Test Summary

Test Results

Expand All Collapse All
All times are UTC
2022-11-28 05:27:55 INFO
TEST-RUNNER
Test instance nO4BA065gJm0PZr created
baseUrl
https://www.certification.openid.net/test/a/isv_op_oidc_core_test
variant
{
  "client_auth_type": "private_key_jwt",
  "response_type": "code id_token",
  "server_metadata": "discovery",
  "client_registration": "dynamic_client",
  "response_mode": "default"
}
alias
isv_op_oidc_core_test
description
isv_op_oidc_core_test_dynamic_client
planId
OnmlfiYkW6Bbn
config
{
  "server": {
    "discoveryUrl": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/.well-known/openid-configuration",
    "login_hint": "isvdev@ibm.com"
  },
  "client": {
    "client_name": "Ristretto Core Conformance Test Dynamic Client One"
  },
  "client2": {
    "client_name": "Ristretto Core Conformance Test Dynamic Client Two"
  },
  "consent": {},
  "alias": "isv_op_oidc_core_test",
  "description": "isv_op_oidc_core_test_dynamic_client"
}
testName
oidcc-refresh-token
2022-11-28 05:27:55 SUCCESS
CreateRedirectUri
Created redirect URI
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
2022-11-28 05:27:55
GetDynamicServerConfiguration
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/.well-known/openid-configuration
request_method
GET
request_headers
{
  "accept": "text/plain, application/json, application/*+json, */*",
  "content-length": "0"
}
request_body

                                
2022-11-28 05:27:55 RESPONSE
GetDynamicServerConfiguration
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK7cc55c8e-e4d0-4f35-98ef-40c88f1701f8",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c281638446db03f8f117",
  "vary": "Accept-Encoding",
  "date": "Mon, 28 Nov 2022 05:27:55 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:bpOcwIu3Z5uMqVoYHXYHjNIahh/4/6oe/GyrgEiblro\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:61017047; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003dF4323478DDB966F118928049B727CB4B~-1~YAAQJHYGF5vY+4SEAQAA58m0vAh+YfERUnJwY1+bAFmJPaecKSXdlObPyorM0vc1Y/buEBsCMxqQ4cUrWzx4ic4M2N1DM0MwYERbZV1TTA8nlDs+PNIkSKASaUAWiv7Jo3FpwbX2bahm8XKk1k2RrvOkzvvj0VDVxWmJPCnUFeyy4K+2AYow0+4KvsHMEsGo488kg7gU3jvcUMw25gqVVcYKRrQu0ZtX+HXFcHSuDVse33czQ4Cm6f2rsKni6vr/EtE46LOBn7ZFoW3qwq8Kd9U3Bx/P+A/DLaZZWJofueYcmFayae3E8wGSW8dAGm2AGnm9IiSiL/szEg3L3DLZ3wPMOhFHhN/ma8Ndy6wDGS2Y8YePAXX/2o61WetdHFCpatW8gZk\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 05:27:55 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d39DC27E5D8ED106E53A3E4CED8C71B93~YAAQJHYGF5zY+4SEAQAA58m0vBEee1lpj5njNV1jk39WH/pkjfLQY9mEhc4hS2lolgEe4Dx1T03IEhPuUVi8pXUiWqFit/1tK1x5nUXeGjvp7YRltOnMy1z8Rrl1tqOtLEMSlOOv2UfHAt0PcLTawVLpOV21m93yAeIx8M8ct0JaU9viFuQGenNkoJUICMu9j30G13QPtJ9fM7uF03sOt+RY9jZHmMTleL9X3Kw2fcxAEeWRT0u5JoT9t/fNitPjAhRn665eNxG1muup/HL1V2Ljm+VDczzWjpa0VwhJ6F+S8Hofe98hNnO8v0nS~3225910~4272961; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 09:27:55 GMT; Max-Age\u003d14400; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d131",
    "origin; dur\u003d128"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"issuer":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2","authorization_endpoint":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/authorize","token_endpoint":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/token","introspection_endpoint":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/introspect","userinfo_endpoint":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/userinfo","revocation_endpoint":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/revoke","pushed_authorization_request_endpoint":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/par","registration_endpoint":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register","jwks_uri":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/jwks","response_types_supported":["none","code","token","id_token","code token","code id_token","token id_token","code token id_token"],"response_modes_supported":["query","fragment","form_post","jwt","query.jwt","fragment.jwt","form_post.jwt"],"grant_types_supported":["authorization_code","implicit","password","refresh_token","client_credentials"],"token_endpoint_auth_methods_supported":["client_secret_basic","client_secret_post","private_key_jwt","tls_client_auth"],"authorization_signing_alg_values_supported":["RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512"],"authorization_encryption_alg_values_supported":["none","RSA-OAEP","RSA-OAEP-256"],"authorization_encryption_enc_values_supported":["none","A128GCM","A192GCM","A256GCM"],"id_token_signing_alg_values_supported":["RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512"],"id_token_encryption_alg_values_supported":["none","RSA-OAEP","RSA-OAEP-256"],"id_token_encryption_enc_values_supported":["none","A128GCM","A192GCM","A256GCM"],"userinfo_signing_alg_values_supported":["RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512"],"userinfo_encryption_alg_values_supported":["none","RSA-OAEP","RSA-OAEP-256"],"userinfo_encryption_enc_values_supported":["none","A128GCM","A192GCM","A256GCM"],"token_endpoint_auth_signing_alg_values_supported":["RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512"],"request_object_signing_alg_values_supported":["RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512"],"request_object_encryption_alg_values_supported":["none","RSA-OAEP","RSA-OAEP-256"],"request_object_encryption_enc_values_supported":["none","A128GCM","A192GCM","A256GCM"],"subject_types_supported":["public"],"scopes_supported":["openid","profile","email","phone","address"],"claims_supported":["department","upn","realmName","name","tenantId","mobile_number","job_title","family_name","employee_id","preferred_username","email","given_name","groupIds","uid","iss","acr"],"claim_types_supported":["normal"],"claims_parameter_supported":true,"request_parameter_supported":true,"request_uri_parameter_supported":true,"require_request_uri_registration":true,"tls_client_certificate_bound_access_tokens":true,"mtls_endpoint_aliases":{"introspection_endpoint":"https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/introspect","pushed_authorization_request_endpoint":"https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/par","revocation_endpoint":"https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/revoke","token_endpoint":"https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/token"},"dpop_signing_alg_values_supported":["RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512"]}
2022-11-28 05:27:55 SUCCESS
GetDynamicServerConfiguration
Successfully parsed server configuration
issuer
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2
authorization_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/authorize
token_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/token
introspection_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/introspect
userinfo_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/userinfo
revocation_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/revoke
pushed_authorization_request_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/par
registration_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register
jwks_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/jwks
response_types_supported
[
  "none",
  "code",
  "token",
  "id_token",
  "code token",
  "code id_token",
  "token id_token",
  "code token id_token"
]
response_modes_supported
[
  "query",
  "fragment",
  "form_post",
  "jwt",
  "query.jwt",
  "fragment.jwt",
  "form_post.jwt"
]
grant_types_supported
[
  "authorization_code",
  "implicit",
  "password",
  "refresh_token",
  "client_credentials"
]
token_endpoint_auth_methods_supported
[
  "client_secret_basic",
  "client_secret_post",
  "private_key_jwt",
  "tls_client_auth"
]
authorization_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "PS256",
  "PS384",
  "PS512",
  "ES256",
  "ES384",
  "ES512"
]
authorization_encryption_alg_values_supported
[
  "none",
  "RSA-OAEP",
  "RSA-OAEP-256"
]
authorization_encryption_enc_values_supported
[
  "none",
  "A128GCM",
  "A192GCM",
  "A256GCM"
]
id_token_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "PS256",
  "PS384",
  "PS512",
  "ES256",
  "ES384",
  "ES512"
]
id_token_encryption_alg_values_supported
[
  "none",
  "RSA-OAEP",
  "RSA-OAEP-256"
]
id_token_encryption_enc_values_supported
[
  "none",
  "A128GCM",
  "A192GCM",
  "A256GCM"
]
userinfo_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "PS256",
  "PS384",
  "PS512",
  "ES256",
  "ES384",
  "ES512"
]
userinfo_encryption_alg_values_supported
[
  "none",
  "RSA-OAEP",
  "RSA-OAEP-256"
]
userinfo_encryption_enc_values_supported
[
  "none",
  "A128GCM",
  "A192GCM",
  "A256GCM"
]
token_endpoint_auth_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "PS256",
  "PS384",
  "PS512",
  "ES256",
  "ES384",
  "ES512"
]
request_object_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "PS256",
  "PS384",
  "PS512",
  "ES256",
  "ES384",
  "ES512"
]
request_object_encryption_alg_values_supported
[
  "none",
  "RSA-OAEP",
  "RSA-OAEP-256"
]
request_object_encryption_enc_values_supported
[
  "none",
  "A128GCM",
  "A192GCM",
  "A256GCM"
]
subject_types_supported
[
  "public"
]
scopes_supported
[
  "openid",
  "profile",
  "email",
  "phone",
  "address"
]
claims_supported
[
  "department",
  "upn",
  "realmName",
  "name",
  "tenantId",
  "mobile_number",
  "job_title",
  "family_name",
  "employee_id",
  "preferred_username",
  "email",
  "given_name",
  "groupIds",
  "uid",
  "iss",
  "acr"
]
claim_types_supported
[
  "normal"
]
claims_parameter_supported
true
request_parameter_supported
true
request_uri_parameter_supported
true
require_request_uri_registration
true
tls_client_certificate_bound_access_tokens
true
mtls_endpoint_aliases
{
  "introspection_endpoint": "https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/introspect",
  "pushed_authorization_request_endpoint": "https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/par",
  "revocation_endpoint": "https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/revoke",
  "token_endpoint": "https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/token"
}
dpop_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "PS256",
  "PS384",
  "PS512",
  "ES256",
  "ES384",
  "ES512"
]
2022-11-28 05:27:55 SUCCESS
CheckServerConfiguration
Found required server configuration keys
required
[
  "authorization_endpoint",
  "token_endpoint",
  "issuer"
]
2022-11-28 05:27:55 SUCCESS
ExtractTLSTestValuesFromServerConfiguration
Extracted TLS information from authorization server configuration
registration_endpoint
{
  "testHost": "oidc-conformance.rel.verify.ibmcloudsecurity.com",
  "testPort": 443
}
authorization_endpoint
{
  "testHost": "oidc-conformance.rel.verify.ibmcloudsecurity.com",
  "testPort": 443
}
token_endpoint
{
  "testHost": "oidc-conformance.rel.verify.ibmcloudsecurity.com",
  "testPort": 443
}
userinfo_endpoint
{
  "testHost": "oidc-conformance.rel.verify.ibmcloudsecurity.com",
  "testPort": 443
}
2022-11-28 05:27:55
FetchServerKeys
Fetching server key
jwks_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/jwks
2022-11-28 05:27:55
FetchServerKeys
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/jwks
request_method
GET
request_headers
{
  "accept": "text/plain, application/json, application/*+json, */*",
  "content-length": "0"
}
request_body

                                
2022-11-28 05:27:56 RESPONSE
FetchServerKeys
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK71587951-fbba-4a4a-bfe2-adce8ced3fe0",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c281638446db37422101",
  "vary": "Accept-Encoding",
  "date": "Mon, 28 Nov 2022 05:27:56 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:XUxQxfCuJKIVOSDubl29rVBdOITIkXfWj1NFRBt4Fjg\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:61017047; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d1F959CDF734B5666DA42FE68493D9122~-1~YAAQJHYGF7DY+4SEAQAAAs20vAj+hChMGunFOULSUGRkU/pPNJPC4cpQ55wevo/1nPyZ3Tntlu5M2eBCqVrA6/ZhxDzJapukjvlpziwwerW+2F/Fxpuflq+ywngPqKHw1HavVRhownaXx6U9M9Cdyweu/+Sl2oL2mKC1sNnibK2HCeNSfYHYtfzPmu7mVWkUOdkWf0Q7khoDq8zzJZUamuwD8PDtvjRAapbJILNobY+sulwCEhUrssLYyxNegcpfMqqBGskEddEm+zzJ0EP9eJHl99FPpihs7y/LtvEpXUaBc27msD/xHavGDvb6VtNJtlFmD3TXkN4P6xUW29zWR8RJE4jN0BdOpV9V8SdEaFNWx8fPKD4z8VCePCiAtQrX89C+Z/c\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 05:27:56 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003dF1EC6029CED67F33800CA8E05BD7E696~YAAQJHYGF7HY+4SEAQAAAs20vBEF0Act6uO1/omb2JJ0wVCtd2AK8PsozD8BqrJDWMIT7muRIWv4EeKSkLVu9LvJ4IskU+Z6ZRmgFa3ld7ceB3IXwS9Xoiwo2I1z0LDeopt+RSAK0fDakowEn2PC5xRNptcUBUuoGhLyKEWGYq4i1yTQOcAuOC+BghWRh1+x7zLp/F8wGMOCL2rF5/A5d7BFjAthODE8vGe3DCZZAbICWFK/neOZwG4xAqdyiKZPNwsYQ2T7LPFNckHgsrWm0WkFaqdXqDhtPxysb+lBFXdNmGSVIuFdnjMAEjqR~3225910~4272961; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 09:27:55 GMT; Max-Age\u003d14399; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d403",
