOUhhalFiYjU5cUFXVTVHWnNwVVVkdFpGUzBLQ0k4QmxhUEgyb1JJTFVLMDgzbVZZbFg3WlZWbEtySTFlSG9nNGNWRmtnWnR1VEZ4MDVDazZQWkU3VFZjWGp1dUJ2OHVmZFZQeUlidVBOVmhlVVVnc0ZWZUc2UFJoTkdBZjhFa0gzd0NYd0RDdEZLYjdWcmtMbnd3c1dFdUhvWG5IQU1pYzYwUzNQZDVPUzE0Vk5kYlRzNmk1U255MUhvWldKQzF6YjUxQjkxaEhwZEYyS3hTMmVYaVdoeGd4NDRaSUVTbTBZSUhEaHMzRU90NGFzNEVEZzBZYkhPWDFrYXFMb1RYOTh2aEFjMFd4SXZkT1gxT05NT29tYyIsIm9wZW5iYW5raW5nX2ludGVudF9pZCI6ImNsaWVudF91a29iMDEuOTI2YWZjMTEtZjc5ZS00OWIxLTk0ZmUtMWEwOTUyYmMzYzM4IiwicmF0IjoxNjY1OTk4NjkzLCJzX2hhc2giOiJkUGZSTGphWTJfcjFaOE9JWWhvMHhnIiwic3ViIjoiY2xpZW50Y2VydHVzZXIifQ.tKAGb4c0RpBbuKM1xefEUWoWgqG7FumROxeY0HQqNJPDgPetncP2Ra8ytpNP6ZsvQZebIjlcuEm62RD_YRISeLrkTz_CkuBF6Xiaq3ABNTsIFWLGEoxvEhXoNVM16vmXOVSdAsSSnIKk6UCb3H-AycF8D64wZIHLLTjEXA57KA6N-e1yVj3bFqtQ5bTbP6aSUrqaXzmGHFsKZUKA8tq15hXf80hz6C_xdFZO1Z2d6J_FSl29bxq-Al9965kXk0d7SFDtHr_Ws0qPtdPZV2mgtH1Nzf7rvCc9f3tB-pca9JYuK0i2B-11gtUSiDDD5pe_cOwAEZYsQqzX1eyjFVC-gw
2022-10-17 09:24:59 SUCCESS
ValidateIdTokenSignatureUsingKid
id_token signature validated
id_token
eyJhbGciOiJQUzI1NiIsImtpZCI6Imh0dHBzZXJ2ZXJrZXkiLCJ0eXAiOiJKV1QifQ.eyJhY3IiOiJ1cm46b3BlbmJhbmtpbmc6cHNkMjpjYSIsImF1ZCI6WyJjbGllbnRfdWtvYjAxIl0sImF1dGhfdGltZSI6MTY2NTk5ODY5OCwiY19oYXNoIjoidVFQQWFsSlQtWjlyQjRIOVFDN1NTdyIsImVtYWlsX3ZlcmlmaWVkIjp0cnVlLCJleHAiOjE2NjYwMDIyOTgsImlhdCI6MTY2NTk5ODY5OCwiaXNzIjoiaHR0cHM6Ly9pc2FtZmVkLmNvbTo2NDQzL2lzdmFvcC9vYXV0aDIiLCJqdGkiOiJmYTM2NDcwMy01ZWQ5LTRjOGQtOGFhMi1hYjI4NzdlZDI5YTIiLCJub25jZSI6IkRxcFN2ZWxOTEkwRWVXaW96bk1HZENtNGdDcTVtdHgzTUVDWkNhUUQ4Tk1YQVpyclpNUUxuTGJCTzJndkJ1cmgzNnM5TFI4QVNrT3pLNk5nWndYSXFhQmV4bDRQNVduZHZJamM5M1NsYzNmOUhhalFiYjU5cUFXVTVHWnNwVVVkdFpGUzBLQ0k4QmxhUEgyb1JJTFVLMDgzbVZZbFg3WlZWbEtySTFlSG9nNGNWRmtnWnR1VEZ4MDVDazZQWkU3VFZjWGp1dUJ2OHVmZFZQeUlidVBOVmhlVVVnc0ZWZUc2UFJoTkdBZjhFa0gzd0NYd0RDdEZLYjdWcmtMbnd3c1dFdUhvWG5IQU1pYzYwUzNQZDVPUzE0Vk5kYlRzNmk1U255MUhvWldKQzF6YjUxQjkxaEhwZEYyS3hTMmVYaVdoeGd4NDRaSUVTbTBZSUhEaHMzRU90NGFzNEVEZzBZYkhPWDFrYXFMb1RYOTh2aEFjMFd4SXZkT1gxT05NT29tYyIsIm9wZW5iYW5raW5nX2ludGVudF9pZCI6ImNsaWVudF91a29iMDEuOTI2YWZjMTEtZjc5ZS00OWIxLTk0ZmUtMWEwOTUyYmMzYzM4IiwicmF0IjoxNjY1OTk4NjkzLCJzX2hhc2giOiJkUGZSTGphWTJfcjFaOE9JWWhvMHhnIiwic3ViIjoiY2xpZW50Y2VydHVzZXIifQ.tKAGb4c0RpBbuKM1xefEUWoWgqG7FumROxeY0HQqNJPDgPetncP2Ra8ytpNP6ZsvQZebIjlcuEm62RD_YRISeLrkTz_CkuBF6Xiaq3ABNTsIFWLGEoxvEhXoNVM16vmXOVSdAsSSnIKk6UCb3H-AycF8D64wZIHLLTjEXA57KA6N-e1yVj3bFqtQ5bTbP6aSUrqaXzmGHFsKZUKA8tq15hXf80hz6C_xdFZO1Z2d6J_FSl29bxq-Al9965kXk0d7SFDtHr_Ws0qPtdPZV2mgtH1Nzf7rvCc9f3tB-pca9JYuK0i2B-11gtUSiDDD5pe_cOwAEZYsQqzX1eyjFVC-gw
2022-10-17 09:24:59 SUCCESS
CheckForSubjectInIdToken
Found 'sub' in id_token
sub
clientcertuser
2022-10-17 09:24:59
EnsureIdTokenUpdatedAtValid
id_token response does not contain 'updated_at'
2022-10-17 09:24:59 INFO
ValidateEncryptedIdTokenHasKid
Skipped evaluation due to missing required element: id_token jwe_header
path
jwe_header
mapped
object
id_token
2022-10-17 09:24:59 SUCCESS
EnsureIdTokenContainsKid
kid was found in the ID token header
kid
httpserverkey
2022-10-17 09:24:59 SUCCESS
OBValidateIdTokenIntentId
openbanking_intent_id passed all validation checks
2022-10-17 09:24:59 SUCCESS
FAPIValidateIdTokenSigningAlg
id_token was signed with a permitted algorithm
permitted
[
  "ES256",
  "PS256"
]
alg
PS256
2022-10-17 09:24:59 INFO
FAPIValidateIdTokenEncryptionAlg
Skipped evaluation due to missing required element: id_token jwe_header
path
jwe_header
mapped
object
id_token
2022-10-17 09:24:59 SUCCESS
ExtractSHash
Extracted s_hash from ID Token
s_hash
dPfRLjaY2_r1Z8OIYho0xg
alg
PS256
2022-10-17 09:24:59 SUCCESS
ValidateSHash
s_hash validated successfully
expected_hash
dPfRLjaY2_r1Z8OIYho0xg
unhashed_value
iC0gTaQsPN
id_token_hash
dPfRLjaY2_r1Z8OIYho0xg
2022-10-17 09:24:59 SUCCESS
ExtractCHash
Extracted c_hash from ID Token
c_hash
uQPAalJT-Z9rB4H9QC7SSw
alg
PS256
2022-10-17 09:24:59 SUCCESS
ValidateCHash
c_hash validated successfully
expected_hash
uQPAalJT-Z9rB4H9QC7SSw
unhashed_value
YsMp4OQsP4rEwSOOGlLjU9KVFVoFAt4CVbldz5PK_5Y.UuV5SQwC-fiF2zBxPdR63bTva_Uc-OM0BJWnCZdkQnzxbUXUPetTToFu0BlfJ7yZEmhazLS4Wmd-FEWRRx3VUA
id_token_hash
uQPAalJT-Z9rB4H9QC7SSw
Call token endpoint
2022-10-17 09:24:59 SUCCESS
CreateTokenEndpointRequestForAuthorizationCodeGrant
Created token endpoint request
grant_type
authorization_code
code
YsMp4OQsP4rEwSOOGlLjU9KVFVoFAt4CVbldz5PK_5Y.UuV5SQwC-fiF2zBxPdR63bTva_Uc-OM0BJWnCZdkQnzxbUXUPetTToFu0BlfJ7yZEmhazLS4Wmd-FEWRRx3VUA
redirect_uri
https://www.certification.openid.net/test/a/ISVAOP/callback
2022-10-17 09:24:59 SUCCESS