    "origin; dur\u003d157"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"keys":[{"kid":"server","kty":"RSA","use":"sig","x5c":["MIIDYDCCAkigAwIBAgIEIFW8uDANBgkqhkiG9w0BAQsFADByMQkwBwYDVQQGEwAxCTAHBgNVBAgTADEJMAcGA1UEBxMAMQkwBwYDVQQKEwAxCTAHBgNVBAsTADE5MDcGA1UEAxMwb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tMB4XDTIyMTExNDA0NDI0MFoXDTMyMTExMTA0NDI0MFowcjEJMAcGA1UEBhMAMQkwBwYDVQQIEwAxCTAHBgNVBAcTADEJMAcGA1UEChMAMQkwBwYDVQQLEwAxOTA3BgNVBAMTMG9pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALBtmxl55OH/ceueSG0bRucWkdCLybhWwz+x9J6IOb8Q89d4lcd7xhdkN+9nYEjqQMDrUEFDj2ajikKlxrJk7tZSkbu5skFuxHUETDhjHBqnNQb1jwhAdYzBPFTyQ9Ii7lm0uYTthnBJKvpvjKPoz7H9Vuu15RNDujq7RF6sDGSIJUTaxbx7EM2Xv37iqfSAjaMCvfLelacNHUfCAoyGeJYXCIOnlg2/KdfoN4QHKw9Dwq12Br2vau/TcvbD8Na4b+Mm/NEf00wFjt+MtbMCDyUFMQbsAuAk2eFS3eABb1VOQ9ZZOOcsXwB4nRewWIVVhJyMEixDXxm73G9oJBUpI6sCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAhvvrczfcb1xsYJeEiVtctWlLfHXyKkfyJpIU1nTGdKpd18tPv4OeLMyuJsOFenhJD95UauFwz3AT1zdHShp04JHWTtkb7aezFN4C9fpb97BUR0BheoYzkC6pgZ7M4QkkKE/AKYZfWLahqcbZ6ICmUfXyDJ2mWpXLpLm+l6jh32NF74ho8h4b65cMpDk5mFEp9vf1WgnmaWGtFjVuhAgaS8IrYcDy3DzVrZX/0kCPa0EXng7Xx1IkhUaKz0ajx3ZCmC6HmNa6U+oDKboGq7w1ZfscjOr8nB9M0f5BUAQN1m0nGAR1Ac96BMjfwwS/05lpPLF3Dv5CzOGLuIi0Cws7xA=="],"x5t#S256":"PVCDmVgwC-YE7Q8Bfe_9jJ8izpYjwStjUEYZEe-58Y4","n":"sG2bGXnk4f9x655IbRtG5xaR0IvJuFbDP7H0nog5vxDz13iVx3vGF2Q372dgSOpAwOtQQUOPZqOKQqXGsmTu1lKRu7myQW7EdQRMOGMcGqc1BvWPCEB1jME8VPJD0iLuWbS5hO2GcEkq-m-Mo-jPsf1W67XlE0O6OrtEXqwMZIglRNrFvHsQzZe_fuKp9ICNowK98t6Vpw0dR8ICjIZ4lhcIg6eWDb8p1-g3hAcrD0PCrXYGva9q79Ny9sPw1rhv4yb80R_TTAWO34y1swIPJQUxBuwC4CTZ4VLd4AFvVU5D1lk45yxfAHidF7BYhVWEnIwSLENfGbvcb2gkFSkjqw","e":"AQAB"}]}
2022-11-28 05:27:56
FetchServerKeys
Found JWK set string
jwk_string
{"keys":[{"kid":"server","kty":"RSA","use":"sig","x5c":["MIIDYDCCAkigAwIBAgIEIFW8uDANBgkqhkiG9w0BAQsFADByMQkwBwYDVQQGEwAxCTAHBgNVBAgTADEJMAcGA1UEBxMAMQkwBwYDVQQKEwAxCTAHBgNVBAsTADE5MDcGA1UEAxMwb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tMB4XDTIyMTExNDA0NDI0MFoXDTMyMTExMTA0NDI0MFowcjEJMAcGA1UEBhMAMQkwBwYDVQQIEwAxCTAHBgNVBAcTADEJMAcGA1UEChMAMQkwBwYDVQQLEwAxOTA3BgNVBAMTMG9pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALBtmxl55OH/ceueSG0bRucWkdCLybhWwz+x9J6IOb8Q89d4lcd7xhdkN+9nYEjqQMDrUEFDj2ajikKlxrJk7tZSkbu5skFuxHUETDhjHBqnNQb1jwhAdYzBPFTyQ9Ii7lm0uYTthnBJKvpvjKPoz7H9Vuu15RNDujq7RF6sDGSIJUTaxbx7EM2Xv37iqfSAjaMCvfLelacNHUfCAoyGeJYXCIOnlg2/KdfoN4QHKw9Dwq12Br2vau/TcvbD8Na4b+Mm/NEf00wFjt+MtbMCDyUFMQbsAuAk2eFS3eABb1VOQ9ZZOOcsXwB4nRewWIVVhJyMEixDXxm73G9oJBUpI6sCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAhvvrczfcb1xsYJeEiVtctWlLfHXyKkfyJpIU1nTGdKpd18tPv4OeLMyuJsOFenhJD95UauFwz3AT1zdHShp04JHWTtkb7aezFN4C9fpb97BUR0BheoYzkC6pgZ7M4QkkKE/AKYZfWLahqcbZ6ICmUfXyDJ2mWpXLpLm+l6jh32NF74ho8h4b65cMpDk5mFEp9vf1WgnmaWGtFjVuhAgaS8IrYcDy3DzVrZX/0kCPa0EXng7Xx1IkhUaKz0ajx3ZCmC6HmNa6U+oDKboGq7w1ZfscjOr8nB9M0f5BUAQN1m0nGAR1Ac96BMjfwwS/05lpPLF3Dv5CzOGLuIi0Cws7xA=="],"x5t#S256":"PVCDmVgwC-YE7Q8Bfe_9jJ8izpYjwStjUEYZEe-58Y4","n":"sG2bGXnk4f9x655IbRtG5xaR0IvJuFbDP7H0nog5vxDz13iVx3vGF2Q372dgSOpAwOtQQUOPZqOKQqXGsmTu1lKRu7myQW7EdQRMOGMcGqc1BvWPCEB1jME8VPJD0iLuWbS5hO2GcEkq-m-Mo-jPsf1W67XlE0O6OrtEXqwMZIglRNrFvHsQzZe_fuKp9ICNowK98t6Vpw0dR8ICjIZ4lhcIg6eWDb8p1-g3hAcrD0PCrXYGva9q79Ny9sPw1rhv4yb80R_TTAWO34y1swIPJQUxBuwC4CTZ4VLd4AFvVU5D1lk45yxfAHidF7BYhVWEnIwSLENfGbvcb2gkFSkjqw","e":"AQAB"}]}
2022-11-28 05:27:56 SUCCESS
FetchServerKeys
Found server JWK set
server_jwks
{
  "keys": [
    {
      "kid": "server",
      "kty": "RSA",
      "use": "sig",
      "x5c": [
        "MIIDYDCCAkigAwIBAgIEIFW8uDANBgkqhkiG9w0BAQsFADByMQkwBwYDVQQGEwAxCTAHBgNVBAgTADEJMAcGA1UEBxMAMQkwBwYDVQQKEwAxCTAHBgNVBAsTADE5MDcGA1UEAxMwb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tMB4XDTIyMTExNDA0NDI0MFoXDTMyMTExMTA0NDI0MFowcjEJMAcGA1UEBhMAMQkwBwYDVQQIEwAxCTAHBgNVBAcTADEJMAcGA1UEChMAMQkwBwYDVQQLEwAxOTA3BgNVBAMTMG9pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALBtmxl55OH/ceueSG0bRucWkdCLybhWwz+x9J6IOb8Q89d4lcd7xhdkN+9nYEjqQMDrUEFDj2ajikKlxrJk7tZSkbu5skFuxHUETDhjHBqnNQb1jwhAdYzBPFTyQ9Ii7lm0uYTthnBJKvpvjKPoz7H9Vuu15RNDujq7RF6sDGSIJUTaxbx7EM2Xv37iqfSAjaMCvfLelacNHUfCAoyGeJYXCIOnlg2/KdfoN4QHKw9Dwq12Br2vau/TcvbD8Na4b+Mm/NEf00wFjt+MtbMCDyUFMQbsAuAk2eFS3eABb1VOQ9ZZOOcsXwB4nRewWIVVhJyMEixDXxm73G9oJBUpI6sCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAhvvrczfcb1xsYJeEiVtctWlLfHXyKkfyJpIU1nTGdKpd18tPv4OeLMyuJsOFenhJD95UauFwz3AT1zdHShp04JHWTtkb7aezFN4C9fpb97BUR0BheoYzkC6pgZ7M4QkkKE/AKYZfWLahqcbZ6ICmUfXyDJ2mWpXLpLm+l6jh32NF74ho8h4b65cMpDk5mFEp9vf1WgnmaWGtFjVuhAgaS8IrYcDy3DzVrZX/0kCPa0EXng7Xx1IkhUaKz0ajx3ZCmC6HmNa6U+oDKboGq7w1ZfscjOr8nB9M0f5BUAQN1m0nGAR1Ac96BMjfwwS/05lpPLF3Dv5CzOGLuIi0Cws7xA\u003d\u003d"
      ],
      "x5t#S256": "PVCDmVgwC-YE7Q8Bfe_9jJ8izpYjwStjUEYZEe-58Y4",
      "n": "sG2bGXnk4f9x655IbRtG5xaR0IvJuFbDP7H0nog5vxDz13iVx3vGF2Q372dgSOpAwOtQQUOPZqOKQqXGsmTu1lKRu7myQW7EdQRMOGMcGqc1BvWPCEB1jME8VPJD0iLuWbS5hO2GcEkq-m-Mo-jPsf1W67XlE0O6OrtEXqwMZIglRNrFvHsQzZe_fuKp9ICNowK98t6Vpw0dR8ICjIZ4lhcIg6eWDb8p1-g3hAcrD0PCrXYGva9q79Ny9sPw1rhv4yb80R_TTAWO34y1swIPJQUxBuwC4CTZ4VLd4AFvVU5D1lk45yxfAHidF7BYhVWEnIwSLENfGbvcb2gkFSkjqw",
      "e": "AQAB"
    }
  ]
}
2022-11-28 05:27:56 SUCCESS
CheckServerKeysIsValid
Server JWKs is valid
server_jwks
{
  "keys": [
    {
      "kid": "server",
      "kty": "RSA",
      "use": "sig",
      "x5c": [
        "MIIDYDCCAkigAwIBAgIEIFW8uDANBgkqhkiG9w0BAQsFADByMQkwBwYDVQQGEwAxCTAHBgNVBAgTADEJMAcGA1UEBxMAMQkwBwYDVQQKEwAxCTAHBgNVBAsTADE5MDcGA1UEAxMwb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tMB4XDTIyMTExNDA0NDI0MFoXDTMyMTExMTA0NDI0MFowcjEJMAcGA1UEBhMAMQkwBwYDVQQIEwAxCTAHBgNVBAcTADEJMAcGA1UEChMAMQkwBwYDVQQLEwAxOTA3BgNVBAMTMG9pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALBtmxl55OH/ceueSG0bRucWkdCLybhWwz+x9J6IOb8Q89d4lcd7xhdkN+9nYEjqQMDrUEFDj2ajikKlxrJk7tZSkbu5skFuxHUETDhjHBqnNQb1jwhAdYzBPFTyQ9Ii7lm0uYTthnBJKvpvjKPoz7H9Vuu15RNDujq7RF6sDGSIJUTaxbx7EM2Xv37iqfSAjaMCvfLelacNHUfCAoyGeJYXCIOnlg2/KdfoN4QHKw9Dwq12Br2vau/TcvbD8Na4b+Mm/NEf00wFjt+MtbMCDyUFMQbsAuAk2eFS3eABb1VOQ9ZZOOcsXwB4nRewWIVVhJyMEixDXxm73G9oJBUpI6sCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAhvvrczfcb1xsYJeEiVtctWlLfHXyKkfyJpIU1nTGdKpd18tPv4OeLMyuJsOFenhJD95UauFwz3AT1zdHShp04JHWTtkb7aezFN4C9fpb97BUR0BheoYzkC6pgZ7M4QkkKE/AKYZfWLahqcbZ6ICmUfXyDJ2mWpXLpLm+l6jh32NF74ho8h4b65cMpDk5mFEp9vf1WgnmaWGtFjVuhAgaS8IrYcDy3DzVrZX/0kCPa0EXng7Xx1IkhUaKz0ajx3ZCmC6HmNa6U+oDKboGq7w1ZfscjOr8nB9M0f5BUAQN1m0nGAR1Ac96BMjfwwS/05lpPLF3Dv5CzOGLuIi0Cws7xA\u003d\u003d"
      ],
      "x5t#S256": "PVCDmVgwC-YE7Q8Bfe_9jJ8izpYjwStjUEYZEe-58Y4",
      "n": "sG2bGXnk4f9x655IbRtG5xaR0IvJuFbDP7H0nog5vxDz13iVx3vGF2Q372dgSOpAwOtQQUOPZqOKQqXGsmTu1lKRu7myQW7EdQRMOGMcGqc1BvWPCEB1jME8VPJD0iLuWbS5hO2GcEkq-m-Mo-jPsf1W67XlE0O6OrtEXqwMZIglRNrFvHsQzZe_fuKp9ICNowK98t6Vpw0dR8ICjIZ4lhcIg6eWDb8p1-g3hAcrD0PCrXYGva9q79Ny9sPw1rhv4yb80R_TTAWO34y1swIPJQUxBuwC4CTZ4VLd4AFvVU5D1lk45yxfAHidF7BYhVWEnIwSLENfGbvcb2gkFSkjqw",
      "e": "AQAB"
    }
  ]
}
2022-11-28 05:27:56 SUCCESS
ValidateServerJWKs
Valid server JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2022-11-28 05:27:56 SUCCESS
CheckForKeyIdInServerJWKs
All keys contain kids
2022-11-28 05:27:56 SUCCESS
CheckDistinctKeyIdValueInServerJWKs
Distinct 'kid' value in all keys of server_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2022-11-28 05:27:56 SUCCESS
EnsureServerJwksDoesNotContainPrivateOrSymmetricKeys
Jwks does not contain any private or symmetric keys
2022-11-28 05:27:56
StoreOriginalClientConfiguration
Created original_client_config object from the client configuration.
client_name
Ristretto Core Conformance Test Dynamic Client One
2022-11-28 05:27:56
ExtractClientNameFromStoredConfig
Extracted client_name from stored client configuration.
client_name
Ristretto Core Conformance Test Dynamic Client One
2022-11-28 05:27:56 SUCCESS
GenerateRS256ClientJWKs
Generated client JWKs
client_jwks
{
  "keys": [
    {
      "p": "2HBrsDLHgBEzOkfv5Zmd6HhSoUtOyehxIo-HOYIN7FfUbS4BCpU0Aa3aWFdW3W_taNDVpYZPljVyDt1ZU_p91bO8sjjwyHhi-OOsXkRqTd3VC3NcS1Y7YzHH2oLGHRVaH3XuTJwX7btIqZL3QLppmKYucD9lSonEPwI92JEapJ0",
      "kty": "RSA",
      "q": "vGWPJrSGdHOenhyjhRGy82Ho7wMBTPTWedJBXOEDhsmB96Qi8UuD0Qdh6hN7jkz_YKR9h925DjcauQm0X_G0j9TWBwnjowoK5uVVXGLT0PAa8U5ThdK4iaDfexsyDZyfs2cweLWhtV9uWzz8q7pF-UGpOkbFOAXmbf5HOWrn2G8",
      "d": "lK5vCTovHy_ak_IjWJsEIc7zMIIKqFMnbR1TCkyYdsIegzO6JNNT4qQBK-UNLgJ1bKqQDd3UjH2nLEI0WIgy_YgGzf7E77q5XXul2QlYBBqFUW6ccC-sn-RIBNFFlx5Y-OB7yUv3c_doNcXfzODh_VtPS4LFINR8y6LBADqwLx1EWDWvrtEqkb2iNrfuQ8Gpp7cS-H83J_bBuHf0k0yV2GT32ou5x-Q4Dr-y5rQOAQYKDgWA-3ENN1BN9eC9513O794ML0cqTIoNNKO4YTW_v6uG5n0lFMjZ8Lf6Zk9fooB6oHrYLhBzRyIBlmbtUHehzna249PeAh6Xd2axuFZEuQ",
      "e": "AQAB",
      "use": "sig",
      "qi": "LhjB28wwOyjLYXWa-vfoIx8uqu89oSAiVywoZynuHYZ2GiQrdoSo8LZzKckkTTXE8UyIcusnjIVbqviqBy7dp31oJWASlbeIV8awswIL9rIeGv0qsILsXerWafAFugRtaveRcc5qVjUS36WLl7ObZCE0cLIPSOKJHF-8eXru_E0",
      "dp": "vqLmdx-C0K5VrLPH_Tc8-pFgVmj6UKTHYWWB-Ykvskf59uBaUnPwhroWY1EqVYhMV9H5G_4dA3S3rZgRIgKz6xKQ1XmJu0kuA4KlQ7KG32bQS3GkjUa6sDgci747uUohQyygZCHogaA_8_xag0ytzaIxrPRpxylpDQZwatwD15E",
      "alg": "RS256",
      "dq": "kZHrtZ2B0tNPuZ4pX3XYjySVRrFMvPjmDEVBChI3llt3mDD0avvNg6Mvrh2Vt9OY9ETFVkklZ21-sYFlJUlvGj_7jH7ArMbiu5xyg6s9PdF5EAFUmi_DNVzfsZDG8SuXXpkaI_s8UxfE_qy2E78fuERbDVOHqg0tCsqSoDQRpvM",
      "n": "n0hsd2dGrEwV5MKvz7fgFRqW9Ql5klwSMj6t6CdqM4IHVCsO2HKymoHzjeI8A2V_d4tzRzX41kzWnfIAHsj5IbqX_S1-9lG_stJDLy3l725HA7He7WY_oYeWrwTCfZD62GocRWGtuEcOpbLIJlW5LcpYpwduODUehQe9fgNXVH02Xi4PWEufJ4fa6d421xZyMbRkUY13EDledAtWiaOtRtpI2SK5xS7Ao2HjDsINnq-2Gq-xagSejNqa7Q2cHtSqGDJbto0aLaTl3lPbwh8i8vX2GDbfbOVF84p-bosGZGzZebXGW059KOgO7bEK1qdrVNGd0lGJNe2QA7R98RzYEw"
    }
  ]
}
public_client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "alg": "RS256",
      "n": "n0hsd2dGrEwV5MKvz7fgFRqW9Ql5klwSMj6t6CdqM4IHVCsO2HKymoHzjeI8A2V_d4tzRzX41kzWnfIAHsj5IbqX_S1-9lG_stJDLy3l725HA7He7WY_oYeWrwTCfZD62GocRWGtuEcOpbLIJlW5LcpYpwduODUehQe9fgNXVH02Xi4PWEufJ4fa6d421xZyMbRkUY13EDledAtWiaOtRtpI2SK5xS7Ao2HjDsINnq-2Gq-xagSejNqa7Q2cHtSqGDJbto0aLaTl3lPbwh8i8vX2GDbfbOVF84p-bosGZGzZebXGW059KOgO7bEK1qdrVNGd0lGJNe2QA7R98RzYEw"
    }
  ]
}
2022-11-28 05:27:56 SUCCESS
CheckDistinctKeyIdValueInClientJWKs
Distinct 'kid' value in all keys of client_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2022-11-28 05:27:56
CreateEmptyDynamicRegistrationRequest
Created empty dynamic registration request
2022-11-28 05:27:56
AddClientNameToDynamicRegistrationRequest
Added client_name to registration request
client_name
Ristretto Core Conformance Test Dynamic Client One nO4BA065gJm0PZr
2022-11-28 05:27:56
AddAuthorizationCodeGrantTypeToDynamicRegistrationRequest
Added 'authorization_code' to 'grant_types'
grant_types
[
  "authorization_code"
]
2022-11-28 05:27:56
AddImplicitGrantTypeToDynamicRegistrationRequest
Added 'implicit' to 'grant_types'
grant_types
[
  "authorization_code",
  "implicit"
]
2022-11-28 05:27:56
AddPublicJwksToDynamicRegistrationRequest
Added client public JWKS to dynamic registration request
dynamic_registration_request
{
  "client_name": "Ristretto Core Conformance Test Dynamic Client One nO4BA065gJm0PZr",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "n0hsd2dGrEwV5MKvz7fgFRqW9Ql5klwSMj6t6CdqM4IHVCsO2HKymoHzjeI8A2V_d4tzRzX41kzWnfIAHsj5IbqX_S1-9lG_stJDLy3l725HA7He7WY_oYeWrwTCfZD62GocRWGtuEcOpbLIJlW5LcpYpwduODUehQe9fgNXVH02Xi4PWEufJ4fa6d421xZyMbRkUY13EDledAtWiaOtRtpI2SK5xS7Ao2HjDsINnq-2Gq-xagSejNqa7Q2cHtSqGDJbto0aLaTl3lPbwh8i8vX2GDbfbOVF84p-bosGZGzZebXGW059KOgO7bEK1qdrVNGd0lGJNe2QA7R98RzYEw"
      }
    ]
  }
}
2022-11-28 05:27:56
AddTokenEndpointAuthMethodToDynamicRegistrationRequestFromEnvironment
Added token endpoint auth method to dynamic registration request
dynamic_registration_request
{
  "client_name": "Ristretto Core Conformance Test Dynamic Client One nO4BA065gJm0PZr",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "n0hsd2dGrEwV5MKvz7fgFRqW9Ql5klwSMj6t6CdqM4IHVCsO2HKymoHzjeI8A2V_d4tzRzX41kzWnfIAHsj5IbqX_S1-9lG_stJDLy3l725HA7He7WY_oYeWrwTCfZD62GocRWGtuEcOpbLIJlW5LcpYpwduODUehQe9fgNXVH02Xi4PWEufJ4fa6d421xZyMbRkUY13EDledAtWiaOtRtpI2SK5xS7Ao2HjDsINnq-2Gq-xagSejNqa7Q2cHtSqGDJbto0aLaTl3lPbwh8i8vX2GDbfbOVF84p-bosGZGzZebXGW059KOgO7bEK1qdrVNGd0lGJNe2QA7R98RzYEw"
      }
    ]
  },
  "token_endpoint_auth_method": "private_key_jwt"
}
2022-11-28 05:27:56
AddResponseTypesArrayToDynamicRegistrationRequestFromEnvironment
Added response_types array to dynamic registration request
dynamic_registration_request
{
  "client_name": "Ristretto Core Conformance Test Dynamic Client One nO4BA065gJm0PZr",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "n0hsd2dGrEwV5MKvz7fgFRqW9Ql5klwSMj6t6CdqM4IHVCsO2HKymoHzjeI8A2V_d4tzRzX41kzWnfIAHsj5IbqX_S1-9lG_stJDLy3l725HA7He7WY_oYeWrwTCfZD62GocRWGtuEcOpbLIJlW5LcpYpwduODUehQe9fgNXVH02Xi4PWEufJ4fa6d421xZyMbRkUY13EDledAtWiaOtRtpI2SK5xS7Ao2HjDsINnq-2Gq-xagSejNqa7Q2cHtSqGDJbto0aLaTl3lPbwh8i8vX2GDbfbOVF84p-bosGZGzZebXGW059KOgO7bEK1qdrVNGd0lGJNe2QA7R98RzYEw"
      }
    ]
  },
  "token_endpoint_auth_method": "private_key_jwt",
  "response_types": [
    "code id_token"
  ]
}
2022-11-28 05:27:56
AddRedirectUriToDynamicRegistrationRequest
Added redirect_uris array to dynamic registration request
dynamic_registration_request
{
  "client_name": "Ristretto Core Conformance Test Dynamic Client One nO4BA065gJm0PZr",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "n0hsd2dGrEwV5MKvz7fgFRqW9Ql5klwSMj6t6CdqM4IHVCsO2HKymoHzjeI8A2V_d4tzRzX41kzWnfIAHsj5IbqX_S1-9lG_stJDLy3l725HA7He7WY_oYeWrwTCfZD62GocRWGtuEcOpbLIJlW5LcpYpwduODUehQe9fgNXVH02Xi4PWEufJ4fa6d421xZyMbRkUY13EDledAtWiaOtRtpI2SK5xS7Ao2HjDsINnq-2Gq-xagSejNqa7Q2cHtSqGDJbto0aLaTl3lPbwh8i8vX2GDbfbOVF84p-bosGZGzZebXGW059KOgO7bEK1qdrVNGd0lGJNe2QA7R98RzYEw"
      }
    ]
  },
  "token_endpoint_auth_method": "private_key_jwt",
  "response_types": [
    "code id_token"
  ],
  "redirect_uris": [
    "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"
  ]
}
2022-11-28 05:27:56
AddContactsToDynamicRegistrationRequest
Added contacts array to dynamic registration request
dynamic_registration_request
{
  "client_name": "Ristretto Core Conformance Test Dynamic Client One nO4BA065gJm0PZr",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "n0hsd2dGrEwV5MKvz7fgFRqW9Ql5klwSMj6t6CdqM4IHVCsO2HKymoHzjeI8A2V_d4tzRzX41kzWnfIAHsj5IbqX_S1-9lG_stJDLy3l725HA7He7WY_oYeWrwTCfZD62GocRWGtuEcOpbLIJlW5LcpYpwduODUehQe9fgNXVH02Xi4PWEufJ4fa6d421xZyMbRkUY13EDledAtWiaOtRtpI2SK5xS7Ao2HjDsINnq-2Gq-xagSejNqa7Q2cHtSqGDJbto0aLaTl3lPbwh8i8vX2GDbfbOVF84p-bosGZGzZebXGW059KOgO7bEK1qdrVNGd0lGJNe2QA7R98RzYEw"
      }
    ]
  },
  "token_endpoint_auth_method": "private_key_jwt",
  "response_types": [
    "code id_token"
  ],
  "redirect_uris": [
    "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"
  ],
  "contacts": [
    "certification@oidf.org"
  ]
}
2022-11-28 05:27:56
AddRefreshTokenGrantTypeToDynamicRegistrationRequest
Added 'refresh_token' to 'grant_types'
grant_types
[
  "authorization_code",
  "implicit",
  "refresh_token"
]
2022-11-28 05:27:56
CallDynamicRegistrationEndpoint
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register
request_method
POST
request_headers
{
  "accept": "application/json",
  "accept-charset": "utf-8",
  "content-type": "application/json",
  "content-length": "781"
}
request_body
{"client_name":"Ristretto Core Conformance Test Dynamic Client One nO4BA065gJm0PZr","grant_types":["authorization_code","implicit","refresh_token"],"jwks":{"keys":[{"kty":"RSA","e":"AQAB","use":"sig","alg":"RS256","n":"n0hsd2dGrEwV5MKvz7fgFRqW9Ql5klwSMj6t6CdqM4IHVCsO2HKymoHzjeI8A2V_d4tzRzX41kzWnfIAHsj5IbqX_S1-9lG_stJDLy3l725HA7He7WY_oYeWrwTCfZD62GocRWGtuEcOpbLIJlW5LcpYpwduODUehQe9fgNXVH02Xi4PWEufJ4fa6d421xZyMbRkUY13EDledAtWiaOtRtpI2SK5xS7Ao2HjDsINnq-2Gq-xagSejNqa7Q2cHtSqGDJbto0aLaTl3lPbwh8i8vX2GDbfbOVF84p-bosGZGzZebXGW059KOgO7bEK1qdrVNGd0lGJNe2QA7R98RzYEw"}]},"token_endpoint_auth_method":"private_key_jwt","response_types":["code id_token"],"redirect_uris":["https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"],"contacts":["certification@oidf.org"]}
2022-11-28 05:28:00 RESPONSE
CallDynamicRegistrationEndpoint
HTTP response
response_status_code
201 CREATED
response_status_text
Created
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK2b270776-bd29-443c-bba3-fba24f1a1467",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c281638446dc37422021",
  "content-length": "1449",
  "date": "Mon, 28 Nov 2022 05:28:00 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:aclGWpaxf5uGkOfKdZ9C5YJxUzK8fYYhSMxVd+5yGMc\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:57871319; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003dCE34BDFB3C378B7533FC2BA8F05A043E~-1~YAAQJHYGF/LY+4SEAQAAytu0vAjygveWyQK2dT86n9O761p/2y/Lol6MgbzPmcELLjDwyL1Bup8RoueStpPfyJ5qKY/FC73oysFcKfLo38G/W/dDF+baVscxySBxnWQgL2WzKETScFmquMdZXsebkeQ/K5P3+htC5dDCarRH+hvmY/GDY41Pg6uEG+9mEzF9Yfcl26mH/ZQuLELdcBmU1vp1RcfjyZm9uvv5OpMFVOFQzq6bYhfIagYe3vI92fHW1gFWvdbB4/RtP74nOVRus1FpLVZktjKfPOAW43pHhsCgyvt8SPj/4H9oqa+jhHpkSbtGCiXw8jIe/Zdr2zlJpl8BDIuooASrl9zSBM1/bOxBhnbLjICid8y+2fGpQz8Bl//Jj6w\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 05:28:00 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d44751CAB06F5B9BED7BF2DC49BAAC849~YAAQJHYGF/PY+4SEAQAAytu0vBFhpe1qgC0qnVFZ3Dn0jFlt3xbCgUXxyUOvzS+AyJTwX2tOsOt1OdTWfMV82hLBDWBhi34SsIZaUBzjcTBgC6t+disjhggwqzBBSUhKszGVyfLSNEGn4bwaUq2IPxVNlo6JtUg3ux2Lac3bNjfEgRmtupvHiu4DN0m9HmiSIom1VZR3PSsBTUQ4sjU9gxr2G97ynnJdlV59FNMf99HUk68X7goI051W0nvANPiHF4oU/npQ6J4paeU6RmLVZmls89wtPBDekmWhaM29hUK/PNrFbe9ONVixzQ3D~3225667~3749177; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 09:27:56 GMT; Max-Age\u003d14396; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d99",
    "origin; dur\u003d3574"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"all_users_entitled":true,"client_id":"88c15784-3dfd-4df3-b296-01cddb07b9be","client_id_issued_at":"2022-11-28T05:27:56Z","client_name":"Ristretto Core Conformance Test Dynamic Client One nO4BA065gJm0PZr","client_secret":"9fBiyC41Qt","client_secret_expires_at":0,"consent_action":"always_prompt","enforce_pkce":false,"grant_types":["authorization_code","implicit","refresh_token"],"id_token_map":[],"id_token_signed_response_alg":"RS256","initiate_login_uri":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com","jwks":{"keys":[{"use":"sig","kty":"RSA","alg":"RS256","n":"n0hsd2dGrEwV5MKvz7fgFRqW9Ql5klwSMj6t6CdqM4IHVCsO2HKymoHzjeI8A2V_d4tzRzX41kzWnfIAHsj5IbqX_S1-9lG_stJDLy3l725HA7He7WY_oYeWrwTCfZD62GocRWGtuEcOpbLIJlW5LcpYpwduODUehQe9fgNXVH02Xi4PWEufJ4fa6d421xZyMbRkUY13EDledAtWiaOtRtpI2SK5xS7Ao2HjDsINnq-2Gq-xagSejNqa7Q2cHtSqGDJbto0aLaTl3lPbwh8i8vX2GDbfbOVF84p-bosGZGzZebXGW059KOgO7bEK1qdrVNGd0lGJNe2QA7R98RzYEw","e":"AQAB"}]},"redirect_uris":["https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"],"registration_access_token":"uilg3jW4piU1dJGvMBMIctrTl3zDHBG1ra7bA9SlVB8.BvDdJqmcY8QBHiAJHLaq1vRdvEXmvU8xcJizekTCs_taxKOPC908nkVO5heC4b9WmhCbWSsDU-Iy5iwKUhEwXw.M18xNjY5NjEzMjgwXzE4","registration_client_uri":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register/88c15784-3dfd-4df3-b296-01cddb07b9be","response_types":["code id_token"],"token_endpoint_auth_method":"private_key_jwt","token_map":[]}
2022-11-28 05:28:00
CallDynamicRegistrationEndpoint
Parsed registration endpoint response
status
201
endpoint_name
dynamic registration
headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK2b270776-bd29-443c-bba3-fba24f1a1467",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c281638446dc37422021",
  "content-length": "1449",
  "date": "Mon, 28 Nov 2022 05:28:00 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:aclGWpaxf5uGkOfKdZ9C5YJxUzK8fYYhSMxVd+5yGMc\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:57871319; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003dCE34BDFB3C378B7533FC2BA8F05A043E~-1~YAAQJHYGF/LY+4SEAQAAytu0vAjygveWyQK2dT86n9O761p/2y/Lol6MgbzPmcELLjDwyL1Bup8RoueStpPfyJ5qKY/FC73oysFcKfLo38G/W/dDF+baVscxySBxnWQgL2WzKETScFmquMdZXsebkeQ/K5P3+htC5dDCarRH+hvmY/GDY41Pg6uEG+9mEzF9Yfcl26mH/ZQuLELdcBmU1vp1RcfjyZm9uvv5OpMFVOFQzq6bYhfIagYe3vI92fHW1gFWvdbB4/RtP74nOVRus1FpLVZktjKfPOAW43pHhsCgyvt8SPj/4H9oqa+jhHpkSbtGCiXw8jIe/Zdr2zlJpl8BDIuooASrl9zSBM1/bOxBhnbLjICid8y+2fGpQz8Bl//Jj6w\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 05:28:00 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d44751CAB06F5B9BED7BF2DC49BAAC849~YAAQJHYGF/PY+4SEAQAAytu0vBFhpe1qgC0qnVFZ3Dn0jFlt3xbCgUXxyUOvzS+AyJTwX2tOsOt1OdTWfMV82hLBDWBhi34SsIZaUBzjcTBgC6t+disjhggwqzBBSUhKszGVyfLSNEGn4bwaUq2IPxVNlo6JtUg3ux2Lac3bNjfEgRmtupvHiu4DN0m9HmiSIom1VZR3PSsBTUQ4sjU9gxr2G97ynnJdlV59FNMf99HUk68X7goI051W0nvANPiHF4oU/npQ6J4paeU6RmLVZmls89wtPBDekmWhaM29hUK/PNrFbe9ONVixzQ3D~3225667~3749177; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 09:27:56 GMT; Max-Age\u003d14396; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d99",
    "origin; dur\u003d3574"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
body
{"all_users_entitled":true,"client_id":"88c15784-3dfd-4df3-b296-01cddb07b9be","client_id_issued_at":"2022-11-28T05:27:56Z","client_name":"Ristretto Core Conformance Test Dynamic Client One nO4BA065gJm0PZr","client_secret":"9fBiyC41Qt","client_secret_expires_at":0,"consent_action":"always_prompt","enforce_pkce":false,"grant_types":["authorization_code","implicit","refresh_token"],"id_token_map":[],"id_token_signed_response_alg":"RS256","initiate_login_uri":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com","jwks":{"keys":[{"use":"sig","kty":"RSA","alg":"RS256","n":"n0hsd2dGrEwV5MKvz7fgFRqW9Ql5klwSMj6t6CdqM4IHVCsO2HKymoHzjeI8A2V_d4tzRzX41kzWnfIAHsj5IbqX_S1-9lG_stJDLy3l725HA7He7WY_oYeWrwTCfZD62GocRWGtuEcOpbLIJlW5LcpYpwduODUehQe9fgNXVH02Xi4PWEufJ4fa6d421xZyMbRkUY13EDledAtWiaOtRtpI2SK5xS7Ao2HjDsINnq-2Gq-xagSejNqa7Q2cHtSqGDJbto0aLaTl3lPbwh8i8vX2GDbfbOVF84p-bosGZGzZebXGW059KOgO7bEK1qdrVNGd0lGJNe2QA7R98RzYEw","e":"AQAB"}]},"redirect_uris":["https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"],"registration_access_token":"uilg3jW4piU1dJGvMBMIctrTl3zDHBG1ra7bA9SlVB8.BvDdJqmcY8QBHiAJHLaq1vRdvEXmvU8xcJizekTCs_taxKOPC908nkVO5heC4b9WmhCbWSsDU-Iy5iwKUhEwXw.M18xNjY5NjEzMjgwXzE4","registration_client_uri":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register/88c15784-3dfd-4df3-b296-01cddb07b9be","response_types":["code id_token"],"token_endpoint_auth_method":"private_key_jwt","token_map":[]}
body_json
{
  "all_users_entitled": true,
  "client_id": "88c15784-3dfd-4df3-b296-01cddb07b9be",
  "client_id_issued_at": "2022-11-28T05:27:56Z",
  "client_name": "Ristretto Core Conformance Test Dynamic Client One nO4BA065gJm0PZr",
  "client_secret": "9fBiyC41Qt",
  "client_secret_expires_at": 0,
  "consent_action": "always_prompt",
  "enforce_pkce": false,
  "grant_types": [
    "authorization_code",
    "implicit",
    "refresh_token"
  ],
  "id_token_map": [],
  "id_token_signed_response_alg": "RS256",
  "initiate_login_uri": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com",
  "jwks": {
    "keys": [
      {
        "use": "sig",
        "kty": "RSA",
        "alg": "RS256",
        "n": "n0hsd2dGrEwV5MKvz7fgFRqW9Ql5klwSMj6t6CdqM4IHVCsO2HKymoHzjeI8A2V_d4tzRzX41kzWnfIAHsj5IbqX_S1-9lG_stJDLy3l725HA7He7WY_oYeWrwTCfZD62GocRWGtuEcOpbLIJlW5LcpYpwduODUehQe9fgNXVH02Xi4PWEufJ4fa6d421xZyMbRkUY13EDledAtWiaOtRtpI2SK5xS7Ao2HjDsINnq-2Gq-xagSejNqa7Q2cHtSqGDJbto0aLaTl3lPbwh8i8vX2GDbfbOVF84p-bosGZGzZebXGW059KOgO7bEK1qdrVNGd0lGJNe2QA7R98RzYEw",
        "e": "AQAB"
      }
    ]
  },
  "redirect_uris": [
    "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"
  ],
  "registration_access_token": "uilg3jW4piU1dJGvMBMIctrTl3zDHBG1ra7bA9SlVB8.BvDdJqmcY8QBHiAJHLaq1vRdvEXmvU8xcJizekTCs_taxKOPC908nkVO5heC4b9WmhCbWSsDU-Iy5iwKUhEwXw.M18xNjY5NjEzMjgwXzE4",
  "registration_client_uri": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register/88c15784-3dfd-4df3-b296-01cddb07b9be",
  "response_types": [
    "code id_token"
  ],
  "token_endpoint_auth_method": "private_key_jwt",
  "token_map": []
}
2022-11-28 05:28:00 SUCCESS
EnsureContentTypeJson
endpoint_response Content-Type: header is application/json
2022-11-28 05:28:00 SUCCESS
EnsureHttpStatusCodeIs201
dynamic registration endpoint returned the expected http status
expected_status
201
http_status
201
2022-11-28 05:28:00 SUCCESS
CheckNoErrorFromDynamicRegistrationEndpoint
Dynamic registration endpoint did not return an error.
2022-11-28 05:28:00 SUCCESS
ExtractDynamicRegistrationResponse
Extracted client from dynamic registration response
client_id
88c15784-3dfd-4df3-b296-01cddb07b9be
2022-11-28 05:28:00 SUCCESS
VerifyClientManagementCredentials
Verified dynamic registration management credentials
registration_client_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register/88c15784-3dfd-4df3-b296-01cddb07b9be
registration_access_token
uilg3jW4piU1dJGvMBMIctrTl3zDHBG1ra7bA9SlVB8.BvDdJqmcY8QBHiAJHLaq1vRdvEXmvU8xcJizekTCs_taxKOPC908nkVO5heC4b9WmhCbWSsDU-Iy5iwKUhEwXw.M18xNjY5NjEzMjgwXzE4
2022-11-28 05:28:00
SetScopeInClientConfigurationToOpenId
Set scope in client configuration to "openid"
scope
openid
2022-11-28 05:28:00
SetScopeInClientConfigurationToOpenIdOfflineAccessIfServerSupportsOfflineAccess
scopes supported does not contain 'offline_access' so not adding it to the list of scopes to be requested
scopes_supported
[
  "openid",
  "profile",
  "email",
  "phone",
  "address"
]
2022-11-28 05:28:00 SUCCESS
EnsureServerConfigurationSupportsPrivateKeyJwt
Found supported private_key_jwt method
method
private_key_jwt
2022-11-28 05:28:00
StoreOriginalClient2Configuration
Created original_client_config object from the client configuration.
client_name
Ristretto Core Conformance Test Dynamic Client Two
2022-11-28 05:28:00
ExtractClientNameFromStoredConfig
Extracted client_name from stored client configuration.