CreateClientAuthenticationAssertionClaims
Created client assertion claims
iss
client_ukob01
sub
client_ukob01
aud
https://isamfed.com:6443/isvaop/oauth2/token
jti
NZDqZ8U5M4Vq1qKg7hJ3
iat
1665998699
exp
1665998759
2022-10-17 09:24:59 SUCCESS
SignClientAuthenticationAssertion
Signed the client assertion
client_assertion
eyJraWQiOiJyaXN0cmV0dG90ZXN0IiwiYWxnIjoiUFMyNTYifQ.eyJzdWIiOiJjbGllbnRfdWtvYjAxIiwiYXVkIjoiaHR0cHM6XC9cL2lzYW1mZWQuY29tOjY0NDNcL2lzdmFvcFwvb2F1dGgyXC90b2tlbiIsImlzcyI6ImNsaWVudF91a29iMDEiLCJleHAiOjE2NjU5OTg3NTksImlhdCI6MTY2NTk5ODY5OSwianRpIjoiTlpEcVo4VTVNNFZxMXFLZzdoSjMifQ.ZuzR8Yy39XezLh5m0a039dgZq3lQihkZQRCxN3SRX7Ds9occlAYMhqG5_pwuogXHnfK0Kp9HGvoWOkafJzeGptyphZD0_YMUUZLvgAJMprlP_h8OyM1CU5pddCpwxZjeW28SkMNp9c__YuvBXss9YqeaKhah0-Rlpd5Xoe7r0tv6kfCJqv_zPPfpLVNUmnLEeQm9dkNGcFg0KU8cRZfq7B2vn7zrVsfki-ulJLPgvDT4jFxcTSoLV0AvlhDu0cijXPMqPJxhL0WijHimWTflnHS3DBTDpCOD5Flyx4fGH8pQi4I4ZsEpyJ35m3J_DlCaVFAO5ogpU-0AYXMmegl7cg
2022-10-17 09:24:59
AddClientAssertionToTokenEndpointRequest
Added client assertion
grant_type
authorization_code
code
YsMp4OQsP4rEwSOOGlLjU9KVFVoFAt4CVbldz5PK_5Y.UuV5SQwC-fiF2zBxPdR63bTva_Uc-OM0BJWnCZdkQnzxbUXUPetTToFu0BlfJ7yZEmhazLS4Wmd-FEWRRx3VUA
redirect_uri
https://www.certification.openid.net/test/a/ISVAOP/callback
client_assertion
eyJraWQiOiJyaXN0cmV0dG90ZXN0IiwiYWxnIjoiUFMyNTYifQ.eyJzdWIiOiJjbGllbnRfdWtvYjAxIiwiYXVkIjoiaHR0cHM6XC9cL2lzYW1mZWQuY29tOjY0NDNcL2lzdmFvcFwvb2F1dGgyXC90b2tlbiIsImlzcyI6ImNsaWVudF91a29iMDEiLCJleHAiOjE2NjU5OTg3NTksImlhdCI6MTY2NTk5ODY5OSwianRpIjoiTlpEcVo4VTVNNFZxMXFLZzdoSjMifQ.ZuzR8Yy39XezLh5m0a039dgZq3lQihkZQRCxN3SRX7Ds9occlAYMhqG5_pwuogXHnfK0Kp9HGvoWOkafJzeGptyphZD0_YMUUZLvgAJMprlP_h8OyM1CU5pddCpwxZjeW28SkMNp9c__YuvBXss9YqeaKhah0-Rlpd5Xoe7r0tv6kfCJqv_zPPfpLVNUmnLEeQm9dkNGcFg0KU8cRZfq7B2vn7zrVsfki-ulJLPgvDT4jFxcTSoLV0AvlhDu0cijXPMqPJxhL0WijHimWTflnHS3DBTDpCOD5Flyx4fGH8pQi4I4ZsEpyJ35m3J_DlCaVFAO5ogpU-0AYXMmegl7cg
client_assertion_type
urn:ietf:params:oauth:client-assertion-type:jwt-bearer
2022-10-17 09:24:59
CallTokenEndpoint
HTTP request
request_uri
https://isamfed.com:6443/isvaop/oauth2/token
request_method
POST
request_headers
{
  "accept": "application/json",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "973"
}
request_body
grant_type=authorization_code&code=YsMp4OQsP4rEwSOOGlLjU9KVFVoFAt4CVbldz5PK_5Y.UuV5SQwC-fiF2zBxPdR63bTva_Uc-OM0BJWnCZdkQnzxbUXUPetTToFu0BlfJ7yZEmhazLS4Wmd-FEWRRx3VUA&redirect_uri=https%3A%2F%2Fwww.certification.openid.net%2Ftest%2Fa%2FISVAOP%2Fcallback&client_assertion=eyJraWQiOiJyaXN0cmV0dG90ZXN0IiwiYWxnIjoiUFMyNTYifQ.eyJzdWIiOiJjbGllbnRfdWtvYjAxIiwiYXVkIjoiaHR0cHM6XC9cL2lzYW1mZWQuY29tOjY0NDNcL2lzdmFvcFwvb2F1dGgyXC90b2tlbiIsImlzcyI6ImNsaWVudF91a29iMDEiLCJleHAiOjE2NjU5OTg3NTksImlhdCI6MTY2NTk5ODY5OSwianRpIjoiTlpEcVo4VTVNNFZxMXFLZzdoSjMifQ.ZuzR8Yy39XezLh5m0a039dgZq3lQihkZQRCxN3SRX7Ds9occlAYMhqG5_pwuogXHnfK0Kp9HGvoWOkafJzeGptyphZD0_YMUUZLvgAJMprlP_h8OyM1CU5pddCpwxZjeW28SkMNp9c__YuvBXss9YqeaKhah0-Rlpd5Xoe7r0tv6kfCJqv_zPPfpLVNUmnLEeQm9dkNGcFg0KU8cRZfq7B2vn7zrVsfki-ulJLPgvDT4jFxcTSoLV0AvlhDu0cijXPMqPJxhL0WijHimWTflnHS3DBTDpCOD5Flyx4fGH8pQi4I4ZsEpyJ35m3J_DlCaVFAO5ogpU-0AYXMmegl7cg&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer
request_mutual_tls
{
  "cert": "MIIDtzCCAp+gAwIBAgIUecoZmREQNgLwFH/TMEWLTwb1CB8wDQYJKoZIhvcNAQELBQAwazELMAkGA1UEBhMCU0cxEjAQBgNVBAgMCXNpbmdhcG9yZTESMBAGA1UEBwwJc2luZ2Fwb3JlMQwwCgYDVQQKDANJQk0xETAPBgNVBAsMCHNlY3VyaXR5MRMwEQYDVQQDDApjbGllbnRJRDAxMB4XDTIyMDEwNDA0MzE1M1oXDTQxMDkyMTA0MzE1M1owazELMAkGA1UEBhMCU0cxEjAQBgNVBAgMCXNpbmdhcG9yZTESMBAGA1UEBwwJc2luZ2Fwb3JlMQwwCgYDVQQKDANJQk0xETAPBgNVBAsMCHNlY3VyaXR5MRMwEQYDVQQDDApjbGllbnRJRDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2CIojMF5NdBrY48wKHtvzUHUPlMcHSYgJM4wv67sDXVSCQOZd07spVW6VG4OdDLvCK+fhdX+EH5+jUkCfCxn1vCiyK/T6ArZJzdcsjFTtEbqAH+jbITYLa1Og38EI0ARvWyPbU4jRd53PKliCRYoZXoKHnEL2fz6voUlIgyBh+0Et++A3RLWPDUnFslJpwwDZl4NkttpTrAgbxMt07vyZuO9nmsiC/Ax9u9lFNrtUtX87Njd957IoLE+hOgEKpNp0cwrw/P8y0/Vk8HtdzHWf6mqmw4gxnmk9s2MIUxoYRJewqgDU4/f7ukY2Kl++ptLUDRUfCuTckS7r+aLIipxQIDAQABo1MwUTAdBgNVHQ4EFgQU/UtMjt5v2kVdyNfPDjijZi42WIQwHwYDVR0jBBgwFoAU/UtMjt5v2kVdyNfPDjijZi42WIQwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAWex3c0yfWkszPtF6B4cPUwwTMiwQ2GyQxxeV9iOuXoMQ6Nf7IBi3KijaWb17E690/Es4cS0P6WWyWa0pd9e/OWq/7HtA86TTiHUp8lkYM0Bc6317SjOYR3E0oIx53pHXtM/afK+ROzAux9xzztKjGyE13cNJYErSggLeMhW0kwUwRU3Wsl4DYwfqbuT62vvbya/Zf6u/lGvMGHoFozRTqPXtboFKoPLmQXzo92tw1UxRyPmeFiZfIjzee7gOShseCuD2dS59Ie+aD/ymI1FdElDB29J4flhKfJxQl0EQTjXaXR4kRw+zB4OzNIjv3FD2F4kq7qsxzyFb14z8bkp/gA\u003d\u003d",