client_name
Ristretto Core Conformance Test Dynamic Client Two
2022-11-28 05:28:00 SUCCESS
GenerateRS256ClientJWKs
Generated client JWKs
client_jwks
{
  "keys": [
    {
      "p": "6IYfc1N6A8QtD5OZ_ApTYCs5xRigSpdCs9RBW1htSroxMtD4B_aulZO7pAG9TJTIWz9CuWKhuzQPBPc8c3yiNnRvY0FKu1tckVWMHG-q44iDXS39Yrs250Zo7OWwdxMZFkadS9gevgpxNWkK9U5NuKBno5Nn5EwcFeHyqeug6eU",
      "kty": "RSA",
      "q": "tclJvnfF_-hikfWQ_cE0PmFgDV0KyroHlwemVR9trWI4YktY6mcBp5h187OeglraPvVxTPzO13TIpcUnIMw6WDyvXOsPAJu-FzJED8Ik5s_vZJO8eDX6YuFGMpbPYySwuxiFygA9HlS_Go69qne2AiErFtfWndc1PAGhEz_zawU",
      "d": "mQ91ObSNWgYxFoFUPDoLt1FvCiq3TVVz73T41KW3TvSKA8bkL7dSUas2CdWKADSMMxWikTZ9_c7PWCyLDoboZcIkqiS8CuEeUoEqdrCBp-3Sp-Q_w8xQGCxy_bc025Z0aHUfCbfUQzfZlO2Pdy3Ia_QwSHKQ-bAHg8aF5_Wgex9xuAGs40qwk0qNP379G30zEMmo8Raqh8w5EBUhjaQteD9KjGRIdRLvzh9bImDbNotV8tPk9mGM_MpqWO9yHfVr2izWAVFMzUFDV-cweH5chVBqiB_ZQ0baJaGMFznijD5-kPap0UUN1Yhlb2lGQXOiHlW3Ad-KVHzqOfuFORdtAQ",
      "e": "AQAB",
      "use": "sig",
      "qi": "Qrh_iYP3OhWYOiiSFYhyZ1ymHAlQlYDf5BTKs2Q2FLKnL_XAF7NVf0iYfqTnDWZ-iHyAwBDtsgoDYuNA9odPZZrJ43vCHr5Avwbya6YM4bgFTBAI2Yn-EaV15gswS35AzVANak62zxwsJ6Knc1Rkr2I9asTrg1tf9hbWW3RYRNQ",
      "dp": "Fm_60PIZMAvaHUqs7TlB2mHRbUd3EDuQYDH3LI1X3oIhBTpM9NfE-QIMdUMFtUIWI1fzZFg0KxBW8q-40ZwROxf5N6axQ2sJf6y1nHjaEKK3qmIptUFDhwWwUkvHv3XEUfX2b78nGEeBrRm5yPoJXet8lLhAqjL98s6ez-7A1FE",
      "alg": "RS256",
      "dq": "NCzTx6Ek6TBPqkjrFonvbsAQC4Xa5RjDuOtvKBtfJVZ9jGjH2m86IFo38HxrUEq3PT7BCDG_REO2my2c72LulAjG5EprAeexhYLd2hAE-2JO-XUVsQL9HIg_16FFYNVVDD4bmEC9SglU2FCDy3uUd8QBVAsbBC6SjuiAzL-cI-k",
      "n": "pR2ohnrfOiHkemFm8Ut6cYaq9necuMoAJ9D5gCmVBYLV9sRdiqra43hhT4n1-ncecHeP-V0J3JcUdUvc64MYzA_0lxBo1ssc3ynbJ0kex6IgUa09DO2tfquz2zsSfD0EPjPyPbhBPkf-KoF31AeMrr4c-iV1bscrKnellMffkshueOO4Y3Pgvbuo3BSlFxXfd8D3uMBNeSo0Dg8jTIcCNYwL9O_hR8HKBVr2CeNzV1t1LwOMP4Ji6wOn6xYGA5V4CVgglBNn0SM5MEbeucvVawsyUchKEPLYq2hnqhoE_TQNcSkhnCWD5E4osajkdDTT2GUJ8ObG24tMDWcaO0ZIeQ"
    }
  ]
}
public_client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "alg": "RS256",
      "n": "pR2ohnrfOiHkemFm8Ut6cYaq9necuMoAJ9D5gCmVBYLV9sRdiqra43hhT4n1-ncecHeP-V0J3JcUdUvc64MYzA_0lxBo1ssc3ynbJ0kex6IgUa09DO2tfquz2zsSfD0EPjPyPbhBPkf-KoF31AeMrr4c-iV1bscrKnellMffkshueOO4Y3Pgvbuo3BSlFxXfd8D3uMBNeSo0Dg8jTIcCNYwL9O_hR8HKBVr2CeNzV1t1LwOMP4Ji6wOn6xYGA5V4CVgglBNn0SM5MEbeucvVawsyUchKEPLYq2hnqhoE_TQNcSkhnCWD5E4osajkdDTT2GUJ8ObG24tMDWcaO0ZIeQ"
    }
  ]
}
2022-11-28 05:28:00 SUCCESS
CheckDistinctKeyIdValueInClientJWKs
Distinct 'kid' value in all keys of client_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2022-11-28 05:28:00
CreateEmptyDynamicRegistrationRequest
Created empty dynamic registration request
2022-11-28 05:28:00
AddClientNameToDynamicRegistrationRequest
Added client_name to registration request
client_name
Ristretto Core Conformance Test Dynamic Client Two nO4BA065gJm0PZr
2022-11-28 05:28:00
AddAuthorizationCodeGrantTypeToDynamicRegistrationRequest
Added 'authorization_code' to 'grant_types'
grant_types
[
  "authorization_code"
]
2022-11-28 05:28:00
AddImplicitGrantTypeToDynamicRegistrationRequest
Added 'implicit' to 'grant_types'
grant_types
[
  "authorization_code",
  "implicit"
]
2022-11-28 05:28:00
AddPublicJwksToDynamicRegistrationRequest
Added client public JWKS to dynamic registration request
dynamic_registration_request
{
  "client_name": "Ristretto Core Conformance Test Dynamic Client Two nO4BA065gJm0PZr",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "pR2ohnrfOiHkemFm8Ut6cYaq9necuMoAJ9D5gCmVBYLV9sRdiqra43hhT4n1-ncecHeP-V0J3JcUdUvc64MYzA_0lxBo1ssc3ynbJ0kex6IgUa09DO2tfquz2zsSfD0EPjPyPbhBPkf-KoF31AeMrr4c-iV1bscrKnellMffkshueOO4Y3Pgvbuo3BSlFxXfd8D3uMBNeSo0Dg8jTIcCNYwL9O_hR8HKBVr2CeNzV1t1LwOMP4Ji6wOn6xYGA5V4CVgglBNn0SM5MEbeucvVawsyUchKEPLYq2hnqhoE_TQNcSkhnCWD5E4osajkdDTT2GUJ8ObG24tMDWcaO0ZIeQ"
      }
    ]
  }
}
2022-11-28 05:28:00
AddTokenEndpointAuthMethodToDynamicRegistrationRequestFromEnvironment
Added token endpoint auth method to dynamic registration request
dynamic_registration_request
{
  "client_name": "Ristretto Core Conformance Test Dynamic Client Two nO4BA065gJm0PZr",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "pR2ohnrfOiHkemFm8Ut6cYaq9necuMoAJ9D5gCmVBYLV9sRdiqra43hhT4n1-ncecHeP-V0J3JcUdUvc64MYzA_0lxBo1ssc3ynbJ0kex6IgUa09DO2tfquz2zsSfD0EPjPyPbhBPkf-KoF31AeMrr4c-iV1bscrKnellMffkshueOO4Y3Pgvbuo3BSlFxXfd8D3uMBNeSo0Dg8jTIcCNYwL9O_hR8HKBVr2CeNzV1t1LwOMP4Ji6wOn6xYGA5V4CVgglBNn0SM5MEbeucvVawsyUchKEPLYq2hnqhoE_TQNcSkhnCWD5E4osajkdDTT2GUJ8ObG24tMDWcaO0ZIeQ"
      }
    ]
  },
  "token_endpoint_auth_method": "private_key_jwt"
}
2022-11-28 05:28:00
AddResponseTypesArrayToDynamicRegistrationRequestFromEnvironment
Added response_types array to dynamic registration request
dynamic_registration_request
{
  "client_name": "Ristretto Core Conformance Test Dynamic Client Two nO4BA065gJm0PZr",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "pR2ohnrfOiHkemFm8Ut6cYaq9necuMoAJ9D5gCmVBYLV9sRdiqra43hhT4n1-ncecHeP-V0J3JcUdUvc64MYzA_0lxBo1ssc3ynbJ0kex6IgUa09DO2tfquz2zsSfD0EPjPyPbhBPkf-KoF31AeMrr4c-iV1bscrKnellMffkshueOO4Y3Pgvbuo3BSlFxXfd8D3uMBNeSo0Dg8jTIcCNYwL9O_hR8HKBVr2CeNzV1t1LwOMP4Ji6wOn6xYGA5V4CVgglBNn0SM5MEbeucvVawsyUchKEPLYq2hnqhoE_TQNcSkhnCWD5E4osajkdDTT2GUJ8ObG24tMDWcaO0ZIeQ"
      }
    ]
  },
  "token_endpoint_auth_method": "private_key_jwt",
  "response_types": [
    "code id_token"
  ]
}
2022-11-28 05:28:00
AddRedirectUriToDynamicRegistrationRequest
Added redirect_uris array to dynamic registration request
dynamic_registration_request
{
  "client_name": "Ristretto Core Conformance Test Dynamic Client Two nO4BA065gJm0PZr",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "pR2ohnrfOiHkemFm8Ut6cYaq9necuMoAJ9D5gCmVBYLV9sRdiqra43hhT4n1-ncecHeP-V0J3JcUdUvc64MYzA_0lxBo1ssc3ynbJ0kex6IgUa09DO2tfquz2zsSfD0EPjPyPbhBPkf-KoF31AeMrr4c-iV1bscrKnellMffkshueOO4Y3Pgvbuo3BSlFxXfd8D3uMBNeSo0Dg8jTIcCNYwL9O_hR8HKBVr2CeNzV1t1LwOMP4Ji6wOn6xYGA5V4CVgglBNn0SM5MEbeucvVawsyUchKEPLYq2hnqhoE_TQNcSkhnCWD5E4osajkdDTT2GUJ8ObG24tMDWcaO0ZIeQ"
      }
    ]
  },
  "token_endpoint_auth_method": "private_key_jwt",
  "response_types": [
    "code id_token"
  ],
  "redirect_uris": [
    "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"
  ]
}
2022-11-28 05:28:00
AddContactsToDynamicRegistrationRequest
Added contacts array to dynamic registration request
dynamic_registration_request
{
  "client_name": "Ristretto Core Conformance Test Dynamic Client Two nO4BA065gJm0PZr",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "pR2ohnrfOiHkemFm8Ut6cYaq9necuMoAJ9D5gCmVBYLV9sRdiqra43hhT4n1-ncecHeP-V0J3JcUdUvc64MYzA_0lxBo1ssc3ynbJ0kex6IgUa09DO2tfquz2zsSfD0EPjPyPbhBPkf-KoF31AeMrr4c-iV1bscrKnellMffkshueOO4Y3Pgvbuo3BSlFxXfd8D3uMBNeSo0Dg8jTIcCNYwL9O_hR8HKBVr2CeNzV1t1LwOMP4Ji6wOn6xYGA5V4CVgglBNn0SM5MEbeucvVawsyUchKEPLYq2hnqhoE_TQNcSkhnCWD5E4osajkdDTT2GUJ8ObG24tMDWcaO0ZIeQ"
      }
    ]
  },
  "token_endpoint_auth_method": "private_key_jwt",
  "response_types": [
    "code id_token"
  ],
  "redirect_uris": [
    "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"
  ],
  "contacts": [
    "certification@oidf.org"
  ]
}
2022-11-28 05:28:00
AddRefreshTokenGrantTypeToDynamicRegistrationRequest
Added 'refresh_token' to 'grant_types'
grant_types
[
  "authorization_code",
  "implicit",
  "refresh_token"
]
2022-11-28 05:28:00
CallDynamicRegistrationEndpoint
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register
request_method
POST
request_headers
{
  "accept": "application/json",
  "accept-charset": "utf-8",
  "content-type": "application/json",
  "content-length": "781"
}
request_body
{"client_name":"Ristretto Core Conformance Test Dynamic Client Two nO4BA065gJm0PZr","grant_types":["authorization_code","implicit","refresh_token"],"jwks":{"keys":[{"kty":"RSA","e":"AQAB","use":"sig","alg":"RS256","n":"pR2ohnrfOiHkemFm8Ut6cYaq9necuMoAJ9D5gCmVBYLV9sRdiqra43hhT4n1-ncecHeP-V0J3JcUdUvc64MYzA_0lxBo1ssc3ynbJ0kex6IgUa09DO2tfquz2zsSfD0EPjPyPbhBPkf-KoF31AeMrr4c-iV1bscrKnellMffkshueOO4Y3Pgvbuo3BSlFxXfd8D3uMBNeSo0Dg8jTIcCNYwL9O_hR8HKBVr2CeNzV1t1LwOMP4Ji6wOn6xYGA5V4CVgglBNn0SM5MEbeucvVawsyUchKEPLYq2hnqhoE_TQNcSkhnCWD5E4osajkdDTT2GUJ8ObG24tMDWcaO0ZIeQ"}]},"token_endpoint_auth_method":"private_key_jwt","response_types":["code id_token"],"redirect_uris":["https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"],"contacts":["certification@oidf.org"]}
2022-11-28 05:28:02 RESPONSE
CallDynamicRegistrationEndpoint
HTTP response
response_status_code
201 CREATED
response_status_text
Created
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK654e3c88-0d2b-4c12-8c85-bd6f1b850e3b",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c281638446e037422d71",
  "content-length": "1449",
  "date": "Mon, 28 Nov 2022 05:28:02 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:CHuLeU6jD6N8gL7zmTi5gPemRKKNknmm26lv+lhxlIA\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:61017047; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d1F0BD11AF42D527DE4E6921F2324A0E3~-1~YAAQJHYGFzPZ+4SEAQAAZea0vAgOSrtl1igPAv0afJGv8YQuXaiu08rarKY85191BsOaeHrxB/i3LKXSZOdqpxXNxazcHxz06OUup4E9lTzn2OHsRAWTxTpzVH921yYJabRBZmHpAkFZYBlzE3ZY1g44dFJ5L+wIW9/8W3UEKc83ZuAU5g18sDw8HGmhh8FXWNhopyvdaacsFPH/UNimWaUVPCbIdUJzrpgMGvLlKF0iFvUxklQsaxWHFm7wUUufeQv7NhUA5JMCvbetby/asxtCu6DnyTPeZP6xT0qJ3kka3ucmvCgU1ZwBAcS4QEnvr7DZt3sbXyXscvrjyZnHcdzBzZDKGZO8LNDbB7FFbx9mcxteU/qGPe432XooWsbvUPMG9X8\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 05:28:02 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d475A99B505C1A4F64831AED505570AB0~YAAQJHYGFzTZ+4SEAQAAZea0vBGlHEjBYTiJguzKTn9mXURFm/8VYQuGVRBH9RocDJuG7OnHzFhSmBNACmaup/sX0cXMzOvS5qN7Ys2a1ZMqHHXdAickJIwBeM1NTX9DCQRn1toGps9ICj6bZGMgRw7AoV2v9/uEkhNbvd448MIyipUmF+hLJbHMlkUu2Wtd8LgV+ltfXkEAzT22+SLjJ8BJpyVIk1WYruII/7w1a0PjgR5SZaIm+jthEbFUrzO+SUua2IwMR4gVyrwdsdQYFzbwblbIsUbs379EXQKnd7GLMy9py3+Lw0gsHgYR~3490101~4407862; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 09:28:00 GMT; Max-Age\u003d14398; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d344",
    "origin; dur\u003d2257"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"all_users_entitled":true,"client_id":"bc461ba4-7259-47fe-a448-308743221fd4","client_id_issued_at":"2022-11-28T05:28:01Z","client_name":"Ristretto Core Conformance Test Dynamic Client Two nO4BA065gJm0PZr","client_secret":"AU8gFpcMvN","client_secret_expires_at":0,"consent_action":"always_prompt","enforce_pkce":false,"grant_types":["authorization_code","implicit","refresh_token"],"id_token_map":[],"id_token_signed_response_alg":"RS256","initiate_login_uri":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com","jwks":{"keys":[{"use":"sig","kty":"RSA","alg":"RS256","n":"pR2ohnrfOiHkemFm8Ut6cYaq9necuMoAJ9D5gCmVBYLV9sRdiqra43hhT4n1-ncecHeP-V0J3JcUdUvc64MYzA_0lxBo1ssc3ynbJ0kex6IgUa09DO2tfquz2zsSfD0EPjPyPbhBPkf-KoF31AeMrr4c-iV1bscrKnellMffkshueOO4Y3Pgvbuo3BSlFxXfd8D3uMBNeSo0Dg8jTIcCNYwL9O_hR8HKBVr2CeNzV1t1LwOMP4Ji6wOn6xYGA5V4CVgglBNn0SM5MEbeucvVawsyUchKEPLYq2hnqhoE_TQNcSkhnCWD5E4osajkdDTT2GUJ8ObG24tMDWcaO0ZIeQ","e":"AQAB"}]},"redirect_uris":["https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"],"registration_access_token":"OMdfpo1tGGzNyMb7-tCJmh1M9IaWR22R9qR-0e1SkcI.i-_nKnGGQfNNGKrkZ9ZSmpPG-656qwjJ51cx6G3rRCXoolaD-z5gURMOeCASDmNuhu9AGKdN9CzKMTdhGxLHyA.M18xNjY5NjEzMjgyXzE4","registration_client_uri":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register/bc461ba4-7259-47fe-a448-308743221fd4","response_types":["code id_token"],"token_endpoint_auth_method":"private_key_jwt","token_map":[]}
2022-11-28 05:28:02
CallDynamicRegistrationEndpoint
Parsed registration endpoint response
status
201
endpoint_name
dynamic registration
headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK654e3c88-0d2b-4c12-8c85-bd6f1b850e3b",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c281638446e037422d71",
  "content-length": "1449",
  "date": "Mon, 28 Nov 2022 05:28:02 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:CHuLeU6jD6N8gL7zmTi5gPemRKKNknmm26lv+lhxlIA\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:61017047; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d1F0BD11AF42D527DE4E6921F2324A0E3~-1~YAAQJHYGFzPZ+4SEAQAAZea0vAgOSrtl1igPAv0afJGv8YQuXaiu08rarKY85191BsOaeHrxB/i3LKXSZOdqpxXNxazcHxz06OUup4E9lTzn2OHsRAWTxTpzVH921yYJabRBZmHpAkFZYBlzE3ZY1g44dFJ5L+wIW9/8W3UEKc83ZuAU5g18sDw8HGmhh8FXWNhopyvdaacsFPH/UNimWaUVPCbIdUJzrpgMGvLlKF0iFvUxklQsaxWHFm7wUUufeQv7NhUA5JMCvbetby/asxtCu6DnyTPeZP6xT0qJ3kka3ucmvCgU1ZwBAcS4QEnvr7DZt3sbXyXscvrjyZnHcdzBzZDKGZO8LNDbB7FFbx9mcxteU/qGPe432XooWsbvUPMG9X8\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 05:28:02 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d475A99B505C1A4F64831AED505570AB0~YAAQJHYGFzTZ+4SEAQAAZea0vBGlHEjBYTiJguzKTn9mXURFm/8VYQuGVRBH9RocDJuG7OnHzFhSmBNACmaup/sX0cXMzOvS5qN7Ys2a1ZMqHHXdAickJIwBeM1NTX9DCQRn1toGps9ICj6bZGMgRw7AoV2v9/uEkhNbvd448MIyipUmF+hLJbHMlkUu2Wtd8LgV+ltfXkEAzT22+SLjJ8BJpyVIk1WYruII/7w1a0PjgR5SZaIm+jthEbFUrzO+SUua2IwMR4gVyrwdsdQYFzbwblbIsUbs379EXQKnd7GLMy9py3+Lw0gsHgYR~3490101~4407862; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 09:28:00 GMT; Max-Age\u003d14398; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d344",
    "origin; dur\u003d2257"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
body
{"all_users_entitled":true,"client_id":"bc461ba4-7259-47fe-a448-308743221fd4","client_id_issued_at":"2022-11-28T05:28:01Z","client_name":"Ristretto Core Conformance Test Dynamic Client Two nO4BA065gJm0PZr","client_secret":"AU8gFpcMvN","client_secret_expires_at":0,"consent_action":"always_prompt","enforce_pkce":false,"grant_types":["authorization_code","implicit","refresh_token"],"id_token_map":[],"id_token_signed_response_alg":"RS256","initiate_login_uri":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com","jwks":{"keys":[{"use":"sig","kty":"RSA","alg":"RS256","n":"pR2ohnrfOiHkemFm8Ut6cYaq9necuMoAJ9D5gCmVBYLV9sRdiqra43hhT4n1-ncecHeP-V0J3JcUdUvc64MYzA_0lxBo1ssc3ynbJ0kex6IgUa09DO2tfquz2zsSfD0EPjPyPbhBPkf-KoF31AeMrr4c-iV1bscrKnellMffkshueOO4Y3Pgvbuo3BSlFxXfd8D3uMBNeSo0Dg8jTIcCNYwL9O_hR8HKBVr2CeNzV1t1LwOMP4Ji6wOn6xYGA5V4CVgglBNn0SM5MEbeucvVawsyUchKEPLYq2hnqhoE_TQNcSkhnCWD5E4osajkdDTT2GUJ8ObG24tMDWcaO0ZIeQ","e":"AQAB"}]},"redirect_uris":["https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"],"registration_access_token":"OMdfpo1tGGzNyMb7-tCJmh1M9IaWR22R9qR-0e1SkcI.i-_nKnGGQfNNGKrkZ9ZSmpPG-656qwjJ51cx6G3rRCXoolaD-z5gURMOeCASDmNuhu9AGKdN9CzKMTdhGxLHyA.M18xNjY5NjEzMjgyXzE4","registration_client_uri":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register/bc461ba4-7259-47fe-a448-308743221fd4","response_types":["code id_token"],"token_endpoint_auth_method":"private_key_jwt","token_map":[]}
body_json
{
  "all_users_entitled": true,
  "client_id": "bc461ba4-7259-47fe-a448-308743221fd4",
  "client_id_issued_at": "2022-11-28T05:28:01Z",
  "client_name": "Ristretto Core Conformance Test Dynamic Client Two nO4BA065gJm0PZr",
  "client_secret": "AU8gFpcMvN",
  "client_secret_expires_at": 0,
  "consent_action": "always_prompt",
  "enforce_pkce": false,
  "grant_types": [
    "authorization_code",
    "implicit",
    "refresh_token"
  ],
  "id_token_map": [],
  "id_token_signed_response_alg": "RS256",
  "initiate_login_uri": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com",
  "jwks": {
    "keys": [
      {
        "use": "sig",
        "kty": "RSA",
        "alg": "RS256",
        "n": "pR2ohnrfOiHkemFm8Ut6cYaq9necuMoAJ9D5gCmVBYLV9sRdiqra43hhT4n1-ncecHeP-V0J3JcUdUvc64MYzA_0lxBo1ssc3ynbJ0kex6IgUa09DO2tfquz2zsSfD0EPjPyPbhBPkf-KoF31AeMrr4c-iV1bscrKnellMffkshueOO4Y3Pgvbuo3BSlFxXfd8D3uMBNeSo0Dg8jTIcCNYwL9O_hR8HKBVr2CeNzV1t1LwOMP4Ji6wOn6xYGA5V4CVgglBNn0SM5MEbeucvVawsyUchKEPLYq2hnqhoE_TQNcSkhnCWD5E4osajkdDTT2GUJ8ObG24tMDWcaO0ZIeQ",
        "e": "AQAB"
      }
    ]
  },
  "redirect_uris": [
    "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"
  ],
  "registration_access_token": "OMdfpo1tGGzNyMb7-tCJmh1M9IaWR22R9qR-0e1SkcI.i-_nKnGGQfNNGKrkZ9ZSmpPG-656qwjJ51cx6G3rRCXoolaD-z5gURMOeCASDmNuhu9AGKdN9CzKMTdhGxLHyA.M18xNjY5NjEzMjgyXzE4",
  "registration_client_uri": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register/bc461ba4-7259-47fe-a448-308743221fd4",
  "response_types": [
    "code id_token"
  ],
  "token_endpoint_auth_method": "private_key_jwt",
  "token_map": []
}
2022-11-28 05:28:02 SUCCESS
EnsureContentTypeJson
endpoint_response Content-Type: header is application/json
2022-11-28 05:28:02 SUCCESS
EnsureHttpStatusCodeIs201
dynamic registration endpoint returned the expected http status
expected_status
201
http_status
201
2022-11-28 05:28:02 SUCCESS
CheckNoErrorFromDynamicRegistrationEndpoint
Dynamic registration endpoint did not return an error.
2022-11-28 05:28:02 SUCCESS
ExtractDynamicRegistrationResponse
Extracted client from dynamic registration response
client_id
bc461ba4-7259-47fe-a448-308743221fd4
2022-11-28 05:28:02 SUCCESS
VerifyClientManagementCredentials
Verified dynamic registration management credentials
registration_client_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register/bc461ba4-7259-47fe-a448-308743221fd4
registration_access_token
OMdfpo1tGGzNyMb7-tCJmh1M9IaWR22R9qR-0e1SkcI.i-_nKnGGQfNNGKrkZ9ZSmpPG-656qwjJ51cx6G3rRCXoolaD-z5gURMOeCASDmNuhu9AGKdN9CzKMTdhGxLHyA.M18xNjY5NjEzMjgyXzE4
2022-11-28 05:28:02
SetScopeInClientConfigurationToOpenId
Set scope in client configuration to "openid"
scope
openid
2022-11-28 05:28:02
SetScopeInClientConfigurationToOpenIdOfflineAccessIfServerSupportsOfflineAccess
scopes supported does not contain 'offline_access' so not adding it to the list of scopes to be requested
scopes_supported
[
  "openid",
  "profile",
  "email",
  "phone",
  "address"
]
2022-11-28 05:28:02 SUCCESS
EnsureServerConfigurationSupportsPrivateKeyJwt
Found supported private_key_jwt method
method
private_key_jwt
2022-11-28 05:28:02 SUCCESS
SetProtectedResourceUrlToUserInfoEndpoint
userinfo_endpoint will be used to test access token. The user info is not a mandatory to implement feature in the OpenID Connect specification, but is mandatory for certification.
protected_resource_url
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/userinfo
2022-11-28 05:28:02
oidcc-refresh-token
Setup Done
Make request to authorization endpoint
2022-11-28 05:28:02 SUCCESS
CreateAuthorizationEndpointRequestFromClientInformation
Created authorization endpoint request
client_id
88c15784-3dfd-4df3-b296-01cddb07b9be
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
scope
openid
2022-11-28 05:28:02
CreateRandomStateValue
Created state value
requested_state_length
10
state
ka3k8cH9E7
2022-11-28 05:28:02 SUCCESS
AddStateToAuthorizationEndpointRequest
Added state parameter to request
client_id
88c15784-3dfd-4df3-b296-01cddb07b9be
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
scope
openid
state
ka3k8cH9E7
2022-11-28 05:28:02
CreateRandomNonceValue
Created nonce value
requested_nonce_length
10
nonce
PJd6cgtUrs
2022-11-28 05:28:02 SUCCESS
AddNonceToAuthorizationEndpointRequest
Added nonce parameter to request
client_id
88c15784-3dfd-4df3-b296-01cddb07b9be
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
scope
openid
state
ka3k8cH9E7
nonce
PJd6cgtUrs
2022-11-28 05:28:02 SUCCESS
SetAuthorizationEndpointRequestResponseTypeFromEnvironment
Added response_type parameter to request
client_id
88c15784-3dfd-4df3-b296-01cddb07b9be
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
scope
openid
state
ka3k8cH9E7
nonce
PJd6cgtUrs
response_type
code id_token
2022-11-28 05:28:02 SUCCESS
AddPromptConsentToAuthorizationEndpointRequestIfScopeContainsOfflineAccess
Not adding prompt=consent as the scope in the configuration does not contain offline_access
2022-11-28 05:28:02 SUCCESS
BuildPlainRedirectToAuthorizationEndpoint
Sending to authorization endpoint
auth_request
{
  "client_id": "88c15784-3dfd-4df3-b296-01cddb07b9be",
  "redirect_uri": "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback",
  "scope": "openid",
  "state": "ka3k8cH9E7",
  "nonce": "PJd6cgtUrs",
  "response_type": "code id_token"
}
redirect_to_authorization_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/authorize?client_id=88c15784-3dfd-4df3-b296-01cddb07b9be&redirect_uri=https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback&scope=openid&state=ka3k8cH9E7&nonce=PJd6cgtUrs&response_type=code%20id_token
2022-11-28 05:28:02 REDIRECT
oidcc-refresh-token
Redirecting to authorization endpoint
redirect_to
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/authorize?client_id=88c15784-3dfd-4df3-b296-01cddb07b9be&redirect_uri=https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback&scope=openid&state=ka3k8cH9E7&nonce=PJd6cgtUrs&response_type=code%20id_token
2022-11-28 05:28:07 INCOMING
oidcc-refresh-token
Incoming HTTP request to /test/a/isv_op_oidc_core_test/callback
incoming_headers
{
  "host": "www.certification.openid.net",
  "cache-control": "max-age\u003d0",
  "upgrade-insecure-requests": "1",
  "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,image/avif,image/webp,image/apng,*/*;q\u003d0.8,application/signed-exchange;v\u003db3;q\u003d0.9",
  "sec-fetch-site": "cross-site",
  "sec-fetch-mode": "navigate",
  "sec-fetch-user": "?1",
  "sec-fetch-dest": "document",
  "sec-ch-ua": "\"Google Chrome\";v\u003d\"107\", \"Chromium\";v\u003d\"107\", \"Not\u003dA?Brand\";v\u003d\"24\"",
  "sec-ch-ua-mobile": "?0",
  "sec-ch-ua-platform": "\"Windows\"",
  "referer": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-US,en;q\u003d0.9,zh-CN;q\u003d0.8,zh;q\u003d0.7",
  "cookie": "__utmc\u003d201319536; __utma\u003d201319536.1094656506.1667372526.1669192421.1669574146.18; __utmz\u003d201319536.1669574146.18.4.utmcsr\u003dgoogle|utmccn\u003d(organic)|utmcmd\u003dorganic|utmctr\u003d(not%20provided); JSESSIONID\u003d3F138883B59A4562B9987C6E0F96FA4F",
  "connection": "close"
}
incoming_path
/test/a/isv_op_oidc_core_test/callback
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cert
incoming_query_string_params
{}
incoming_body
incoming_tls_chain
[
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL"
]
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_body_json
2022-11-28 05:28:07 SUCCESS
CreateRandomImplicitSubmitUrl
Created random implicit submission URL
implicit_submit
{
  "path": "implicit/RRihw5EAKm4hiJ4KZkNQ",
  "fullUrl": "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/implicit/RRihw5EAKm4hiJ4KZkNQ"
}
2022-11-28 05:28:07 OUTGOING
oidcc-refresh-token
Response to HTTP request to test instance nO4BA065gJm0PZr
outgoing
ModelAndView [view="implicitCallback"; model={implicitSubmitUrl=https://www.certification.openid.net/test/a/isv_op_oidc_core_test/implicit/RRihw5EAKm4hiJ4KZkNQ, returnUrl=/log-detail.html?log=nO4BA065gJm0PZr}]
outgoing_path
callback
2022-11-28 05:28:08 INCOMING
oidcc-refresh-token
Incoming HTTP request to /test/a/isv_op_oidc_core_test/implicit/RRihw5EAKm4hiJ4KZkNQ
incoming_headers
{
  "host": "www.certification.openid.net",
  "sec-ch-ua": "\"Google Chrome\";v\u003d\"107\", \"Chromium\";v\u003d\"107\", \"Not\u003dA?Brand\";v\u003d\"24\"",
  "accept": "*/*",
  "content-type": "text/plain",
  "x-requested-with": "XMLHttpRequest",
  "sec-ch-ua-mobile": "?0",
  "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36",
  "sec-ch-ua-platform": "\"Windows\"",
  "origin": "https://www.certification.openid.net",
  "sec-fetch-site": "same-origin",
  "sec-fetch-mode": "cors",
  "sec-fetch-dest": "empty",
  "referer": "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-US,en;q\u003d0.9,zh-CN;q\u003d0.8,zh;q\u003d0.7",
  "cookie": "__utmc\u003d201319536; __utma\u003d201319536.1094656506.1667372526.1669192421.1669574146.18; __utmz\u003d201319536.1669574146.18.4.utmcsr\u003dgoogle|utmccn\u003d(organic)|utmcmd\u003dorganic|utmctr\u003d(not%20provided); JSESSIONID\u003d3F138883B59A4562B9987C6E0F96FA4F",
  "connection": "close",
  "content-length": "1278"
}
incoming_path
/test/a/isv_op_oidc_core_test/implicit/RRihw5EAKm4hiJ4KZkNQ
incoming_body_form_params
incoming_method
POST
incoming_tls_version
TLSv1.2
incoming_tls_cert
incoming_query_string_params
{}
incoming_body
#code=9lnWScrdtH9JFr6_SmBM6eDJz9Xe9r9F3Vtsu-IxaZA.p8Bbehp-VlXy-yVOF2-ctdvi7JKW9qKvZZCjImRYklTKxbBCsMG7tbNJ6Q72713wJakdLFW6hq9hAeh7owC2yw&id_token=eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF1ZCI6WyI4OGMxNTc4NC0zZGZkLTRkZjMtYjI5Ni0wMWNkZGIwN2I5YmUiXSwiYXV0aF90aW1lIjoxNjY5NjEzMDMzLCJjX2hhc2giOiJPQjkyVl85ZEdPZGNSNUpGMHg2QlZRIiwiZXhwIjoxNjY5NjIwNDg3LCJpYXQiOjE2Njk2MTMyODcsImlzcyI6Imh0dHBzOi8vb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tL29hdXRoMiIsImp0aSI6IjJiMWVkNDFiLWE4ZjgtNGZhZi1iNTEyLWFlYTJlNDdhMTdjYiIsIm5hbWUiOiJJU1YgRGV2Iiwibm9uY2UiOiJQSmQ2Y2d0VXJzIiwicHJlZmVycmVkX3VzZXJuYW1lIjoiaXN2ZGV2QGlibS5jb20iLCJyYXQiOjE2Njk2MTMyODUsInJlYWxtTmFtZSI6ImNsb3VkSWRlbnRpdHlSZWFsbSIsInNfaGFzaCI6IkhwT2lGOW0yQmFZcTJfWEc1WTlXa2ciLCJzdWIiOiI2MTYwMDE3TjY3In0.mzr3JE9d880jwppQyJgJXDEtbGRAsZXxhJOgdU6p6ULcbymRaSUSLunm62EPTuzp2kBpXb-WRfbU9yBJqFH4TALstCxKOzoWQhUdu-rAXlu60hAIp7YFn8VD4lXYXYICxDBP8qsCBnd11rqp-ybdVtbqja4-ztz8Fzo6ruCNayqYDFJUd83ckmhoBD4wrjnzDCHPH6H9Y3T1oVCLlbHohzPa25JE3JaXnw6w0ccfBxmZ8QP06s5reVCW_9lma_T8fQYpedA9UE4_yInOH9iolrSk7Y2pBK-FsO1fqxrx_3PRkBRnQ-iVZ-ps6RNVQs8mzram2EqKKj_EoPU8x4oTfQ&iss=https%3A%2F%2Foidc-conformance.rel.verify.ibmcloudsecurity.com%2Foauth2&state=ka3k8cH9E7
incoming_tls_chain
[
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL"
]
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_body_json
2022-11-28 05:28:08 OUTGOING
oidcc-refresh-token
Response to HTTP request to test instance nO4BA065gJm0PZr
outgoing_status_code
204
outgoing_headers
{}
outgoing_body

                                
outgoing_path
implicit/RRihw5EAKm4hiJ4KZkNQ
2022-11-28 05:28:08
ExtractImplicitHashToCallbackResponse
Extracted response from URL fragment
parameters
[
  {
    "name": "code",
    "value": "9lnWScrdtH9JFr6_SmBM6eDJz9Xe9r9F3Vtsu-IxaZA.p8Bbehp-VlXy-yVOF2-ctdvi7JKW9qKvZZCjImRYklTKxbBCsMG7tbNJ6Q72713wJakdLFW6hq9hAeh7owC2yw"
  },
  {
    "name": "id_token",
    "value": "eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF1ZCI6WyI4OGMxNTc4NC0zZGZkLTRkZjMtYjI5Ni0wMWNkZGIwN2I5YmUiXSwiYXV0aF90aW1lIjoxNjY5NjEzMDMzLCJjX2hhc2giOiJPQjkyVl85ZEdPZGNSNUpGMHg2QlZRIiwiZXhwIjoxNjY5NjIwNDg3LCJpYXQiOjE2Njk2MTMyODcsImlzcyI6Imh0dHBzOi8vb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tL29hdXRoMiIsImp0aSI6IjJiMWVkNDFiLWE4ZjgtNGZhZi1iNTEyLWFlYTJlNDdhMTdjYiIsIm5hbWUiOiJJU1YgRGV2Iiwibm9uY2UiOiJQSmQ2Y2d0VXJzIiwicHJlZmVycmVkX3VzZXJuYW1lIjoiaXN2ZGV2QGlibS5jb20iLCJyYXQiOjE2Njk2MTMyODUsInJlYWxtTmFtZSI6ImNsb3VkSWRlbnRpdHlSZWFsbSIsInNfaGFzaCI6IkhwT2lGOW0yQmFZcTJfWEc1WTlXa2ciLCJzdWIiOiI2MTYwMDE3TjY3In0.mzr3JE9d880jwppQyJgJXDEtbGRAsZXxhJOgdU6p6ULcbymRaSUSLunm62EPTuzp2kBpXb-WRfbU9yBJqFH4TALstCxKOzoWQhUdu-rAXlu60hAIp7YFn8VD4lXYXYICxDBP8qsCBnd11rqp-ybdVtbqja4-ztz8Fzo6ruCNayqYDFJUd83ckmhoBD4wrjnzDCHPH6H9Y3T1oVCLlbHohzPa25JE3JaXnw6w0ccfBxmZ8QP06s5reVCW_9lma_T8fQYpedA9UE4_yInOH9iolrSk7Y2pBK-FsO1fqxrx_3PRkBRnQ-iVZ-ps6RNVQs8mzram2EqKKj_EoPU8x4oTfQ"
  },
  {
    "name": "iss",
    "value": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2"
  },
  {
    "name": "state",
    "value": "ka3k8cH9E7"
  }
]
2022-11-28 05:28:08 SUCCESS
ExtractImplicitHashToCallbackResponse
Extracted the hash values
code
9lnWScrdtH9JFr6_SmBM6eDJz9Xe9r9F3Vtsu-IxaZA.p8Bbehp-VlXy-yVOF2-ctdvi7JKW9qKvZZCjImRYklTKxbBCsMG7tbNJ6Q72713wJakdLFW6hq9hAeh7owC2yw
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF1ZCI6WyI4OGMxNTc4NC0zZGZkLTRkZjMtYjI5Ni0wMWNkZGIwN2I5YmUiXSwiYXV0aF90aW1lIjoxNjY5NjEzMDMzLCJjX2hhc2giOiJPQjkyVl85ZEdPZGNSNUpGMHg2QlZRIiwiZXhwIjoxNjY5NjIwNDg3LCJpYXQiOjE2Njk2MTMyODcsImlzcyI6Imh0dHBzOi8vb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tL29hdXRoMiIsImp0aSI6IjJiMWVkNDFiLWE4ZjgtNGZhZi1iNTEyLWFlYTJlNDdhMTdjYiIsIm5hbWUiOiJJU1YgRGV2Iiwibm9uY2UiOiJQSmQ2Y2d0VXJzIiwicHJlZmVycmVkX3VzZXJuYW1lIjoiaXN2ZGV2QGlibS5jb20iLCJyYXQiOjE2Njk2MTMyODUsInJlYWxtTmFtZSI6ImNsb3VkSWRlbnRpdHlSZWFsbSIsInNfaGFzaCI6IkhwT2lGOW0yQmFZcTJfWEc1WTlXa2ciLCJzdWIiOiI2MTYwMDE3TjY3In0.mzr3JE9d880jwppQyJgJXDEtbGRAsZXxhJOgdU6p6ULcbymRaSUSLunm62EPTuzp2kBpXb-WRfbU9yBJqFH4TALstCxKOzoWQhUdu-rAXlu60hAIp7YFn8VD4lXYXYICxDBP8qsCBnd11rqp-ybdVtbqja4-ztz8Fzo6ruCNayqYDFJUd83ckmhoBD4wrjnzDCHPH6H9Y3T1oVCLlbHohzPa25JE3JaXnw6w0ccfBxmZ8QP06s5reVCW_9lma_T8fQYpedA9UE4_yInOH9iolrSk7Y2pBK-FsO1fqxrx_3PRkBRnQ-iVZ-ps6RNVQs8mzram2EqKKj_EoPU8x4oTfQ
iss
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2
state
ka3k8cH9E7
2022-11-28 05:28:08 REDIRECT-IN
oidcc-refresh-token
Authorization endpoint response captured
url_query
{}
headers
{
  "host": "www.certification.openid.net",
  "cache-control": "max-age\u003d0",
  "upgrade-insecure-requests": "1",
  "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,image/avif,image/webp,image/apng,*/*;q\u003d0.8,application/signed-exchange;v\u003db3;q\u003d0.9",
  "sec-fetch-site": "cross-site",
  "sec-fetch-mode": "navigate",
  "sec-fetch-user": "?1",
  "sec-fetch-dest": "document",
  "sec-ch-ua": "\"Google Chrome\";v\u003d\"107\", \"Chromium\";v\u003d\"107\", \"Not\u003dA?Brand\";v\u003d\"24\"",
  "sec-ch-ua-mobile": "?0",
  "sec-ch-ua-platform": "\"Windows\"",
  "referer": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-US,en;q\u003d0.9,zh-CN;q\u003d0.8,zh;q\u003d0.7",
  "cookie": "__utmc\u003d201319536; __utma\u003d201319536.1094656506.1667372526.1669192421.1669574146.18; __utmz\u003d201319536.1669574146.18.4.utmcsr\u003dgoogle|utmccn\u003d(organic)|utmcmd\u003dorganic|utmctr\u003d(not%20provided); JSESSIONID\u003d3F138883B59A4562B9987C6E0F96FA4F",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "x-forwarded-proto": "https",
  "x-forwarded-port": "443",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
http_method
GET
url_fragment
{
  "code": "9lnWScrdtH9JFr6_SmBM6eDJz9Xe9r9F3Vtsu-IxaZA.p8Bbehp-VlXy-yVOF2-ctdvi7JKW9qKvZZCjImRYklTKxbBCsMG7tbNJ6Q72713wJakdLFW6hq9hAeh7owC2yw",
  "id_token": "eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF1ZCI6WyI4OGMxNTc4NC0zZGZkLTRkZjMtYjI5Ni0wMWNkZGIwN2I5YmUiXSwiYXV0aF90aW1lIjoxNjY5NjEzMDMzLCJjX2hhc2giOiJPQjkyVl85ZEdPZGNSNUpGMHg2QlZRIiwiZXhwIjoxNjY5NjIwNDg3LCJpYXQiOjE2Njk2MTMyODcsImlzcyI6Imh0dHBzOi8vb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tL29hdXRoMiIsImp0aSI6IjJiMWVkNDFiLWE4ZjgtNGZhZi1iNTEyLWFlYTJlNDdhMTdjYiIsIm5hbWUiOiJJU1YgRGV2Iiwibm9uY2UiOiJQSmQ2Y2d0VXJzIiwicHJlZmVycmVkX3VzZXJuYW1lIjoiaXN2ZGV2QGlibS5jb20iLCJyYXQiOjE2Njk2MTMyODUsInJlYWxtTmFtZSI6ImNsb3VkSWRlbnRpdHlSZWFsbSIsInNfaGFzaCI6IkhwT2lGOW0yQmFZcTJfWEc1WTlXa2ciLCJzdWIiOiI2MTYwMDE3TjY3In0.mzr3JE9d880jwppQyJgJXDEtbGRAsZXxhJOgdU6p6ULcbymRaSUSLunm62EPTuzp2kBpXb-WRfbU9yBJqFH4TALstCxKOzoWQhUdu-rAXlu60hAIp7YFn8VD4lXYXYICxDBP8qsCBnd11rqp-ybdVtbqja4-ztz8Fzo6ruCNayqYDFJUd83ckmhoBD4wrjnzDCHPH6H9Y3T1oVCLlbHohzPa25JE3JaXnw6w0ccfBxmZ8QP06s5reVCW_9lma_T8fQYpedA9UE4_yInOH9iolrSk7Y2pBK-FsO1fqxrx_3PRkBRnQ-iVZ-ps6RNVQs8mzram2EqKKj_EoPU8x4oTfQ",
  "iss": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "state": "ka3k8cH9E7"
}
post_body
Verify authorization endpoint response
2022-11-28 05:28:08 SUCCESS
RejectAuthCodeInUrlQuery
Authorization code is not present in URL query returned from authorization endpoint
2022-11-28 05:28:08 SUCCESS
RejectErrorInUrlQuery
'error' is not present in URL query returned from authorization endpoint
2022-11-28 05:28:08 SUCCESS
CheckMatchingCallbackParameters
Callback parameters successfully verified
2022-11-28 05:28:08 SUCCESS
ValidateIssInAuthorizationResponse
'iss' parameter in authorization response matches server's issuer value.