  "key": "MIIEpAIBAAKCAQEAp2CIojMF5NdBrY48wKHtvzUHUPlMcHSYgJM4wv67sDXVSCQOZd07spVW6VG4OdDLvCK+fhdX+EH5+jUkCfCxn1vCiyK/T6ArZJzdcsjFTtEbqAH+jbITYLa1Og38EI0ARvWyPbU4jRd53PKliCRYoZXoKHnEL2fz6voUlIgyBh+0Et++A3RLWPDUnFslJpwwDZl4NkttpTrAgbxMt07vyZuO9nmsiC/Ax9u9lFNrtUtX87Njd957IoLE+hOgEKpNp0cwrw/P8y0/Vk8HtdzHWf6mqmw4gxnmk9s2MIUxoYRJewqgDU4/f7ukY2Kl++ptLUDRUfCuTckS7r+aLIipxQIDAQABAoIBAEOmr/MnPlWdb41vtTyC9q5XB6sB6JR3fABUARhHj6MMTzWGZU9k2TE4TVWm0xiDPSXAwVADrWnJePlZq0RdRd3MX9iO5daQPZnAEX3Iin9t44jHrZSmClEH6D4b0ur5osgLnMx2R/I3L+lPJfrd/fjpt1lMxjAHCz7Jb7INTnLMjBl8Lji9witoeQseo2+SRLanNckCw9t2/WkqlpyTUnVg6icB9QLAh0ASE/zlMdFMYlo1llfxToRpZKQuE0zTXtvMqfkutqSUb8hLSBTYuMHOh8aycMB//JgiAMwrHVSVcRn2oMqnk5vm08i/sLK8TT8AGAf8Evn0GJJ88kKHvqECgYEA2Xnd/4+98ZiEnLbkgRPVX7pWVa2ZqCAZ4Cf75cv+IlQ3crJniX0IEOpFS71fF8/Ei7DIAELe9zeopQvkUdfzMlC7Rg5AuhJzRIL+FaUFlLJOMz+S7eqiLeabclYGIbZrX+n8Xic01oQxRipgV1XMKj+D3MROUoRCWNMS1Xqghe0CgYEAxQbFsTjipyvk6ZvrpucqAZ1IVIGiVELGMlUEGmyJ8CgXd3gwmU88RahmwBes0GNzm5hws9J+C/S/zt6gu1pP1g/lEpx4/yxg6MZk8AQEk3VG63Tg2rEzjEIQsz0fTXbO1AVSJvEuReB8VCgQEKNYMxrqdHXvpSFHOhQLbvebODkCgYEAgK7e0IjCkQF5fq2t+j69JD7DNUFayaPtC7k9EVWqk6+Xe7PbFfy42CF3TYDJkvJqz2mUfqsS+d+iV774pAEPM3eXyLVIUZH3SNPl+vLBoaH8KdD1ZPhQbK6mznneePZTBNcUcLXsSv6/lVAf362x+FHK+cfivGrsQ1jqLQ25jGUCgYBVrLY2dDgK3YlzE/wK3aZkgVI8fQprfYXVySY5n0z0A1sA9mCbqdrZp3rWuPTKwRQ6arVHXJa2+DyX5jMahREGUm8YAraSr2eMkQi/Xd/nhy3JoU9NiZSSvv+oEUIVWz5g79djW6j1dcJajfk+Yuktf9zHu6jzs17XoHPAUydJ8QKBgQCreujKz7G5EEXkwdEqFFolM9A8ZMB2k3t6FaM4P/lEUs+nFkxYz2+rxI4HMCE0UOCw58ukQjNmXJhumAAB0HIC28gFVuk8FXPRI46ZRQ4uuqQcSCr3/0yPSrJe3uU+IC74iHff9XHmwiHwcpmgsDclyg4Ga5eCf1XNKmZLtu/4Xg\u003d\u003d",
  "ca": "MIIDtzCCAp+gAwIBAgIUecoZmREQNgLwFH/TMEWLTwb1CB8wDQYJKoZIhvcNAQELBQAwazELMAkGA1UEBhMCU0cxEjAQBgNVBAgMCXNpbmdhcG9yZTESMBAGA1UEBwwJc2luZ2Fwb3JlMQwwCgYDVQQKDANJQk0xETAPBgNVBAsMCHNlY3VyaXR5MRMwEQYDVQQDDApjbGllbnRJRDAxMB4XDTIyMDEwNDA0MzE1M1oXDTQxMDkyMTA0MzE1M1owazELMAkGA1UEBhMCU0cxEjAQBgNVBAgMCXNpbmdhcG9yZTESMBAGA1UEBwwJc2luZ2Fwb3JlMQwwCgYDVQQKDANJQk0xETAPBgNVBAsMCHNlY3VyaXR5MRMwEQYDVQQDDApjbGllbnRJRDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2CIojMF5NdBrY48wKHtvzUHUPlMcHSYgJM4wv67sDXVSCQOZd07spVW6VG4OdDLvCK+fhdX+EH5+jUkCfCxn1vCiyK/T6ArZJzdcsjFTtEbqAH+jbITYLa1Og38EI0ARvWyPbU4jRd53PKliCRYoZXoKHnEL2fz6voUlIgyBh+0Et++A3RLWPDUnFslJpwwDZl4NkttpTrAgbxMt07vyZuO9nmsiC/Ax9u9lFNrtUtX87Njd957IoLE+hOgEKpNp0cwrw/P8y0/Vk8HtdzHWf6mqmw4gxnmk9s2MIUxoYRJewqgDU4/f7ukY2Kl++ptLUDRUfCuTckS7r+aLIipxQIDAQABo1MwUTAdBgNVHQ4EFgQU/UtMjt5v2kVdyNfPDjijZi42WIQwHwYDVR0jBBgwFoAU/UtMjt5v2kVdyNfPDjijZi42WIQwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAWex3c0yfWkszPtF6B4cPUwwTMiwQ2GyQxxeV9iOuXoMQ6Nf7IBi3KijaWb17E690/Es4cS0P6WWyWa0pd9e/OWq/7HtA86TTiHUp8lkYM0Bc6317SjOYR3E0oIx53pHXtM/afK+ROzAux9xzztKjGyE13cNJYErSggLeMhW0kwUwRU3Wsl4DYwfqbuT62vvbya/Zf6u/lGvMGHoFozRTqPXtboFKoPLmQXzo92tw1UxRyPmeFiZfIjzee7gOShseCuD2dS59Ie+aD/ymI1FdElDB29J4flhKfJxQl0EQTjXaXR4kRw+zB4OzNIjv3FD2F4kq7qsxzyFb14z8bkp/gA\u003d\u003d"
}
2022-10-17 09:25:00 RESPONSE
CallTokenEndpoint
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "content-length": "1911",
  "content-type": "application/json;charset\u003dUTF-8",
  "date": "Mon, 17 Oct 2022 09:25:00 GMT",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "cache-control": "no-store",
  "x-correlation-id": "CORR_ID-a93d0bc8-91ac-4d25-a7a7-b85e41d37851",
  "strict-transport-security": "max-age\u003d31536000; includeSubDomains",
  "pragma": "no-cache",
  "set-cookie": "PD-S-SESSION-ID\u003d1_2_1_fkmg0+HTZNAEbzgZwD-I1BAGQWMdso17mx-jMbWmrHZeeamE; Path\u003d/; Secure; HttpOnly"
}
response_body
{"access_token":"hbU5_PsklrHRoRrMIdMVJT-pjTFrA3Nhyr-tQm-Wh8I.VTQvDbOsyH80e8bW_rsH20xK-p-iKEC0RFnIfsGrUL_6j8ZUpwhqn3HbY0D_BiQypj45FF7vgpL5llGN5rHMvg","expires_in":7199,"id_token":"eyJhbGciOiJQUzI1NiIsImtpZCI6Imh0dHBzZXJ2ZXJrZXkiLCJ0eXAiOiJKV1QifQ.eyJhY3IiOiJ1cm46b3BlbmJhbmtpbmc6cHNkMjpjYSIsImF0X2hhc2giOiJRUWdCWUg1UGpDTUtOeWxjMUg4dWxBIiwiYXVkIjpbImNsaWVudF91a29iMDEiXSwiYXV0aF90aW1lIjoxNjY1OTk4NzAwLCJlbWFpbF92ZXJpZmllZCI6dHJ1ZSwiZXhwIjoxNjY2MDAyMzAwLCJpYXQiOjE2NjU5OTg3MDAsImlzcyI6Imh0dHBzOi8vaXNhbWZlZC5jb206NjQ0My9pc3Zhb3Avb2F1dGgyIiwianRpIjoiZDI3NTY0YzItZDVjOS00NTY2LWJmMGUtMGY3MTEwYjM5NjY1Iiwibm9uY2UiOiJEcXBTdmVsTkxJMEVlV2lvem5NR2RDbTRnQ3E1bXR4M01FQ1pDYVFEOE5NWEFacnJaTVFMbkxiQk8yZ3ZCdXJoMzZzOUxSOEFTa096SzZOZ1p3WElxYUJleGw0UDVXbmR2SWpjOTNTbGMzZjlIYWpRYmI1OXFBV1U1R1pzcFVVZHRaRlMwS0NJOEJsYVBIMm9SSUxVSzA4M21WWWxYN1pWVmxLckkxZUhvZzRjVkZrZ1p0dVRGeDA1Q2s2UFpFN1RWY1hqdXVCdjh1ZmRWUHlJYnVQTlZoZVVVZ3NGVmVHNlBSaE5HQWY4RWtIM3dDWHdEQ3RGS2I3VnJrTG53d3NXRXVIb1huSEFNaWM2MFMzUGQ1T1MxNFZOZGJUczZpNVNueTFIb1pXSkMxemI1MUI5MWhIcGRGMkt4UzJlWGlXaHhneDQ0WklFU20wWUlIRGhzM0VPdDRhczRFRGcwWWJIT1gxa2FxTG9UWDk4dmhBYzBXeEl2ZE9YMU9OTU9vbWMiLCJvcGVuYmFua2luZ19pbnRlbnRfaWQiOiJjbGllbnRfdWtvYjAxLjkyNmFmYzExLWY3OWUtNDliMS05NGZlLTFhMDk1MmJjM2MzOCIsInJhdCI6MTY2NTk5ODY5MywicnRfaGFzaCI6IlB0bU5vMm1fZjczRkpnUVA5aU91ZWciLCJzX2hhc2giOiJkUGZSTGphWTJfcjFaOE9JWWhvMHhnIiwic3ViIjoiY2xpZW50Y2VydHVzZXIifQ.dadjQI-OzkbXXnPLCN4mtaObTaU5jUrtClWDUks0qBGrgvLjoPbq-HVM7NCsjwdm6Rbq_RsLPlrXymg0Y2n6ChogMdBpvbMY-NT_XRSElOW7qQ3irAqskQkjePUHNI6V1rG-RBds_feeNqWPKEgg4E-0phpCEGRJ6TXHEcJOhF4oq-L-ve7VYRqypIOGjHUZS56bXxRk6p7EXckToO5lbZvi8fHCPz9DtlT4oUt5ELog7UY3yg6T5_0LyujLLyeYybNzhh78P9t03Pk1L42wRdUjcRx8SYD1wwWz-INPw8ZkHGoy4iUZKN97aQhPB1VMCZ6NtDt3NHOEtx-H4iHNRw","refresh_token":"7eqFWLo6otGs090ffdoDqKFvOmWnlkdaNvKzyOXhXXQ.ohvKixqKy-jmUstQFBuEbJD5-DGBDaTQDB94PBYyTvTgUOXOK-EbSfnqDfLXumMdyTRKBUeUXXk6nE6avvq_cw","scope":"openid email","token_type":"bearer"}
2022-10-17 09:25:00 SUCCESS
CallTokenEndpoint
Parsed token endpoint response
access_token
hbU5_PsklrHRoRrMIdMVJT-pjTFrA3Nhyr-tQm-Wh8I.VTQvDbOsyH80e8bW_rsH20xK-p-iKEC0RFnIfsGrUL_6j8ZUpwhqn3HbY0D_BiQypj45FF7vgpL5llGN5rHMvg
expires_in
7199
id_token
eyJhbGciOiJQUzI1NiIsImtpZCI6Imh0dHBzZXJ2ZXJrZXkiLCJ0eXAiOiJKV1QifQ.eyJhY3IiOiJ1cm46b3BlbmJhbmtpbmc6cHNkMjpjYSIsImF0X2hhc2giOiJRUWdCWUg1UGpDTUtOeWxjMUg4dWxBIiwiYXVkIjpbImNsaWVudF91a29iMDEiXSwiYXV0aF90aW1lIjoxNjY1OTk4NzAwLCJlbWFpbF92ZXJpZmllZCI6dHJ1ZSwiZXhwIjoxNjY2MDAyMzAwLCJpYXQiOjE2NjU5OTg3MDAsImlzcyI6Imh0dHBzOi8vaXNhbWZlZC5jb206NjQ0My9pc3Zhb3Avb2F1dGgyIiwianRpIjoiZDI3NTY0YzItZDVjOS00NTY2LWJmMGUtMGY3MTEwYjM5NjY1Iiwibm9uY2UiOiJEcXBTdmVsTkxJMEVlV2lvem5NR2RDbTRnQ3E1bXR4M01FQ1pDYVFEOE5NWEFacnJaTVFMbkxiQk8yZ3ZCdXJoMzZzOUxSOEFTa096SzZOZ1p3WElxYUJleGw0UDVXbmR2SWpjOTNTbGMzZjlIYWpRYmI1OXFBV1U1R1pzcFVVZHRaRlMwS0NJOEJsYVBIMm9SSUxVSzA4M21WWWxYN1pWVmxLckkxZUhvZzRjVkZrZ1p0dVRGeDA1Q2s2UFpFN1RWY1hqdXVCdjh1ZmRWUHlJYnVQTlZoZVVVZ3NGVmVHNlBSaE5HQWY4RWtIM3dDWHdEQ3RGS2I3VnJrTG53d3NXRXVIb1huSEFNaWM2MFMzUGQ1T1MxNFZOZGJUczZpNVNueTFIb1pXSkMxemI1MUI5MWhIcGRGMkt4UzJlWGlXaHhneDQ0WklFU20wWUlIRGhzM0VPdDRhczRFRGcwWWJIT1gxa2FxTG9UWDk4dmhBYzBXeEl2ZE9YMU9OTU9vbWMiLCJvcGVuYmFua2luZ19pbnRlbnRfaWQiOiJjbGllbnRfdWtvYjAxLjkyNmFmYzExLWY3OWUtNDliMS05NGZlLTFhMDk1MmJjM2MzOCIsInJhdCI6MTY2NTk5ODY5MywicnRfaGFzaCI6IlB0bU5vMm1fZjczRkpnUVA5aU91ZWciLCJzX2hhc2giOiJkUGZSTGphWTJfcjFaOE9JWWhvMHhnIiwic3ViIjoiY2xpZW50Y2VydHVzZXIifQ.dadjQI-OzkbXXnPLCN4mtaObTaU5jUrtClWDUks0qBGrgvLjoPbq-HVM7NCsjwdm6Rbq_RsLPlrXymg0Y2n6ChogMdBpvbMY-NT_XRSElOW7qQ3irAqskQkjePUHNI6V1rG-RBds_feeNqWPKEgg4E-0phpCEGRJ6TXHEcJOhF4oq-L-ve7VYRqypIOGjHUZS56bXxRk6p7EXckToO5lbZvi8fHCPz9DtlT4oUt5ELog7UY3yg6T5_0LyujLLyeYybNzhh78P9t03Pk1L42wRdUjcRx8SYD1wwWz-INPw8ZkHGoy4iUZKN97aQhPB1VMCZ6NtDt3NHOEtx-H4iHNRw
refresh_token
7eqFWLo6otGs090ffdoDqKFvOmWnlkdaNvKzyOXhXXQ.ohvKixqKy-jmUstQFBuEbJD5-DGBDaTQDB94PBYyTvTgUOXOK-EbSfnqDfLXumMdyTRKBUeUXXk6nE6avvq_cw
scope
openid email
token_type
bearer
Verify token endpoint response
2022-10-17 09:25:00 SUCCESS
CheckIfTokenEndpointResponseError
No error from token endpoint
2022-10-17 09:25:00 SUCCESS
CheckForAccessTokenValue
Found an access token
access_token
hbU5_PsklrHRoRrMIdMVJT-pjTFrA3Nhyr-tQm-Wh8I.VTQvDbOsyH80e8bW_rsH20xK-p-iKEC0RFnIfsGrUL_6j8ZUpwhqn3HbY0D_BiQypj45FF7vgpL5llGN5rHMvg
2022-10-17 09:25:00 SUCCESS
ExtractAccessTokenFromTokenResponse
Extracted the access token
value
hbU5_PsklrHRoRrMIdMVJT-pjTFrA3Nhyr-tQm-Wh8I.VTQvDbOsyH80e8bW_rsH20xK-p-iKEC0RFnIfsGrUL_6j8ZUpwhqn3HbY0D_BiQypj45FF7vgpL5llGN5rHMvg
type
bearer
2022-10-17 09:25:00 SUCCESS
ExtractExpiresInFromTokenEndpointResponse
Extracted 'expires_in'
expires_in
7199
2022-10-17 09:25:00 SUCCESS
ValidateExpiresIn
expires_in passed all validation checks
expires_in
7199
2022-10-17 09:25:00 SUCCESS
CheckForRefreshTokenValue
Found a refresh token
refresh_token
7eqFWLo6otGs090ffdoDqKFvOmWnlkdaNvKzyOXhXXQ.ohvKixqKy-jmUstQFBuEbJD5-DGBDaTQDB94PBYyTvTgUOXOK-EbSfnqDfLXumMdyTRKBUeUXXk6nE6avvq_cw
2022-10-17 09:25:00 SUCCESS
EnsureMinimumRefreshTokenLength
Refresh token is of sufficient length
actual
1040
required
128
2022-10-17 09:25:00 SUCCESS
EnsureMinimumRefreshTokenEntropy
Calculated shannon entropy seems sufficient
actual
708.7137377579703
expected
96.0
value
7eqFWLo6otGs090ffdoDqKFvOmWnlkdaNvKzyOXhXXQ.ohvKixqKy-jmUstQFBuEbJD5-DGBDaTQDB94PBYyTvTgUOXOK-EbSfnqDfLXumMdyTRKBUeUXXk6nE6avvq_cw
2022-10-17 09:25:00 SUCCESS
EnsureMinimumAccessTokenLength
Access token is of sufficient length