2022-11-28 05:28:08 SUCCESS
CheckIfAuthorizationEndpointError
No error from authorization endpoint
2022-11-28 05:28:08 SUCCESS
CheckStateInAuthorizationResponse
State in response correctly returned
state
ka3k8cH9E7
2022-11-28 05:28:08 SUCCESS
ExtractAuthorizationCodeFromAuthorizationResponse
Found authorization code
code
9lnWScrdtH9JFr6_SmBM6eDJz9Xe9r9F3Vtsu-IxaZA.p8Bbehp-VlXy-yVOF2-ctdvi7JKW9qKvZZCjImRYklTKxbBCsMG7tbNJ6Q72713wJakdLFW6hq9hAeh7owC2yw
2022-11-28 05:28:08 SUCCESS
ExtractIdTokenFromAuthorizationResponse
Found and parsed the id_token from authorization_endpoint_response
value
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF1ZCI6WyI4OGMxNTc4NC0zZGZkLTRkZjMtYjI5Ni0wMWNkZGIwN2I5YmUiXSwiYXV0aF90aW1lIjoxNjY5NjEzMDMzLCJjX2hhc2giOiJPQjkyVl85ZEdPZGNSNUpGMHg2QlZRIiwiZXhwIjoxNjY5NjIwNDg3LCJpYXQiOjE2Njk2MTMyODcsImlzcyI6Imh0dHBzOi8vb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tL29hdXRoMiIsImp0aSI6IjJiMWVkNDFiLWE4ZjgtNGZhZi1iNTEyLWFlYTJlNDdhMTdjYiIsIm5hbWUiOiJJU1YgRGV2Iiwibm9uY2UiOiJQSmQ2Y2d0VXJzIiwicHJlZmVycmVkX3VzZXJuYW1lIjoiaXN2ZGV2QGlibS5jb20iLCJyYXQiOjE2Njk2MTMyODUsInJlYWxtTmFtZSI6ImNsb3VkSWRlbnRpdHlSZWFsbSIsInNfaGFzaCI6IkhwT2lGOW0yQmFZcTJfWEc1WTlXa2ciLCJzdWIiOiI2MTYwMDE3TjY3In0.mzr3JE9d880jwppQyJgJXDEtbGRAsZXxhJOgdU6p6ULcbymRaSUSLunm62EPTuzp2kBpXb-WRfbU9yBJqFH4TALstCxKOzoWQhUdu-rAXlu60hAIp7YFn8VD4lXYXYICxDBP8qsCBnd11rqp-ybdVtbqja4-ztz8Fzo6ruCNayqYDFJUd83ckmhoBD4wrjnzDCHPH6H9Y3T1oVCLlbHohzPa25JE3JaXnw6w0ccfBxmZ8QP06s5reVCW_9lma_T8fQYpedA9UE4_yInOH9iolrSk7Y2pBK-FsO1fqxrx_3PRkBRnQ-iVZ-ps6RNVQs8mzram2EqKKj_EoPU8x4oTfQ
header
{
  "kid": "server",
  "alg": "RS256"
}
claims
{
  "sub": "6160017N67",
  "rat": 1669613285,
  "realmName": "cloudIdentityRealm",
  "amr": [
    "password"
  ],
  "iss": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "preferred_username": "isvdev@ibm.com",
  "nonce": "PJd6cgtUrs",
  "acr": "urn:ibm:security:policy:id:1",
  "aud": "88c15784-3dfd-4df3-b296-01cddb07b9be",
  "c_hash": "OB92V_9dGOdcR5JF0x6BVQ",
  "s_hash": "HpOiF9m2BaYq2_XG5Y9Wkg",
  "auth_time": 1669613033,
  "name": "ISV Dev",
  "exp": 1669620487,
  "iat": 1669613287,
  "jti": "2b1ed41b-a8f8-4faf-b512-aea2e47a17cb"
}
2022-11-28 05:28:08 SUCCESS
ValidateIdToken
ID token iss, aud, exp, iat, auth_time, acr & nbf claims passed validation checks
2022-11-28 05:28:08
ValidateIdTokenStandardClaims
sub is a string with content
2022-11-28 05:28:08
ValidateIdTokenStandardClaims
Skipping unknown claim: rat
2022-11-28 05:28:08
ValidateIdTokenStandardClaims
Skipping unknown claim: realmName
2022-11-28 05:28:08
ValidateIdTokenStandardClaims
preferred_username is a string with content
2022-11-28 05:28:08
ValidateIdTokenStandardClaims
name is a string with content
2022-11-28 05:28:08 SUCCESS
ValidateIdTokenStandardClaims
id_token claims are valid
2022-11-28 05:28:08 SUCCESS
ValidateIdTokenNonce
Nonce values match
nonce
PJd6cgtUrs
2022-11-28 05:28:08 SUCCESS
ValidateIdTokenACRClaimAgainstRequest
Nothing to check; the conformance suite did not request an acr claim in request object
2022-11-28 05:28:08 SUCCESS
ValidateIdTokenSignature
id_token signature validated
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF1ZCI6WyI4OGMxNTc4NC0zZGZkLTRkZjMtYjI5Ni0wMWNkZGIwN2I5YmUiXSwiYXV0aF90aW1lIjoxNjY5NjEzMDMzLCJjX2hhc2giOiJPQjkyVl85ZEdPZGNSNUpGMHg2QlZRIiwiZXhwIjoxNjY5NjIwNDg3LCJpYXQiOjE2Njk2MTMyODcsImlzcyI6Imh0dHBzOi8vb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tL29hdXRoMiIsImp0aSI6IjJiMWVkNDFiLWE4ZjgtNGZhZi1iNTEyLWFlYTJlNDdhMTdjYiIsIm5hbWUiOiJJU1YgRGV2Iiwibm9uY2UiOiJQSmQ2Y2d0VXJzIiwicHJlZmVycmVkX3VzZXJuYW1lIjoiaXN2ZGV2QGlibS5jb20iLCJyYXQiOjE2Njk2MTMyODUsInJlYWxtTmFtZSI6ImNsb3VkSWRlbnRpdHlSZWFsbSIsInNfaGFzaCI6IkhwT2lGOW0yQmFZcTJfWEc1WTlXa2ciLCJzdWIiOiI2MTYwMDE3TjY3In0.mzr3JE9d880jwppQyJgJXDEtbGRAsZXxhJOgdU6p6ULcbymRaSUSLunm62EPTuzp2kBpXb-WRfbU9yBJqFH4TALstCxKOzoWQhUdu-rAXlu60hAIp7YFn8VD4lXYXYICxDBP8qsCBnd11rqp-ybdVtbqja4-ztz8Fzo6ruCNayqYDFJUd83ckmhoBD4wrjnzDCHPH6H9Y3T1oVCLlbHohzPa25JE3JaXnw6w0ccfBxmZ8QP06s5reVCW_9lma_T8fQYpedA9UE4_yInOH9iolrSk7Y2pBK-FsO1fqxrx_3PRkBRnQ-iVZ-ps6RNVQs8mzram2EqKKj_EoPU8x4oTfQ
2022-11-28 05:28:08 SUCCESS
ValidateIdTokenSignatureUsingKid
id_token signature validated
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF1ZCI6WyI4OGMxNTc4NC0zZGZkLTRkZjMtYjI5Ni0wMWNkZGIwN2I5YmUiXSwiYXV0aF90aW1lIjoxNjY5NjEzMDMzLCJjX2hhc2giOiJPQjkyVl85ZEdPZGNSNUpGMHg2QlZRIiwiZXhwIjoxNjY5NjIwNDg3LCJpYXQiOjE2Njk2MTMyODcsImlzcyI6Imh0dHBzOi8vb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tL29hdXRoMiIsImp0aSI6IjJiMWVkNDFiLWE4ZjgtNGZhZi1iNTEyLWFlYTJlNDdhMTdjYiIsIm5hbWUiOiJJU1YgRGV2Iiwibm9uY2UiOiJQSmQ2Y2d0VXJzIiwicHJlZmVycmVkX3VzZXJuYW1lIjoiaXN2ZGV2QGlibS5jb20iLCJyYXQiOjE2Njk2MTMyODUsInJlYWxtTmFtZSI6ImNsb3VkSWRlbnRpdHlSZWFsbSIsInNfaGFzaCI6IkhwT2lGOW0yQmFZcTJfWEc1WTlXa2ciLCJzdWIiOiI2MTYwMDE3TjY3In0.mzr3JE9d880jwppQyJgJXDEtbGRAsZXxhJOgdU6p6ULcbymRaSUSLunm62EPTuzp2kBpXb-WRfbU9yBJqFH4TALstCxKOzoWQhUdu-rAXlu60hAIp7YFn8VD4lXYXYICxDBP8qsCBnd11rqp-ybdVtbqja4-ztz8Fzo6ruCNayqYDFJUd83ckmhoBD4wrjnzDCHPH6H9Y3T1oVCLlbHohzPa25JE3JaXnw6w0ccfBxmZ8QP06s5reVCW_9lma_T8fQYpedA9UE4_yInOH9iolrSk7Y2pBK-FsO1fqxrx_3PRkBRnQ-iVZ-ps6RNVQs8mzram2EqKKj_EoPU8x4oTfQ
2022-11-28 05:28:08 SUCCESS
CheckForSubjectInIdToken
Found 'sub' in id_token
sub
6160017N67
2022-11-28 05:28:08
EnsureIdTokenUpdatedAtValid
id_token response does not contain 'updated_at'
2022-11-28 05:28:08 INFO
ValidateEncryptedIdTokenHasKid
Skipped evaluation due to missing required element: id_token jwe_header
path
jwe_header
mapped
object
id_token
2022-11-28 05:28:08 SUCCESS
CreateTokenEndpointRequestForAuthorizationCodeGrant
Created token endpoint request
grant_type
authorization_code
code
9lnWScrdtH9JFr6_SmBM6eDJz9Xe9r9F3Vtsu-IxaZA.p8Bbehp-VlXy-yVOF2-ctdvi7JKW9qKvZZCjImRYklTKxbBCsMG7tbNJ6Q72713wJakdLFW6hq9hAeh7owC2yw
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
2022-11-28 05:28:08 SUCCESS
CreateClientAuthenticationAssertionClaims
Created client assertion claims
iss
88c15784-3dfd-4df3-b296-01cddb07b9be
sub
88c15784-3dfd-4df3-b296-01cddb07b9be
aud
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/token
jti
WAnpKoYaFbRueDQlLGOT
iat
1669613288
exp
1669613348
2022-11-28 05:28:08 SUCCESS
SignClientAuthenticationAssertion
Signed the client assertion
client_assertion
eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiI4OGMxNTc4NC0zZGZkLTRkZjMtYjI5Ni0wMWNkZGIwN2I5YmUiLCJhdWQiOiJodHRwczpcL1wvb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tXC9vYXV0aDJcL3Rva2VuIiwiaXNzIjoiODhjMTU3ODQtM2RmZC00ZGYzLWIyOTYtMDFjZGRiMDdiOWJlIiwiZXhwIjoxNjY5NjEzMzQ4LCJpYXQiOjE2Njk2MTMyODgsImp0aSI6IldBbnBLb1lhRmJSdWVEUWxMR09UIn0.KL-4bkIWDa5nI6RIQDhu4CEb7P_JF0ENqR0CSKlSl3eM0PSmZnHUciCLHa7Iw6v2zvLQRvS0Pmv4bvH5bD_0ZaOXc7f8lydhUhz--pnUac4wDxRKhR0kUJNoGdEQpVsMn0kjEH_4QWU9UgAsv7FC-XlgSHTPuRfDzw3pKTOf-Gv0ipzWIbYy2HMTYOB9atmG9zMFta_FrT8HPzXsBDJKhxXwt-_eEjzaI35FuAfRXufy0y02xAk0yh4PzR2xl8dvQs_pbCJxXuBw26oPNFJ7q4WHSagAK6aBLuAtIcwwMtjE-6wEhxw0qnfdVfT7RYfO7fKwYraokQI2glFEiD9_iQ
2022-11-28 05:28:08
AddClientAssertionToTokenEndpointRequest
Added client assertion
grant_type
authorization_code
code
9lnWScrdtH9JFr6_SmBM6eDJz9Xe9r9F3Vtsu-IxaZA.p8Bbehp-VlXy-yVOF2-ctdvi7JKW9qKvZZCjImRYklTKxbBCsMG7tbNJ6Q72713wJakdLFW6hq9hAeh7owC2yw
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
client_assertion
eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiI4OGMxNTc4NC0zZGZkLTRkZjMtYjI5Ni0wMWNkZGIwN2I5YmUiLCJhdWQiOiJodHRwczpcL1wvb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tXC9vYXV0aDJcL3Rva2VuIiwiaXNzIjoiODhjMTU3ODQtM2RmZC00ZGYzLWIyOTYtMDFjZGRiMDdiOWJlIiwiZXhwIjoxNjY5NjEzMzQ4LCJpYXQiOjE2Njk2MTMyODgsImp0aSI6IldBbnBLb1lhRmJSdWVEUWxMR09UIn0.KL-4bkIWDa5nI6RIQDhu4CEb7P_JF0ENqR0CSKlSl3eM0PSmZnHUciCLHa7Iw6v2zvLQRvS0Pmv4bvH5bD_0ZaOXc7f8lydhUhz--pnUac4wDxRKhR0kUJNoGdEQpVsMn0kjEH_4QWU9UgAsv7FC-XlgSHTPuRfDzw3pKTOf-Gv0ipzWIbYy2HMTYOB9atmG9zMFta_FrT8HPzXsBDJKhxXwt-_eEjzaI35FuAfRXufy0y02xAk0yh4PzR2xl8dvQs_pbCJxXuBw26oPNFJ7q4WHSagAK6aBLuAtIcwwMtjE-6wEhxw0qnfdVfT7RYfO7fKwYraokQI2glFEiD9_iQ
client_assertion_type
urn:ietf:params:oauth:client-assertion-type:jwt-bearer
2022-11-28 05:28:08
CallTokenEndpoint
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/token
request_method
POST
request_headers
{
  "accept": "application/json",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "1051"
}
request_body
grant_type=authorization_code&code=9lnWScrdtH9JFr6_SmBM6eDJz9Xe9r9F3Vtsu-IxaZA.p8Bbehp-VlXy-yVOF2-ctdvi7JKW9qKvZZCjImRYklTKxbBCsMG7tbNJ6Q72713wJakdLFW6hq9hAeh7owC2yw&redirect_uri=https%3A%2F%2Fwww.certification.openid.net%2Ftest%2Fa%2Fisv_op_oidc_core_test%2Fcallback&client_assertion=eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiI4OGMxNTc4NC0zZGZkLTRkZjMtYjI5Ni0wMWNkZGIwN2I5YmUiLCJhdWQiOiJodHRwczpcL1wvb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tXC9vYXV0aDJcL3Rva2VuIiwiaXNzIjoiODhjMTU3ODQtM2RmZC00ZGYzLWIyOTYtMDFjZGRiMDdiOWJlIiwiZXhwIjoxNjY5NjEzMzQ4LCJpYXQiOjE2Njk2MTMyODgsImp0aSI6IldBbnBLb1lhRmJSdWVEUWxMR09UIn0.KL-4bkIWDa5nI6RIQDhu4CEb7P_JF0ENqR0CSKlSl3eM0PSmZnHUciCLHa7Iw6v2zvLQRvS0Pmv4bvH5bD_0ZaOXc7f8lydhUhz--pnUac4wDxRKhR0kUJNoGdEQpVsMn0kjEH_4QWU9UgAsv7FC-XlgSHTPuRfDzw3pKTOf-Gv0ipzWIbYy2HMTYOB9atmG9zMFta_FrT8HPzXsBDJKhxXwt-_eEjzaI35FuAfRXufy0y02xAk0yh4PzR2xl8dvQs_pbCJxXuBw26oPNFJ7q4WHSagAK6aBLuAtIcwwMtjE-6wEhxw0qnfdVfT7RYfO7fKwYraokQI2glFEiD9_iQ&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer
2022-11-28 05:28:09 RESPONSE
CallTokenEndpoint
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK90c924e4-b693-4111-b4a8-a9b9f73aa6f0",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c281638446e821a53615",
  "content-length": "1498",
  "date": "Mon, 28 Nov 2022 05:28:09 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:dKEvO1g/+Q65kOeYVZjIZwhB5Zy7zmSIxnvbq4E69S4\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:57871319; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003dC7C8AA0B075F3A2FD0F97ABF1B3475A2~-1~YAAQJHYGFwLa+4SEAQAAaP+0vAgrbgKFMLjUci4W5+rCXXpBwLN4uDCE27RwlcSkJ+o7gOm3fXCmcJMt0zaE9sfL2VrGttwT4g6FFkMWDleO9ko4ZhwDoVkrCNAC0XST6+6ioGUV4qQY85wah1LavIqxAHcL8BajG0oZj9UhwMFYuB1Qpw1/AeNaneRXvucfnUXz7gUj+zk839foRcdT3v+ADTuROeRu6SCoRAm0ZmEQMbB5RHevUgyl8pDnSyVfuTHHjQJLZsZONG6j6c7vq84CQRuxzuy+p8zgbgDFC8yFud1gwR7Lhn/avgnq0YLMN9uRw8PKwGXSxJSG39XgkjIHeBb+4Av/xxTYPpKfwwUPC6vt26cZuSdxPEQb3qq0j5IO7iw\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 05:28:09 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003dE02EA97D04AFD1A259A13E16FE7BACD3~YAAQJHYGFwPa+4SEAQAAaP+0vBFZqi736HemB2Yg6X2LG3dwPDAIP36rZdDFdO+7u07nofbenDU5Zklz9ujyy1IH0yPQdO0pE1rDcq1HDjooYb1gdekc4Z5kz3LhLae+UP5nNPsUkfDr1A5nUsVVXQGrbCKQ+40BSxeHpxGvT6hlMdOK3WRknoVsT6n5OeiTmJpkxbdBNNN+V2ocN8bSWrkkqq23ciKzT0TGSPCPX/8Kw6Rb+hhnW1bt1srkPKjRNOQk1fpDYNEcP9etCyug5CrQRajE9+zRJOqNMgBvqx+bpx8S2sMhZ7I+5J6n~3158580~3686979; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 09:28:08 GMT; Max-Age\u003d14399; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d95",
    "origin; dur\u003d582"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"access_token":"GoXu4n9WUkslveH8fBIDNPykXb9cT5T9Eyen5mM4sKo.wu7DFlJBU7nTmZV9WfTSilMmKYDqWIYchIhRJqs8aheh9jDlh0ykqnRjbt61--HQxAfrsoDUPf00w2gJx7DBXg.M18xNjY5NjEzMjg5XzE4","expires_in":7199,"id_token":"eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJOeVhRNVhDSnFpNEJPN0JoRXRoNW1BIiwiYXVkIjpbIjg4YzE1Nzg0LTNkZmQtNGRmMy1iMjk2LTAxY2RkYjA3YjliZSJdLCJhdXRoX3RpbWUiOjE2Njk2MTMwMzMsImV4cCI6MTY2OTYyMDQ4OSwiaWF0IjoxNjY5NjEzMjg5LCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiJkMWM2ZWFhYi0wZTdjLTQ5YjktYjcwZC02MDNhODNiOTdhZDciLCJuYW1lIjoiSVNWIERldiIsIm5vbmNlIjoiUEpkNmNndFVycyIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NjEzMjg1LCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoiY2R5b3NtaDEwc3R6eGJfUGRjblliUSIsInNfaGFzaCI6IkhwT2lGOW0yQmFZcTJfWEc1WTlXa2ciLCJzdWIiOiI2MTYwMDE3TjY3In0.OomGo5MIrqxKQEdl4NIh0N6W3bEnBpBvSeD-Lub9xYH9sZz9Oqm02-BojNPyEvC28VvjtnzbnKYor-cMp3dCTarmXUqXn4L-MZjBPOvt1cCkbS8QFqMwbDFPbnVlIVgKR2lXTfL2HQqqLChAzqnLI86ncksYROkNm5_Vs6fBMLvve4mxvJo6KNjCWQCWCE5qqa1tES_fNCesuelDRogd5RSQBLRoleg6aX0TgZp-kZMbdlGh-7mn72tv0YO3PXLVOMUTbgS1W2vxhbevG2oExN8ACRUJJPzvDYhO4DWOuVr_5je9hyfIE7YvqKZy_veXwX7U8jSv2IgvaZjFh0DNlw","refresh_token":"JkCravSY-W7am-EQxt7vXPPI97FQSKvkQex-i8zt5gI.5ampPNaWuLOlkRB0pAXhUCPMTGq_ZwgOXaZ0j72IEj4hd_2kA0Yu3rEkvHB3EHhdYHQPjIQeFpvAdA7EqtFVOg.M18xNjY5NjEzMjg5XzE4","scope":"openid","token_type":"bearer"}