actual
1040
required
128
2022-10-17 09:25:00 SUCCESS
EnsureMinimumAccessTokenEntropy
Calculated shannon entropy seems sufficient
actual
724.8785347943508
expected
96.0
value
hbU5_PsklrHRoRrMIdMVJT-pjTFrA3Nhyr-tQm-Wh8I.VTQvDbOsyH80e8bW_rsH20xK-p-iKEC0RFnIfsGrUL_6j8ZUpwhqn3HbY0D_BiQypj45FF7vgpL5llGN5rHMvg
2022-10-17 09:25:00 SUCCESS
ExtractIdTokenFromTokenResponse
Found and parsed the id_token from token_endpoint_response
value
eyJhbGciOiJQUzI1NiIsImtpZCI6Imh0dHBzZXJ2ZXJrZXkiLCJ0eXAiOiJKV1QifQ.eyJhY3IiOiJ1cm46b3BlbmJhbmtpbmc6cHNkMjpjYSIsImF0X2hhc2giOiJRUWdCWUg1UGpDTUtOeWxjMUg4dWxBIiwiYXVkIjpbImNsaWVudF91a29iMDEiXSwiYXV0aF90aW1lIjoxNjY1OTk4NzAwLCJlbWFpbF92ZXJpZmllZCI6dHJ1ZSwiZXhwIjoxNjY2MDAyMzAwLCJpYXQiOjE2NjU5OTg3MDAsImlzcyI6Imh0dHBzOi8vaXNhbWZlZC5jb206NjQ0My9pc3Zhb3Avb2F1dGgyIiwianRpIjoiZDI3NTY0YzItZDVjOS00NTY2LWJmMGUtMGY3MTEwYjM5NjY1Iiwibm9uY2UiOiJEcXBTdmVsTkxJMEVlV2lvem5NR2RDbTRnQ3E1bXR4M01FQ1pDYVFEOE5NWEFacnJaTVFMbkxiQk8yZ3ZCdXJoMzZzOUxSOEFTa096SzZOZ1p3WElxYUJleGw0UDVXbmR2SWpjOTNTbGMzZjlIYWpRYmI1OXFBV1U1R1pzcFVVZHRaRlMwS0NJOEJsYVBIMm9SSUxVSzA4M21WWWxYN1pWVmxLckkxZUhvZzRjVkZrZ1p0dVRGeDA1Q2s2UFpFN1RWY1hqdXVCdjh1ZmRWUHlJYnVQTlZoZVVVZ3NGVmVHNlBSaE5HQWY4RWtIM3dDWHdEQ3RGS2I3VnJrTG53d3NXRXVIb1huSEFNaWM2MFMzUGQ1T1MxNFZOZGJUczZpNVNueTFIb1pXSkMxemI1MUI5MWhIcGRGMkt4UzJlWGlXaHhneDQ0WklFU20wWUlIRGhzM0VPdDRhczRFRGcwWWJIT1gxa2FxTG9UWDk4dmhBYzBXeEl2ZE9YMU9OTU9vbWMiLCJvcGVuYmFua2luZ19pbnRlbnRfaWQiOiJjbGllbnRfdWtvYjAxLjkyNmFmYzExLWY3OWUtNDliMS05NGZlLTFhMDk1MmJjM2MzOCIsInJhdCI6MTY2NTk5ODY5MywicnRfaGFzaCI6IlB0bU5vMm1fZjczRkpnUVA5aU91ZWciLCJzX2hhc2giOiJkUGZSTGphWTJfcjFaOE9JWWhvMHhnIiwic3ViIjoiY2xpZW50Y2VydHVzZXIifQ.dadjQI-OzkbXXnPLCN4mtaObTaU5jUrtClWDUks0qBGrgvLjoPbq-HVM7NCsjwdm6Rbq_RsLPlrXymg0Y2n6ChogMdBpvbMY-NT_XRSElOW7qQ3irAqskQkjePUHNI6V1rG-RBds_feeNqWPKEgg4E-0phpCEGRJ6TXHEcJOhF4oq-L-ve7VYRqypIOGjHUZS56bXxRk6p7EXckToO5lbZvi8fHCPz9DtlT4oUt5ELog7UY3yg6T5_0LyujLLyeYybNzhh78P9t03Pk1L42wRdUjcRx8SYD1wwWz-INPw8ZkHGoy4iUZKN97aQhPB1VMCZ6NtDt3NHOEtx-H4iHNRw
header
{
  "kid": "httpserverkey",
  "typ": "JWT",
  "alg": "PS256"
}
claims
{
  "at_hash": "QQgBYH5PjCMKNylc1H8ulA",
  "sub": "clientcertuser",
  "email_verified": true,
  "rat": 1665998693,
  "iss": "https://isamfed.com:6443/isvaop/oauth2",
  "nonce": "DqpSvelNLI0EeWioznMGdCm4gCq5mtx3MECZCaQD8NMXAZrrZMQLnLbBO2gvBurh36s9LR8ASkOzK6NgZwXIqaBexl4P5WndvIjc93Slc3f9HajQbb59qAWU5GZspUUdtZFS0KCI8BlaPH2oRILUK083mVYlX7ZVVlKrI1eHog4cVFkgZtuTFx05Ck6PZE7TVcXjuuBv8ufdVPyIbuPNVheUUgsFVeG6PRhNGAf8EkH3wCXwDCtFKb7VrkLnwwsWEuHoXnHAMic60S3Pd5OS14VNdbTs6i5Sny1HoZWJC1zb51B91hHpdF2KxS2eXiWhxgx44ZIESm0YIHDhs3EOt4as4EDg0YbHOX1kaqLoTX98vhAc0WxIvdOX1ONMOomc",
  "rt_hash": "PtmNo2m_f73FJgQP9iOueg",
  "acr": "urn:openbanking:psd2:ca",
  "aud": "client_ukob01",
  "openbanking_intent_id": "client_ukob01.926afc11-f79e-49b1-94fe-1a0952bc3c38",
  "s_hash": "dPfRLjaY2_r1Z8OIYho0xg",
  "auth_time": 1665998700,
  "exp": 1666002300,
  "iat": 1665998700,
  "jti": "d27564c2-d5c9-4566-bf0e-0f7110b39665"
}
2022-10-17 09:25:00 SUCCESS
ValidateIdToken
ID token iss, aud, exp, iat, auth_time, acr & nbf claims passed validation checks
2022-10-17 09:25:00
ValidateIdTokenStandardClaims
sub is a string with content
2022-10-17 09:25:00
ValidateIdTokenStandardClaims
email_verified is a boolean
2022-10-17 09:25:00
ValidateIdTokenStandardClaims
Skipping unknown claim: rat
2022-10-17 09:25:00
ValidateIdTokenStandardClaims
Skipping unknown claim: rt_hash
2022-10-17 09:25:00
ValidateIdTokenStandardClaims
Skipping unknown claim: openbanking_intent_id
2022-10-17 09:25:00 SUCCESS
ValidateIdTokenStandardClaims
id_token claims are valid
2022-10-17 09:25:00 SUCCESS
ValidateIdTokenNonce
Nonce values match
nonce
DqpSvelNLI0EeWioznMGdCm4gCq5mtx3MECZCaQD8NMXAZrrZMQLnLbBO2gvBurh36s9LR8ASkOzK6NgZwXIqaBexl4P5WndvIjc93Slc3f9HajQbb59qAWU5GZspUUdtZFS0KCI8BlaPH2oRILUK083mVYlX7ZVVlKrI1eHog4cVFkgZtuTFx05Ck6PZE7TVcXjuuBv8ufdVPyIbuPNVheUUgsFVeG6PRhNGAf8EkH3wCXwDCtFKb7VrkLnwwsWEuHoXnHAMic60S3Pd5OS14VNdbTs6i5Sny1HoZWJC1zb51B91hHpdF2KxS2eXiWhxgx44ZIESm0YIHDhs3EOt4as4EDg0YbHOX1kaqLoTX98vhAc0WxIvdOX1ONMOomc
2022-10-17 09:25:00 SUCCESS
ValidateIdTokenACRClaimAgainstRequest
acr value in id_token is (one of) the requested values
actual
urn:openbanking:psd2:ca
requested
[
  "urn:openbanking:psd2:sca",
  "urn:openbanking:psd2:ca"
]
2022-10-17 09:25:00 SUCCESS
ValidateIdTokenSignature
id_token signature validated
id_token
eyJhbGciOiJQUzI1NiIsImtpZCI6Imh0dHBzZXJ2ZXJrZXkiLCJ0eXAiOiJKV1QifQ.eyJhY3IiOiJ1cm46b3BlbmJhbmtpbmc6cHNkMjpjYSIsImF0X2hhc2giOiJRUWdCWUg1UGpDTUtOeWxjMUg4dWxBIiwiYXVkIjpbImNsaWVudF91a29iMDEiXSwiYXV0aF90aW1lIjoxNjY1OTk4NzAwLCJlbWFpbF92ZXJpZmllZCI6dHJ1ZSwiZXhwIjoxNjY2MDAyMzAwLCJpYXQiOjE2NjU5OTg3MDAsImlzcyI6Imh0dHBzOi8vaXNhbWZlZC5jb206NjQ0My9pc3Zhb3Avb2F1dGgyIiwianRpIjoiZDI3NTY0YzItZDVjOS00NTY2LWJmMGUtMGY3MTEwYjM5NjY1Iiwibm9uY2UiOiJEcXBTdmVsTkxJMEVlV2lvem5NR2RDbTRnQ3E1bXR4M01FQ1pDYVFEOE5NWEFacnJaTVFMbkxiQk8yZ3ZCdXJoMzZzOUxSOEFTa096SzZOZ1p3WElxYUJleGw0UDVXbmR2SWpjOTNTbGMzZjlIYWpRYmI1OXFBV1U1R1pzcFVVZHRaRlMwS0NJOEJsYVBIMm9SSUxVSzA4M21WWWxYN1pWVmxLckkxZUhvZzRjVkZrZ1p0dVRGeDA1Q2s2UFpFN1RWY1hqdXVCdjh1ZmRWUHlJYnVQTlZoZVVVZ3NGVmVHNlBSaE5HQWY4RWtIM3dDWHdEQ3RGS2I3VnJrTG53d3NXRXVIb1huSEFNaWM2MFMzUGQ1T1MxNFZOZGJUczZpNVNueTFIb1pXSkMxemI1MUI5MWhIcGRGMkt4UzJlWGlXaHhneDQ0WklFU20wWUlIRGhzM0VPdDRhczRFRGcwWWJIT1gxa2FxTG9UWDk4dmhBYzBXeEl2ZE9YMU9OTU9vbWMiLCJvcGVuYmFua2luZ19pbnRlbnRfaWQiOiJjbGllbnRfdWtvYjAxLjkyNmFmYzExLWY3OWUtNDliMS05NGZlLTFhMDk1MmJjM2MzOCIsInJhdCI6MTY2NTk5ODY5MywicnRfaGFzaCI6IlB0bU5vMm1fZjczRkpnUVA5aU91ZWciLCJzX2hhc2giOiJkUGZSTGphWTJfcjFaOE9JWWhvMHhnIiwic3ViIjoiY2xpZW50Y2VydHVzZXIifQ.dadjQI-OzkbXXnPLCN4mtaObTaU5jUrtClWDUks0qBGrgvLjoPbq-HVM7NCsjwdm6Rbq_RsLPlrXymg0Y2n6ChogMdBpvbMY-NT_XRSElOW7qQ3irAqskQkjePUHNI6V1rG-RBds_feeNqWPKEgg4E-0phpCEGRJ6TXHEcJOhF4oq-L-ve7VYRqypIOGjHUZS56bXxRk6p7EXckToO5lbZvi8fHCPz9DtlT4oUt5ELog7UY3yg6T5_0LyujLLyeYybNzhh78P9t03Pk1L42wRdUjcRx8SYD1wwWz-INPw8ZkHGoy4iUZKN97aQhPB1VMCZ6NtDt3NHOEtx-H4iHNRw
2022-10-17 09:25:00 SUCCESS
ValidateIdTokenSignatureUsingKid
id_token signature validated
id_token
eyJhbGciOiJQUzI1NiIsImtpZCI6Imh0dHBzZXJ2ZXJrZXkiLCJ0eXAiOiJKV1QifQ.eyJhY3IiOiJ1cm46b3BlbmJhbmtpbmc6cHNkMjpjYSIsImF0X2hhc2giOiJRUWdCWUg1UGpDTUtOeWxjMUg4dWxBIiwiYXVkIjpbImNsaWVudF91a29iMDEiXSwiYXV0aF90aW1lIjoxNjY1OTk4NzAwLCJlbWFpbF92ZXJpZmllZCI6dHJ1ZSwiZXhwIjoxNjY2MDAyMzAwLCJpYXQiOjE2NjU5OTg3MDAsImlzcyI6Imh0dHBzOi8vaXNhbWZlZC5jb206NjQ0My9pc3Zhb3Avb2F1dGgyIiwianRpIjoiZDI3NTY0YzItZDVjOS00NTY2LWJmMGUtMGY3MTEwYjM5NjY1Iiwibm9uY2UiOiJEcXBTdmVsTkxJMEVlV2lvem5NR2RDbTRnQ3E1bXR4M01FQ1pDYVFEOE5NWEFacnJaTVFMbkxiQk8yZ3ZCdXJoMzZzOUxSOEFTa096SzZOZ1p3WElxYUJleGw0UDVXbmR2SWpjOTNTbGMzZjlIYWpRYmI1OXFBV1U1R1pzcFVVZHRaRlMwS0NJOEJsYVBIMm9SSUxVSzA4M21WWWxYN1pWVmxLckkxZUhvZzRjVkZrZ1p0dVRGeDA1Q2s2UFpFN1RWY1hqdXVCdjh1ZmRWUHlJYnVQTlZoZVVVZ3NGVmVHNlBSaE5HQWY4RWtIM3dDWHdEQ3RGS2I3VnJrTG53d3NXRXVIb1huSEFNaWM2MFMzUGQ1T1MxNFZOZGJUczZpNVNueTFIb1pXSkMxemI1MUI5MWhIcGRGMkt4UzJlWGlXaHhneDQ0WklFU20wWUlIRGhzM0VPdDRhczRFRGcwWWJIT1gxa2FxTG9UWDk4dmhBYzBXeEl2ZE9YMU9OTU9vbWMiLCJvcGVuYmFua2luZ19pbnRlbnRfaWQiOiJjbGllbnRfdWtvYjAxLjkyNmFmYzExLWY3OWUtNDliMS05NGZlLTFhMDk1MmJjM2MzOCIsInJhdCI6MTY2NTk5ODY5MywicnRfaGFzaCI6IlB0bU5vMm1fZjczRkpnUVA5aU91ZWciLCJzX2hhc2giOiJkUGZSTGphWTJfcjFaOE9JWWhvMHhnIiwic3ViIjoiY2xpZW50Y2VydHVzZXIifQ.dadjQI-OzkbXXnPLCN4mtaObTaU5jUrtClWDUks0qBGrgvLjoPbq-HVM7NCsjwdm6Rbq_RsLPlrXymg0Y2n6ChogMdBpvbMY-NT_XRSElOW7qQ3irAqskQkjePUHNI6V1rG-RBds_feeNqWPKEgg4E-0phpCEGRJ6TXHEcJOhF4oq-L-ve7VYRqypIOGjHUZS56bXxRk6p7EXckToO5lbZvi8fHCPz9DtlT4oUt5ELog7UY3yg6T5_0LyujLLyeYybNzhh78P9t03Pk1L42wRdUjcRx8SYD1wwWz-INPw8ZkHGoy4iUZKN97aQhPB1VMCZ6NtDt3NHOEtx-H4iHNRw
2022-10-17 09:25:00 SUCCESS
CheckForSubjectInIdToken
Found 'sub' in id_token
sub
clientcertuser
2022-10-17 09:25:00
EnsureIdTokenUpdatedAtValid
id_token response does not contain 'updated_at'
2022-10-17 09:25:00 INFO
ValidateEncryptedIdTokenHasKid
Skipped evaluation due to missing required element: id_token jwe_header
path
jwe_header
mapped
object
id_token
2022-10-17 09:25:00 SUCCESS
EnsureIdTokenContainsKid
kid was found in the ID token header
kid
httpserverkey
2022-10-17 09:25:00 SUCCESS
OBValidateIdTokenIntentId
openbanking_intent_id passed all validation checks
2022-10-17 09:25:00 SUCCESS
FAPIValidateIdTokenSigningAlg
id_token was signed with a permitted algorithm
permitted
[
  "ES256",
  "PS256"
]
alg
PS256
2022-10-17 09:25:00 INFO
FAPIValidateIdTokenEncryptionAlg
Skipped evaluation due to missing required element: id_token jwe_header
path
jwe_header
mapped
object
id_token
2022-10-17 09:25:00 INFO
ExtractCHash
Couldn't find c_hash in ID token
2022-10-17 09:25:00 SUCCESS
ExtractSHash
Extracted s_hash from ID Token
s_hash
dPfRLjaY2_r1Z8OIYho0xg
alg
PS256
2022-10-17 09:25:00 SUCCESS
ExtractAtHash
Extracted at_hash from ID Token
at_hash
QQgBYH5PjCMKNylc1H8ulA
alg
PS256
2022-10-17 09:25:00 INFO
ValidateCHash
Skipped evaluation due to missing required object: c_hash
expected
c_hash
mapped
2022-10-17 09:25:00 SUCCESS
ValidateSHash
s_hash validated successfully
expected_hash
dPfRLjaY2_r1Z8OIYho0xg