2022-11-28 05:28:09 SUCCESS
CallTokenEndpoint
Parsed token endpoint response
access_token
GoXu4n9WUkslveH8fBIDNPykXb9cT5T9Eyen5mM4sKo.wu7DFlJBU7nTmZV9WfTSilMmKYDqWIYchIhRJqs8aheh9jDlh0ykqnRjbt61--HQxAfrsoDUPf00w2gJx7DBXg.M18xNjY5NjEzMjg5XzE4
expires_in
7199
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJOeVhRNVhDSnFpNEJPN0JoRXRoNW1BIiwiYXVkIjpbIjg4YzE1Nzg0LTNkZmQtNGRmMy1iMjk2LTAxY2RkYjA3YjliZSJdLCJhdXRoX3RpbWUiOjE2Njk2MTMwMzMsImV4cCI6MTY2OTYyMDQ4OSwiaWF0IjoxNjY5NjEzMjg5LCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiJkMWM2ZWFhYi0wZTdjLTQ5YjktYjcwZC02MDNhODNiOTdhZDciLCJuYW1lIjoiSVNWIERldiIsIm5vbmNlIjoiUEpkNmNndFVycyIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NjEzMjg1LCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoiY2R5b3NtaDEwc3R6eGJfUGRjblliUSIsInNfaGFzaCI6IkhwT2lGOW0yQmFZcTJfWEc1WTlXa2ciLCJzdWIiOiI2MTYwMDE3TjY3In0.OomGo5MIrqxKQEdl4NIh0N6W3bEnBpBvSeD-Lub9xYH9sZz9Oqm02-BojNPyEvC28VvjtnzbnKYor-cMp3dCTarmXUqXn4L-MZjBPOvt1cCkbS8QFqMwbDFPbnVlIVgKR2lXTfL2HQqqLChAzqnLI86ncksYROkNm5_Vs6fBMLvve4mxvJo6KNjCWQCWCE5qqa1tES_fNCesuelDRogd5RSQBLRoleg6aX0TgZp-kZMbdlGh-7mn72tv0YO3PXLVOMUTbgS1W2vxhbevG2oExN8ACRUJJPzvDYhO4DWOuVr_5je9hyfIE7YvqKZy_veXwX7U8jSv2IgvaZjFh0DNlw
refresh_token
JkCravSY-W7am-EQxt7vXPPI97FQSKvkQex-i8zt5gI.5ampPNaWuLOlkRB0pAXhUCPMTGq_ZwgOXaZ0j72IEj4hd_2kA0Yu3rEkvHB3EHhdYHQPjIQeFpvAdA7EqtFVOg.M18xNjY5NjEzMjg5XzE4
scope
openid
token_type
bearer
2022-11-28 05:28:09 SUCCESS
CheckIfTokenEndpointResponseError
No error from token endpoint
2022-11-28 05:28:09 SUCCESS
CheckForAccessTokenValue
Found an access token
access_token
GoXu4n9WUkslveH8fBIDNPykXb9cT5T9Eyen5mM4sKo.wu7DFlJBU7nTmZV9WfTSilMmKYDqWIYchIhRJqs8aheh9jDlh0ykqnRjbt61--HQxAfrsoDUPf00w2gJx7DBXg.M18xNjY5NjEzMjg5XzE4
2022-11-28 05:28:09 SUCCESS
ExtractAccessTokenFromTokenResponse
Extracted the access token
value
GoXu4n9WUkslveH8fBIDNPykXb9cT5T9Eyen5mM4sKo.wu7DFlJBU7nTmZV9WfTSilMmKYDqWIYchIhRJqs8aheh9jDlh0ykqnRjbt61--HQxAfrsoDUPf00w2gJx7DBXg.M18xNjY5NjEzMjg5XzE4
type
bearer
2022-11-28 05:28:09 SUCCESS
ExtractExpiresInFromTokenEndpointResponse
Extracted 'expires_in'
expires_in
7199
2022-11-28 05:28:09 SUCCESS
ValidateExpiresIn
expires_in passed all validation checks
expires_in
7199
2022-11-28 05:28:09 SUCCESS
CheckForRefreshTokenValue
Found a refresh token
refresh_token
JkCravSY-W7am-EQxt7vXPPI97FQSKvkQex-i8zt5gI.5ampPNaWuLOlkRB0pAXhUCPMTGq_ZwgOXaZ0j72IEj4hd_2kA0Yu3rEkvHB3EHhdYHQPjIQeFpvAdA7EqtFVOg.M18xNjY5NjEzMjg5XzE4
2022-11-28 05:28:09 SUCCESS
ExtractIdTokenFromTokenResponse
Found and parsed the id_token from token_endpoint_response
value
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJOeVhRNVhDSnFpNEJPN0JoRXRoNW1BIiwiYXVkIjpbIjg4YzE1Nzg0LTNkZmQtNGRmMy1iMjk2LTAxY2RkYjA3YjliZSJdLCJhdXRoX3RpbWUiOjE2Njk2MTMwMzMsImV4cCI6MTY2OTYyMDQ4OSwiaWF0IjoxNjY5NjEzMjg5LCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiJkMWM2ZWFhYi0wZTdjLTQ5YjktYjcwZC02MDNhODNiOTdhZDciLCJuYW1lIjoiSVNWIERldiIsIm5vbmNlIjoiUEpkNmNndFVycyIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NjEzMjg1LCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoiY2R5b3NtaDEwc3R6eGJfUGRjblliUSIsInNfaGFzaCI6IkhwT2lGOW0yQmFZcTJfWEc1WTlXa2ciLCJzdWIiOiI2MTYwMDE3TjY3In0.OomGo5MIrqxKQEdl4NIh0N6W3bEnBpBvSeD-Lub9xYH9sZz9Oqm02-BojNPyEvC28VvjtnzbnKYor-cMp3dCTarmXUqXn4L-MZjBPOvt1cCkbS8QFqMwbDFPbnVlIVgKR2lXTfL2HQqqLChAzqnLI86ncksYROkNm5_Vs6fBMLvve4mxvJo6KNjCWQCWCE5qqa1tES_fNCesuelDRogd5RSQBLRoleg6aX0TgZp-kZMbdlGh-7mn72tv0YO3PXLVOMUTbgS1W2vxhbevG2oExN8ACRUJJPzvDYhO4DWOuVr_5je9hyfIE7YvqKZy_veXwX7U8jSv2IgvaZjFh0DNlw
header
{
  "kid": "server",
  "alg": "RS256"
}
claims
{
  "at_hash": "NyXQ5XCJqi4BO7BhEth5mA",
  "sub": "6160017N67",
  "rat": 1669613285,
  "realmName": "cloudIdentityRealm",
  "amr": [
    "password"
  ],
  "iss": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "preferred_username": "isvdev@ibm.com",
  "nonce": "PJd6cgtUrs",
  "rt_hash": "cdyosmh10stzxb_PdcnYbQ",
  "acr": "urn:ibm:security:policy:id:1",
  "aud": "88c15784-3dfd-4df3-b296-01cddb07b9be",
  "s_hash": "HpOiF9m2BaYq2_XG5Y9Wkg",
  "auth_time": 1669613033,
  "name": "ISV Dev",
  "exp": 1669620489,
  "iat": 1669613289,
  "jti": "d1c6eaab-0e7c-49b9-b70d-603a83b97ad7"
}
2022-11-28 05:28:09 SUCCESS
ValidateIdToken
ID token iss, aud, exp, iat, auth_time, acr & nbf claims passed validation checks
2022-11-28 05:28:09
ValidateIdTokenStandardClaims
sub is a string with content
2022-11-28 05:28:09
ValidateIdTokenStandardClaims
Skipping unknown claim: rat
2022-11-28 05:28:09
ValidateIdTokenStandardClaims
Skipping unknown claim: realmName
2022-11-28 05:28:09
ValidateIdTokenStandardClaims
preferred_username is a string with content
2022-11-28 05:28:09
ValidateIdTokenStandardClaims
Skipping unknown claim: rt_hash
2022-11-28 05:28:09
ValidateIdTokenStandardClaims
name is a string with content
2022-11-28 05:28:09 SUCCESS
ValidateIdTokenStandardClaims
id_token claims are valid
2022-11-28 05:28:09 SUCCESS
ValidateIdTokenNonce
Nonce values match
nonce
PJd6cgtUrs
2022-11-28 05:28:09 SUCCESS
ValidateIdTokenACRClaimAgainstRequest
Nothing to check; the conformance suite did not request an acr claim in request object
2022-11-28 05:28:09 SUCCESS
ValidateIdTokenSignature
id_token signature validated
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJOeVhRNVhDSnFpNEJPN0JoRXRoNW1BIiwiYXVkIjpbIjg4YzE1Nzg0LTNkZmQtNGRmMy1iMjk2LTAxY2RkYjA3YjliZSJdLCJhdXRoX3RpbWUiOjE2Njk2MTMwMzMsImV4cCI6MTY2OTYyMDQ4OSwiaWF0IjoxNjY5NjEzMjg5LCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiJkMWM2ZWFhYi0wZTdjLTQ5YjktYjcwZC02MDNhODNiOTdhZDciLCJuYW1lIjoiSVNWIERldiIsIm5vbmNlIjoiUEpkNmNndFVycyIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NjEzMjg1LCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoiY2R5b3NtaDEwc3R6eGJfUGRjblliUSIsInNfaGFzaCI6IkhwT2lGOW0yQmFZcTJfWEc1WTlXa2ciLCJzdWIiOiI2MTYwMDE3TjY3In0.OomGo5MIrqxKQEdl4NIh0N6W3bEnBpBvSeD-Lub9xYH9sZz9Oqm02-BojNPyEvC28VvjtnzbnKYor-cMp3dCTarmXUqXn4L-MZjBPOvt1cCkbS8QFqMwbDFPbnVlIVgKR2lXTfL2HQqqLChAzqnLI86ncksYROkNm5_Vs6fBMLvve4mxvJo6KNjCWQCWCE5qqa1tES_fNCesuelDRogd5RSQBLRoleg6aX0TgZp-kZMbdlGh-7mn72tv0YO3PXLVOMUTbgS1W2vxhbevG2oExN8ACRUJJPzvDYhO4DWOuVr_5je9hyfIE7YvqKZy_veXwX7U8jSv2IgvaZjFh0DNlw
2022-11-28 05:28:09 SUCCESS
ValidateIdTokenSignatureUsingKid
id_token signature validated
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJOeVhRNVhDSnFpNEJPN0JoRXRoNW1BIiwiYXVkIjpbIjg4YzE1Nzg0LTNkZmQtNGRmMy1iMjk2LTAxY2RkYjA3YjliZSJdLCJhdXRoX3RpbWUiOjE2Njk2MTMwMzMsImV4cCI6MTY2OTYyMDQ4OSwiaWF0IjoxNjY5NjEzMjg5LCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiJkMWM2ZWFhYi0wZTdjLTQ5YjktYjcwZC02MDNhODNiOTdhZDciLCJuYW1lIjoiSVNWIERldiIsIm5vbmNlIjoiUEpkNmNndFVycyIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NjEzMjg1LCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoiY2R5b3NtaDEwc3R6eGJfUGRjblliUSIsInNfaGFzaCI6IkhwT2lGOW0yQmFZcTJfWEc1WTlXa2ciLCJzdWIiOiI2MTYwMDE3TjY3In0.OomGo5MIrqxKQEdl4NIh0N6W3bEnBpBvSeD-Lub9xYH9sZz9Oqm02-BojNPyEvC28VvjtnzbnKYor-cMp3dCTarmXUqXn4L-MZjBPOvt1cCkbS8QFqMwbDFPbnVlIVgKR2lXTfL2HQqqLChAzqnLI86ncksYROkNm5_Vs6fBMLvve4mxvJo6KNjCWQCWCE5qqa1tES_fNCesuelDRogd5RSQBLRoleg6aX0TgZp-kZMbdlGh-7mn72tv0YO3PXLVOMUTbgS1W2vxhbevG2oExN8ACRUJJPzvDYhO4DWOuVr_5je9hyfIE7YvqKZy_veXwX7U8jSv2IgvaZjFh0DNlw
2022-11-28 05:28:09 SUCCESS
CheckForSubjectInIdToken
Found 'sub' in id_token
sub
6160017N67
2022-11-28 05:28:09
EnsureIdTokenUpdatedAtValid
id_token response does not contain 'updated_at'
2022-11-28 05:28:09 INFO
ValidateEncryptedIdTokenHasKid
Skipped evaluation due to missing required element: id_token jwe_header
path
jwe_header
mapped
object
id_token
2022-11-28 05:28:09 SUCCESS
VerifyIdTokenSubConsistentHybridFlow
authorization endpoint and token endpoint id_token have same sub
sub_auth_endpoint
6160017N67
sub_token_endpoint
6160017N67
2022-11-28 05:28:09 SUCCESS
ExtractRefreshTokenFromTokenResponse
Extracted refresh token from response
refresh_token
JkCravSY-W7am-EQxt7vXPPI97FQSKvkQex-i8zt5gI.5ampPNaWuLOlkRB0pAXhUCPMTGq_ZwgOXaZ0j72IEj4hd_2kA0Yu3rEkvHB3EHhdYHQPjIQeFpvAdA7EqtFVOg.M18xNjY5NjEzMjg5XzE4
2022-11-28 05:28:09 SUCCESS
EnsureServerConfigurationSupportsRefreshToken
The server configuration indicates support for refresh tokens
supported_grant_types
[
  "authorization_code",
  "implicit",
  "password",
  "refresh_token",
  "client_credentials"
]
2022-11-28 05:28:09 SUCCESS
EnsureRefreshTokenContainsAllowedCharactersOnly
Refresh token does not contain any illegal characters
Refresh Token Request
2022-11-28 05:28:09 SUCCESS
CreateRefreshTokenRequest
Created token endpoint request parameters
grant_type
refresh_token
refresh_token
JkCravSY-W7am-EQxt7vXPPI97FQSKvkQex-i8zt5gI.5ampPNaWuLOlkRB0pAXhUCPMTGq_ZwgOXaZ0j72IEj4hd_2kA0Yu3rEkvHB3EHhdYHQPjIQeFpvAdA7EqtFVOg.M18xNjY5NjEzMjg5XzE4
2022-11-28 05:28:09 SUCCESS
AddScopeToTokenEndpointRequest
Added scope of 'openid' to token endpoint request
grant_type
refresh_token
refresh_token
JkCravSY-W7am-EQxt7vXPPI97FQSKvkQex-i8zt5gI.5ampPNaWuLOlkRB0pAXhUCPMTGq_ZwgOXaZ0j72IEj4hd_2kA0Yu3rEkvHB3EHhdYHQPjIQeFpvAdA7EqtFVOg.M18xNjY5NjEzMjg5XzE4
scope
openid
2022-11-28 05:28:09 SUCCESS
CreateClientAuthenticationAssertionClaims
Created client assertion claims
iss
88c15784-3dfd-4df3-b296-01cddb07b9be
sub
88c15784-3dfd-4df3-b296-01cddb07b9be
aud
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/token
jti
dUOn4MIeHguIiOtkOxOu
iat
1669613289
exp
1669613349
2022-11-28 05:28:09 SUCCESS
SignClientAuthenticationAssertion
Signed the client assertion
client_assertion
eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiI4OGMxNTc4NC0zZGZkLTRkZjMtYjI5Ni0wMWNkZGIwN2I5YmUiLCJhdWQiOiJodHRwczpcL1wvb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tXC9vYXV0aDJcL3Rva2VuIiwiaXNzIjoiODhjMTU3ODQtM2RmZC00ZGYzLWIyOTYtMDFjZGRiMDdiOWJlIiwiZXhwIjoxNjY5NjEzMzQ5LCJpYXQiOjE2Njk2MTMyODksImp0aSI6ImRVT240TUllSGd1SWlPdGtPeE91In0.Ik1WYkyAb2elqpjHTODCH_lL55YaxEqIFfgRXWpW6wJdOYIRVp2CWC05gAUKPA9vsDbRPiuQ_jrrtpXCa6GOtTeHeZH8wuSZ8QaNcfc7GT_uftC4b84EJXsUCXa4tXDT1NuAsQWVKwcoUUCjASqETzMVMhBTfpUKWkk7Mz4Czmy6PLwQr3sb0n4BS2YbCQ3WVo9VSa6atUjmGhTNuRtm0POQRrLzrDCqckO3sQ3cOrGZkGQ90u8MyiGh8s0w0z_1J92N7MA_n0GLe_EM1MFT9a0_WZi8PTrfHJCE8mrqXSYRVTcU___fG7-AJcv2PfWkzEsosGqG6bmUTzoop6FUUg
2022-11-28 05:28:09
AddClientAssertionToTokenEndpointRequest
Added client assertion
grant_type
refresh_token
refresh_token
JkCravSY-W7am-EQxt7vXPPI97FQSKvkQex-i8zt5gI.5ampPNaWuLOlkRB0pAXhUCPMTGq_ZwgOXaZ0j72IEj4hd_2kA0Yu3rEkvHB3EHhdYHQPjIQeFpvAdA7EqtFVOg.M18xNjY5NjEzMjg5XzE4
scope
openid
client_assertion
eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiI4OGMxNTc4NC0zZGZkLTRkZjMtYjI5Ni0wMWNkZGIwN2I5YmUiLCJhdWQiOiJodHRwczpcL1wvb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tXC9vYXV0aDJcL3Rva2VuIiwiaXNzIjoiODhjMTU3ODQtM2RmZC00ZGYzLWIyOTYtMDFjZGRiMDdiOWJlIiwiZXhwIjoxNjY5NjEzMzQ5LCJpYXQiOjE2Njk2MTMyODksImp0aSI6ImRVT240TUllSGd1SWlPdGtPeE91In0.Ik1WYkyAb2elqpjHTODCH_lL55YaxEqIFfgRXWpW6wJdOYIRVp2CWC05gAUKPA9vsDbRPiuQ_jrrtpXCa6GOtTeHeZH8wuSZ8QaNcfc7GT_uftC4b84EJXsUCXa4tXDT1NuAsQWVKwcoUUCjASqETzMVMhBTfpUKWkk7Mz4Czmy6PLwQr3sb0n4BS2YbCQ3WVo9VSa6atUjmGhTNuRtm0POQRrLzrDCqckO3sQ3cOrGZkGQ90u8MyiGh8s0w0z_1J92N7MA_n0GLe_EM1MFT9a0_WZi8PTrfHJCE8mrqXSYRVTcU___fG7-AJcv2PfWkzEsosGqG6bmUTzoop6FUUg
client_assertion_type
urn:ietf:params:oauth:client-assertion-type:jwt-bearer
2022-11-28 05:28:09 SUCCESS
WaitForOneSecond
Pausing for 1 seconds
2022-11-28 05:28:10 SUCCESS
WaitForOneSecond
Woke up after 1 seconds sleep
2022-11-28 05:28:10
CallTokenEndpointAndReturnFullResponse
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/token
request_method
POST
request_headers
{
  "accept": "application/json",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "987"