unhashed_value
iC0gTaQsPN
id_token_hash
dPfRLjaY2_r1Z8OIYho0xg
2022-10-17 09:25:00 SUCCESS
ValidateAtHash
at_hash validated successfully
expected_hash
QQgBYH5PjCMKNylc1H8ulA
unhashed_value
hbU5_PsklrHRoRrMIdMVJT-pjTFrA3Nhyr-tQm-Wh8I.VTQvDbOsyH80e8bW_rsH20xK-p-iKEC0RFnIfsGrUL_6j8ZUpwhqn3HbY0D_BiQypj45FF7vgpL5llGN5rHMvg
id_token_hash
QQgBYH5PjCMKNylc1H8ulA
Verify at_hash in the authorization endpoint id_token
2022-10-17 09:25:00 INFO
ExtractAtHash
Couldn't find at_hash in ID token
2022-10-17 09:25:00 INFO
ValidateAtHash
Skipped evaluation due to missing required object: at_hash
expected
at_hash
mapped
Resource server endpoint tests
2022-10-17 09:25:00
CreateEmptyResourceEndpointRequestHeaders
Created empty headers
resource_endpoint_request_headers
{}
2022-10-17 09:25:00 SUCCESS
AddFAPIAuthDateToResourceEndpointRequest
Added x-fapi-auth-date to resource endpoint request headers
resource_endpoint_request_headers
{
  "x-fapi-auth-date": "Mon, 17 Oct 2022 09:25:00 GMT"
}
2022-10-17 09:25:00
AddIpV4FapiCustomerIpAddressToResourceEndpointRequest
Added x-fapi-customer-ip-address containing IPv4 address to resource endpoint request headers
resource_endpoint_request_headers
{
  "x-fapi-auth-date": "Mon, 17 Oct 2022 09:25:00 GMT",
  "x-fapi-customer-ip-address": "198.51.100.119"
}
2022-10-17 09:25:00
CreateRandomFAPIInteractionId
Created interaction ID
fapi_interaction_id
1e961c95-ecd0-4779-aae3-9a4a3cac30a6
2022-10-17 09:25:00 SUCCESS
AddFAPIInteractionIdToResourceEndpointRequest
Added x-fapi-interaction-id to resource endpoint request headers
resource_endpoint_request_headers
{
  "x-fapi-auth-date": "Mon, 17 Oct 2022 09:25:00 GMT",
  "x-fapi-customer-ip-address": "198.51.100.119",
  "x-fapi-interaction-id": "1e961c95-ecd0-4779-aae3-9a4a3cac30a6"
}
2022-10-17 09:25:00
CallProtectedResource
HTTP request
request_uri
https://isamfed.com:6443/isvaop/oauth2/open-banking/v3.1/aisp/accounts
request_method
GET
request_headers
{
  "accept": "application/json",
  "authorization": "bearer hbU5_PsklrHRoRrMIdMVJT-pjTFrA3Nhyr-tQm-Wh8I.VTQvDbOsyH80e8bW_rsH20xK-p-iKEC0RFnIfsGrUL_6j8ZUpwhqn3HbY0D_BiQypj45FF7vgpL5llGN5rHMvg",
  "x-fapi-auth-date": "Mon, 17 Oct 2022 09:25:00 GMT",
  "x-fapi-customer-ip-address": "198.51.100.119",
  "x-fapi-interaction-id": "1e961c95-ecd0-4779-aae3-9a4a3cac30a6",
  "content-length": "0"
}
request_body

                                
request_mutual_tls
{
  "cert": "MIIDtzCCAp+gAwIBAgIUecoZmREQNgLwFH/TMEWLTwb1CB8wDQYJKoZIhvcNAQELBQAwazELMAkGA1UEBhMCU0cxEjAQBgNVBAgMCXNpbmdhcG9yZTESMBAGA1UEBwwJc2luZ2Fwb3JlMQwwCgYDVQQKDANJQk0xETAPBgNVBAsMCHNlY3VyaXR5MRMwEQYDVQQDDApjbGllbnRJRDAxMB4XDTIyMDEwNDA0MzE1M1oXDTQxMDkyMTA0MzE1M1owazELMAkGA1UEBhMCU0cxEjAQBgNVBAgMCXNpbmdhcG9yZTESMBAGA1UEBwwJc2luZ2Fwb3JlMQwwCgYDVQQKDANJQk0xETAPBgNVBAsMCHNlY3VyaXR5MRMwEQYDVQQDDApjbGllbnRJRDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2CIojMF5NdBrY48wKHtvzUHUPlMcHSYgJM4wv67sDXVSCQOZd07spVW6VG4OdDLvCK+fhdX+EH5+jUkCfCxn1vCiyK/T6ArZJzdcsjFTtEbqAH+jbITYLa1Og38EI0ARvWyPbU4jRd53PKliCRYoZXoKHnEL2fz6voUlIgyBh+0Et++A3RLWPDUnFslJpwwDZl4NkttpTrAgbxMt07vyZuO9nmsiC/Ax9u9lFNrtUtX87Njd957IoLE+hOgEKpNp0cwrw/P8y0/Vk8HtdzHWf6mqmw4gxnmk9s2MIUxoYRJewqgDU4/f7ukY2Kl++ptLUDRUfCuTckS7r+aLIipxQIDAQABo1MwUTAdBgNVHQ4EFgQU/UtMjt5v2kVdyNfPDjijZi42WIQwHwYDVR0jBBgwFoAU/UtMjt5v2kVdyNfPDjijZi42WIQwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAWex3c0yfWkszPtF6B4cPUwwTMiwQ2GyQxxeV9iOuXoMQ6Nf7IBi3KijaWb17E690/Es4cS0P6WWyWa0pd9e/OWq/7HtA86TTiHUp8lkYM0Bc6317SjOYR3E0oIx53pHXtM/afK+ROzAux9xzztKjGyE13cNJYErSggLeMhW0kwUwRU3Wsl4DYwfqbuT62vvbya/Zf6u/lGvMGHoFozRTqPXtboFKoPLmQXzo92tw1UxRyPmeFiZfIjzee7gOShseCuD2dS59Ie+aD/ymI1FdElDB29J4flhKfJxQl0EQTjXaXR4kRw+zB4OzNIjv3FD2F4kq7qsxzyFb14z8bkp/gA\u003d\u003d",
  "key": "MIIEpAIBAAKCAQEAp2CIojMF5NdBrY48wKHtvzUHUPlMcHSYgJM4wv67sDXVSCQOZd07spVW6VG4OdDLvCK+fhdX+EH5+jUkCfCxn1vCiyK/T6ArZJzdcsjFTtEbqAH+jbITYLa1Og38EI0ARvWyPbU4jRd53PKliCRYoZXoKHnEL2fz6voUlIgyBh+0Et++A3RLWPDUnFslJpwwDZl4NkttpTrAgbxMt07vyZuO9nmsiC/Ax9u9lFNrtUtX87Njd957IoLE+hOgEKpNp0cwrw/P8y0/Vk8HtdzHWf6mqmw4gxnmk9s2MIUxoYRJewqgDU4/f7ukY2Kl++ptLUDRUfCuTckS7r+aLIipxQIDAQABAoIBAEOmr/MnPlWdb41vtTyC9q5XB6sB6JR3fABUARhHj6MMTzWGZU9k2TE4TVWm0xiDPSXAwVADrWnJePlZq0RdRd3MX9iO5daQPZnAEX3Iin9t44jHrZSmClEH6D4b0ur5osgLnMx2R/I3L+lPJfrd/fjpt1lMxjAHCz7Jb7INTnLMjBl8Lji9witoeQseo2+SRLanNckCw9t2/WkqlpyTUnVg6icB9QLAh0ASE/zlMdFMYlo1llfxToRpZKQuE0zTXtvMqfkutqSUb8hLSBTYuMHOh8aycMB//JgiAMwrHVSVcRn2oMqnk5vm08i/sLK8TT8AGAf8Evn0GJJ88kKHvqECgYEA2Xnd/4+98ZiEnLbkgRPVX7pWVa2ZqCAZ4Cf75cv+IlQ3crJniX0IEOpFS71fF8/Ei7DIAELe9zeopQvkUdfzMlC7Rg5AuhJzRIL+FaUFlLJOMz+S7eqiLeabclYGIbZrX+n8Xic01oQxRipgV1XMKj+D3MROUoRCWNMS1Xqghe0CgYEAxQbFsTjipyvk6ZvrpucqAZ1IVIGiVELGMlUEGmyJ8CgXd3gwmU88RahmwBes0GNzm5hws9J+C/S/zt6gu1pP1g/lEpx4/yxg6MZk8AQEk3VG63Tg2rEzjEIQsz0fTXbO1AVSJvEuReB8VCgQEKNYMxrqdHXvpSFHOhQLbvebODkCgYEAgK7e0IjCkQF5fq2t+j69JD7DNUFayaPtC7k9EVWqk6+Xe7PbFfy42CF3TYDJkvJqz2mUfqsS+d+iV774pAEPM3eXyLVIUZH3SNPl+vLBoaH8KdD1ZPhQbK6mznneePZTBNcUcLXsSv6/lVAf362x+FHK+cfivGrsQ1jqLQ25jGUCgYBVrLY2dDgK3YlzE/wK3aZkgVI8fQprfYXVySY5n0z0A1sA9mCbqdrZp3rWuPTKwRQ6arVHXJa2+DyX5jMahREGUm8YAraSr2eMkQi/Xd/nhy3JoU9NiZSSvv+oEUIVWz5g79djW6j1dcJajfk+Yuktf9zHu6jzs17XoHPAUydJ8QKBgQCreujKz7G5EEXkwdEqFFolM9A8ZMB2k3t6FaM4P/lEUs+nFkxYz2+rxI4HMCE0UOCw58ukQjNmXJhumAAB0HIC28gFVuk8FXPRI46ZRQ4uuqQcSCr3/0yPSrJe3uU+IC74iHff9XHmwiHwcpmgsDclyg4Ga5eCf1XNKmZLtu/4Xg\u003d\u003d",
  "ca": "MIIDtzCCAp+gAwIBAgIUecoZmREQNgLwFH/TMEWLTwb1CB8wDQYJKoZIhvcNAQELBQAwazELMAkGA1UEBhMCU0cxEjAQBgNVBAgMCXNpbmdhcG9yZTESMBAGA1UEBwwJc2luZ2Fwb3JlMQwwCgYDVQQKDANJQk0xETAPBgNVBAsMCHNlY3VyaXR5MRMwEQYDVQQDDApjbGllbnRJRDAxMB4XDTIyMDEwNDA0MzE1M1oXDTQxMDkyMTA0MzE1M1owazELMAkGA1UEBhMCU0cxEjAQBgNVBAgMCXNpbmdhcG9yZTESMBAGA1UEBwwJc2luZ2Fwb3JlMQwwCgYDVQQKDANJQk0xETAPBgNVBAsMCHNlY3VyaXR5MRMwEQYDVQQDDApjbGllbnRJRDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2CIojMF5NdBrY48wKHtvzUHUPlMcHSYgJM4wv67sDXVSCQOZd07spVW6VG4OdDLvCK+fhdX+EH5+jUkCfCxn1vCiyK/T6ArZJzdcsjFTtEbqAH+jbITYLa1Og38EI0ARvWyPbU4jRd53PKliCRYoZXoKHnEL2fz6voUlIgyBh+0Et++A3RLWPDUnFslJpwwDZl4NkttpTrAgbxMt07vyZuO9nmsiC/Ax9u9lFNrtUtX87Njd957IoLE+hOgEKpNp0cwrw/P8y0/Vk8HtdzHWf6mqmw4gxnmk9s2MIUxoYRJewqgDU4/f7ukY2Kl++ptLUDRUfCuTckS7r+aLIipxQIDAQABo1MwUTAdBgNVHQ4EFgQU/UtMjt5v2kVdyNfPDjijZi42WIQwHwYDVR0jBBgwFoAU/UtMjt5v2kVdyNfPDjijZi42WIQwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAWex3c0yfWkszPtF6B4cPUwwTMiwQ2GyQxxeV9iOuXoMQ6Nf7IBi3KijaWb17E690/Es4cS0P6WWyWa0pd9e/OWq/7HtA86TTiHUp8lkYM0Bc6317SjOYR3E0oIx53pHXtM/afK+ROzAux9xzztKjGyE13cNJYErSggLeMhW0kwUwRU3Wsl4DYwfqbuT62vvbya/Zf6u/lGvMGHoFozRTqPXtboFKoPLmQXzo92tw1UxRyPmeFiZfIjzee7gOShseCuD2dS59Ie+aD/ymI1FdElDB29J4flhKfJxQl0EQTjXaXR4kRw+zB4OzNIjv3FD2F4kq7qsxzyFb14z8bkp/gA\u003d\u003d"
}
2022-10-17 09:25:03 RESPONSE
CallProtectedResource
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "content-length": "39",
  "content-type": "application/json;charset\u003dUTF-8",
  "date": "Mon, 17 Oct 2022 09:25:03 GMT",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-correlation-id": "CORR_ID-4d7bb92a-5f82-41d1-b104-6807c674842e",
  "x-fapi-interaction-id": "1e961c95-ecd0-4779-aae3-9a4a3cac30a6",
  "strict-transport-security": "max-age\u003d31536000; includeSubDomains",
  "set-cookie": "PD-S-SESSION-ID\u003d1_2_1_KgvtJCAkvMaByl8cOCgpTLkjyGMhCNnXKS3nyeA0PuWlHyfJ; Path\u003d/; Secure; HttpOnly"
}
response_body
{"content":"This is a sample resource"}
2022-10-17 09:25:03 SUCCESS
CallProtectedResource
Got a response from the resource endpoint
status
200
endpoint_name
resource
headers
{
  "content-length": "39",
  "content-type": "application/json;charset\u003dUTF-8",
  "date": "Mon, 17 Oct 2022 09:25:03 GMT",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-correlation-id": "CORR_ID-4d7bb92a-5f82-41d1-b104-6807c674842e",
  "x-fapi-interaction-id": "1e961c95-ecd0-4779-aae3-9a4a3cac30a6",
  "strict-transport-security": "max-age\u003d31536000; includeSubDomains",
  "set-cookie": "PD-S-SESSION-ID\u003d1_2_1_KgvtJCAkvMaByl8cOCgpTLkjyGMhCNnXKS3nyeA0PuWlHyfJ; Path\u003d/; Secure; HttpOnly"
}
body
{"content":"This is a sample resource"}
2022-10-17 09:25:03 SUCCESS
EnsureHttpStatusCodeIs200or201
resource endpoint http status code was 200
2022-10-17 09:25:03 SUCCESS
CheckForDateHeaderInResourceResponse
Date header present and validated
date
Mon, 17 Oct 2022 09:25:03 GMT
skew
291
2022-10-17 09:25:03 SUCCESS
CheckForFAPIInteractionIdInResourceResponse
Found x-fapi-interaction-id
interaction_id
1e961c95-ecd0-4779-aae3-9a4a3cac30a6
2022-10-17 09:25:03 SUCCESS
EnsureMatchingFAPIInteractionId
Interaction ID matched
fapi_interaction_id
1e961c95-ecd0-4779-aae3-9a4a3cac30a6
2022-10-17 09:25:03 SUCCESS
EnsureResourceResponseReturnedJsonContentType
Response content type is json
content_type
application/json;charset=UTF-8
2022-10-17 09:25:03 FINISHED
fapi1-advanced-final-ensure-request-object-with-long-nonce
Test has run to completion
testmodule_result
PASSED
2022-10-17 09:25:09
TEST-RUNNER
Alias has now been claimed by another test
alias
ISVAOP
new_test_id
HsR12dLmgOvwZQp
Test Results