}
request_body
grant_type=refresh_token&refresh_token=JkCravSY-W7am-EQxt7vXPPI97FQSKvkQex-i8zt5gI.5ampPNaWuLOlkRB0pAXhUCPMTGq_ZwgOXaZ0j72IEj4hd_2kA0Yu3rEkvHB3EHhdYHQPjIQeFpvAdA7EqtFVOg.M18xNjY5NjEzMjg5XzE4&scope=openid&client_assertion=eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiI4OGMxNTc4NC0zZGZkLTRkZjMtYjI5Ni0wMWNkZGIwN2I5YmUiLCJhdWQiOiJodHRwczpcL1wvb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tXC9vYXV0aDJcL3Rva2VuIiwiaXNzIjoiODhjMTU3ODQtM2RmZC00ZGYzLWIyOTYtMDFjZGRiMDdiOWJlIiwiZXhwIjoxNjY5NjEzMzQ5LCJpYXQiOjE2Njk2MTMyODksImp0aSI6ImRVT240TUllSGd1SWlPdGtPeE91In0.Ik1WYkyAb2elqpjHTODCH_lL55YaxEqIFfgRXWpW6wJdOYIRVp2CWC05gAUKPA9vsDbRPiuQ_jrrtpXCa6GOtTeHeZH8wuSZ8QaNcfc7GT_uftC4b84EJXsUCXa4tXDT1NuAsQWVKwcoUUCjASqETzMVMhBTfpUKWkk7Mz4Czmy6PLwQr3sb0n4BS2YbCQ3WVo9VSa6atUjmGhTNuRtm0POQRrLzrDCqckO3sQ3cOrGZkGQ90u8MyiGh8s0w0z_1J92N7MA_n0GLe_EM1MFT9a0_WZi8PTrfHJCE8mrqXSYRVTcU___fG7-AJcv2PfWkzEsosGqG6bmUTzoop6FUUg&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer
2022-11-28 05:28:10 RESPONSE
CallTokenEndpointAndReturnFullResponse
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK31f6b404-25ca-4b7a-81e2-5ef69213a546",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c281638446ea37424fc1",
  "content-length": "1425",
  "date": "Mon, 28 Nov 2022 05:28:10 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:0gOgCtAPnhR7bF9ukh4qR6J7l4MuVdv221EGP9hT2KE\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:57871319; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d0C5926F79EE5C7BCBE02F5BC8AE0F850~-1~YAAQJHYGFxTa+4SEAQAA5AS1vAja9RMmIsb6IWvnFPDz/tSYEpsOTamaGeuVBNKqa6IlXkqDSvmzKwVwLqmoepvpXt/SBDghNQEr6oqp2o+AIq6EKnFQGYSXefld0W/mutiDbbqMw0AwHXmZr449+4XUgicDi7P2FAfpPSXwPpzGEuMqVCMHEvDi2MdMWcRBKJt8NCrwNE5h3hwu1nqwyVL6pTUWTnWvsh1hkbdWMxEKPGx0TPPI28Zo1pc7spJ1SE9RDLLK3otIwOTPhKIyXX8zVxyQy6fELPqf8rRfkLoHxKcG3IPbyIcYiLM6F58ztkczhw5NA22TigGp61BdvN8252KrBQiSFxd3RhnYcGSGqETRsYY0qhXlQYtN2/GMUpLlLbE\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 05:28:10 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d6547284E25FEE412D8742A81B2E0A0B6~YAAQJHYGFxXa+4SEAQAA5AS1vBFoGaISHuAdv2b2f1vj+Ul4QzYOySTzvhBS4WYaruY34XSdee4XEjAomsPHPOrRREEIyZQHqLWGfVqUfCgUiGHuraj7tTlOuQI5d/B2XNIpAaqMR/FnAva1DuEDndOodDh6J6lOivv1TpIHWj3pS3OOYvYN0BrelpzmPH7Xz4G4eDYPBFYKZgYrxwGG57doDJEv3/PHv1Ri6FG8JH+qA48Mwl9jcIft8Ze6Y2SAXoejdR8tTau6B3MDWuqX9fiI5lpGRQigqLlOWyvGDOw0+Oz5JG0+11QmV140~3225653~3424580; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 09:28:10 GMT; Max-Age\u003d14400; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d135",
    "origin; dur\u003d188"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"access_token":"7fAtIr3ro3PqziYQKxCkQw5TDhZ9QIjBQjkdoloU_vc.JszarLgsDciIGpjlytoiGMPSlzd3igDPlWcXJ20aTA0WhmzYVEtsSIWGSFM6ppoFTO7FoHsS4TBhyl0gSEIi2g.M18xNjY5NjEzMjkwXzE4","expires_in":7200,"id_token":"eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJscGlmd1Z5VmV3MnBudjRVd2o2UnVBIiwiYXVkIjpbIjg4YzE1Nzg0LTNkZmQtNGRmMy1iMjk2LTAxY2RkYjA3YjliZSJdLCJhdXRoX3RpbWUiOjE2Njk2MTMwMzMsImV4cCI6MTY2OTYyMDQ5MCwiaWF0IjoxNjY5NjEzMjkwLCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiI0YjlmYzg4NS1mNDIzLTQ4YzQtYmNhMi00NDUxYmU1ZTlhNDIiLCJuYW1lIjoiSVNWIERldiIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NjEzMjg1LCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoiaDhLM0MyT3p1S0xQY1BwYm9oTFYzZyIsInN1YiI6IjYxNjAwMTdONjcifQ.ggAQt_Idc5z_EHrQf9-pvE9TgjEuMquHAbg4eweuClFrGT3ixXE6JYtfIO2XG4mE-mWdzuV6QCWw-QLBRkb3alm8266cJl68j1B3dZ34y1wLWNlBH0k9-QobHtFCX68p-quBPP9zQBMu5KUkUdTFY1HhqURgbx9Dqx9HGEzGFDTv-SokG7DrthESw6PmqvH8z6RmyWqLTECR4aSmDsb19GxiYnAwVRyhfAMrI00df6qTQ1-r7XwDWcnHzgqSD7m89r9QZoyU_besE5tPIs9F5HCGO15fjruH_wdM5sta0NVAj7RfG1zo0j2--8Rw05fXFjbXiv5kslrTZiGvpaXpZg","refresh_token":"cPQP-FJA5OyUJCk0pExhr7WtazoLdHaJ1p18udx7kgY.TffYFI8sTIGAoVfSv2an737Ig0aAKfDnycNArb7I8vxnGcgYKrQ3lBjW6cDRdKBTOiylBQ4773fEMC8cuxLsEQ.M18xNjY5NjEzMjkwXzE4","scope":"openid","token_type":"bearer"}
2022-11-28 05:28:10 SUCCESS
CallTokenEndpointAndReturnFullResponse
Parsed token endpoint response
access_token
7fAtIr3ro3PqziYQKxCkQw5TDhZ9QIjBQjkdoloU_vc.JszarLgsDciIGpjlytoiGMPSlzd3igDPlWcXJ20aTA0WhmzYVEtsSIWGSFM6ppoFTO7FoHsS4TBhyl0gSEIi2g.M18xNjY5NjEzMjkwXzE4
expires_in
7200
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJscGlmd1Z5VmV3MnBudjRVd2o2UnVBIiwiYXVkIjpbIjg4YzE1Nzg0LTNkZmQtNGRmMy1iMjk2LTAxY2RkYjA3YjliZSJdLCJhdXRoX3RpbWUiOjE2Njk2MTMwMzMsImV4cCI6MTY2OTYyMDQ5MCwiaWF0IjoxNjY5NjEzMjkwLCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiI0YjlmYzg4NS1mNDIzLTQ4YzQtYmNhMi00NDUxYmU1ZTlhNDIiLCJuYW1lIjoiSVNWIERldiIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NjEzMjg1LCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoiaDhLM0MyT3p1S0xQY1BwYm9oTFYzZyIsInN1YiI6IjYxNjAwMTdONjcifQ.ggAQt_Idc5z_EHrQf9-pvE9TgjEuMquHAbg4eweuClFrGT3ixXE6JYtfIO2XG4mE-mWdzuV6QCWw-QLBRkb3alm8266cJl68j1B3dZ34y1wLWNlBH0k9-QobHtFCX68p-quBPP9zQBMu5KUkUdTFY1HhqURgbx9Dqx9HGEzGFDTv-SokG7DrthESw6PmqvH8z6RmyWqLTECR4aSmDsb19GxiYnAwVRyhfAMrI00df6qTQ1-r7XwDWcnHzgqSD7m89r9QZoyU_besE5tPIs9F5HCGO15fjruH_wdM5sta0NVAj7RfG1zo0j2--8Rw05fXFjbXiv5kslrTZiGvpaXpZg
refresh_token
cPQP-FJA5OyUJCk0pExhr7WtazoLdHaJ1p18udx7kgY.TffYFI8sTIGAoVfSv2an737Ig0aAKfDnycNArb7I8vxnGcgYKrQ3lBjW6cDRdKBTOiylBQ4773fEMC8cuxLsEQ.M18xNjY5NjEzMjkwXzE4
scope
openid
token_type
bearer
2022-11-28 05:28:10 SUCCESS
CheckTokenEndpointHttpStatus200
Token endpoint http status code was 200
2022-11-28 05:28:10 SUCCESS
CheckTokenEndpointReturnedJsonContentType
token_endpoint_response_headers Content-Type: header is application/json
2022-11-28 05:28:10 SUCCESS
CheckTokenEndpointCacheHeaders
'cache-control' header in token endpoint response contains expected value.
cache_control_header
no-store
2022-11-28 05:28:10 SUCCESS
CheckIfTokenEndpointResponseError
No error from token endpoint
2022-11-28 05:28:10 SUCCESS
ExtractAccessTokenFromTokenResponse
Extracted the access token
value
7fAtIr3ro3PqziYQKxCkQw5TDhZ9QIjBQjkdoloU_vc.JszarLgsDciIGpjlytoiGMPSlzd3igDPlWcXJ20aTA0WhmzYVEtsSIWGSFM6ppoFTO7FoHsS4TBhyl0gSEIi2g.M18xNjY5NjEzMjkwXzE4
type
bearer
2022-11-28 05:28:10 SUCCESS
CheckTokenTypeIsBearer
Token type is bearer
2022-11-28 05:28:10 SUCCESS
EnsureMinimumAccessTokenEntropy
Calculated shannon entropy seems sufficient
actual
855.4628036970703
expected
96.0
value
7fAtIr3ro3PqziYQKxCkQw5TDhZ9QIjBQjkdoloU_vc.JszarLgsDciIGpjlytoiGMPSlzd3igDPlWcXJ20aTA0WhmzYVEtsSIWGSFM6ppoFTO7FoHsS4TBhyl0gSEIi2g.M18xNjY5NjEzMjkwXzE4
2022-11-28 05:28:10 SUCCESS
EnsureAccessTokenContainsAllowedCharactersOnly
Access token does not contain any illegal characters
2022-11-28 05:28:10 SUCCESS
ExtractExpiresInFromTokenEndpointResponse
Extracted 'expires_in'
expires_in
7200
2022-11-28 05:28:10 SUCCESS
ValidateExpiresIn
expires_in passed all validation checks
expires_in
7200
2022-11-28 05:28:10 SUCCESS
EnsureAccessTokenValuesAreDifferent
Access token values are not the same
first_access_token
GoXu4n9WUkslveH8fBIDNPykXb9cT5T9Eyen5mM4sKo.wu7DFlJBU7nTmZV9WfTSilMmKYDqWIYchIhRJqs8aheh9jDlh0ykqnRjbt61--HQxAfrsoDUPf00w2gJx7DBXg.M18xNjY5NjEzMjg5XzE4
second_access_token
7fAtIr3ro3PqziYQKxCkQw5TDhZ9QIjBQjkdoloU_vc.JszarLgsDciIGpjlytoiGMPSlzd3igDPlWcXJ20aTA0WhmzYVEtsSIWGSFM6ppoFTO7FoHsS4TBhyl0gSEIi2g.M18xNjY5NjEzMjkwXzE4
2022-11-28 05:28:10 SUCCESS
ExtractIdTokenFromTokenResponse
Found and parsed the id_token from token_endpoint_response
value
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJscGlmd1Z5VmV3MnBudjRVd2o2UnVBIiwiYXVkIjpbIjg4YzE1Nzg0LTNkZmQtNGRmMy1iMjk2LTAxY2RkYjA3YjliZSJdLCJhdXRoX3RpbWUiOjE2Njk2MTMwMzMsImV4cCI6MTY2OTYyMDQ5MCwiaWF0IjoxNjY5NjEzMjkwLCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiI0YjlmYzg4NS1mNDIzLTQ4YzQtYmNhMi00NDUxYmU1ZTlhNDIiLCJuYW1lIjoiSVNWIERldiIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NjEzMjg1LCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoiaDhLM0MyT3p1S0xQY1BwYm9oTFYzZyIsInN1YiI6IjYxNjAwMTdONjcifQ.ggAQt_Idc5z_EHrQf9-pvE9TgjEuMquHAbg4eweuClFrGT3ixXE6JYtfIO2XG4mE-mWdzuV6QCWw-QLBRkb3alm8266cJl68j1B3dZ34y1wLWNlBH0k9-QobHtFCX68p-quBPP9zQBMu5KUkUdTFY1HhqURgbx9Dqx9HGEzGFDTv-SokG7DrthESw6PmqvH8z6RmyWqLTECR4aSmDsb19GxiYnAwVRyhfAMrI00df6qTQ1-r7XwDWcnHzgqSD7m89r9QZoyU_besE5tPIs9F5HCGO15fjruH_wdM5sta0NVAj7RfG1zo0j2--8Rw05fXFjbXiv5kslrTZiGvpaXpZg
header
{
  "kid": "server",
  "alg": "RS256"
}
claims
{
  "at_hash": "lpifwVyVew2pnv4Uwj6RuA",
  "sub": "6160017N67",
  "rat": 1669613285,
  "realmName": "cloudIdentityRealm",
  "amr": [
    "password"
  ],
  "iss": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "preferred_username": "isvdev@ibm.com",
  "rt_hash": "h8K3C2OzuKLPcPpbohLV3g",
  "acr": "urn:ibm:security:policy:id:1",
  "aud": "88c15784-3dfd-4df3-b296-01cddb07b9be",
  "auth_time": 1669613033,
  "name": "ISV Dev",
  "exp": 1669620490,
  "iat": 1669613290,
  "jti": "4b9fc885-f423-48c4-bca2-4451be5e9a42"
}
2022-11-28 05:28:10 SUCCESS
ExtractRefreshTokenFromTokenResponse
Extracted refresh token from response
refresh_token
cPQP-FJA5OyUJCk0pExhr7WtazoLdHaJ1p18udx7kgY.TffYFI8sTIGAoVfSv2an737Ig0aAKfDnycNArb7I8vxnGcgYKrQ3lBjW6cDRdKBTOiylBQ4773fEMC8cuxLsEQ.M18xNjY5NjEzMjkwXzE4
2022-11-28 05:28:10 SUCCESS
EnsureMinimumRefreshTokenLength
Refresh token is of sufficient length
actual
1208
required
128
2022-11-28 05:28:10 SUCCESS
EnsureMinimumRefreshTokenEntropy
Calculated shannon entropy seems sufficient
actual
859.9761162790475
expected
96.0
value
cPQP-FJA5OyUJCk0pExhr7WtazoLdHaJ1p18udx7kgY.TffYFI8sTIGAoVfSv2an737Ig0aAKfDnycNArb7I8vxnGcgYKrQ3lBjW6cDRdKBTOiylBQ4773fEMC8cuxLsEQ.M18xNjY5NjEzMjkwXzE4
2022-11-28 05:28:10 SUCCESS
CompareIdTokenClaims
Validated id token claims successfully
iss
{
  "first": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "second": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "note": "Values are expected to be equal"
}
sub
{
  "first": "6160017N67",
  "second": "6160017N67",
  "note": "Values are expected to be equal"
}
iat
{
  "first": 1669613289,
  "second": 1669613290,
  "note": "Values are expected to be different"
}
aud
{
  "first": "88c15784-3dfd-4df3-b296-01cddb07b9be",
  "second": "88c15784-3dfd-4df3-b296-01cddb07b9be",
  "note": "Values are expected to be equal"
}
auth_time
{
  "first": 1669613033,
  "second": 1669613033,
  "note": "Values are expected to be equal"
}
azp
Id tokens do not contain azp claims
Userinfo endpoint tests
2022-11-28 05:28:10
CallProtectedResource
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/userinfo
request_method
GET
request_headers
{
  "accept": "application/json",
  "authorization": "bearer 7fAtIr3ro3PqziYQKxCkQw5TDhZ9QIjBQjkdoloU_vc.JszarLgsDciIGpjlytoiGMPSlzd3igDPlWcXJ20aTA0WhmzYVEtsSIWGSFM6ppoFTO7FoHsS4TBhyl0gSEIi2g.M18xNjY5NjEzMjkwXzE4",
  "content-length": "0"
}
request_body

                                
2022-11-28 05:28:11 RESPONSE
CallProtectedResource
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK7041c521-3c93-4dda-a787-0585fc103a60",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c281638446ea21a53ca5",
  "content-length": "324",
  "date": "Mon, 28 Nov 2022 05:28:11 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:lPWV0nsykRFFZFKzhU3uwfCZUwgbX+XpbnuYpjDrfHk\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:54725591; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d5FAD2DEAC3F5D372ABCEBE8398A745CE~-1~YAAQJHYGFyLa+4SEAQAAAwa1vAhmHbU0p739FHvYsXyA3wXLk90ThGXyuOdE+Yyq7MFOkghQ9RrELA4NxK7h0TphnpBDZh0QdSPAyMRow0KEy8J5g+m4nHcMAYBwE8KSzRYPQC/WVlj66ef5tGAWgJdTQdyTbAwt6bPP7jtjfGPetrltzmHdCpkXdMjpNOV1huKSx15Hw5ZdtABvg7ArVK58qMQze374xdGLG0xXV0dsBUFydhZYiVKUNbDMSGCAGaIjwhA/HwspmoWrl0Wk4Q2HxuuYmnG4kAKv0p0K+M6PAgf+PJijB6S776nTyQbZ9klUxbtA5JrzjY2Qtnmnh4k2R39oGB3pw8PU86cs4B2LVAjiH1HM2rZAIXfT1wTHkMKBebk\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 05:28:11 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d03C9A18CC4D3C0C44DE7589E9DA09CD6~YAAQJHYGFyPa+4SEAQAAAwa1vBHWzAwYbstpmkAT9RtwcTMsjn091IqrxCCrgl/s6MOfSKmO13ELi+foNQKHnwt+DInEb6fGiYrxrJhK28F23ikMBEQ7wjS/wImacemlFT2YyMSbgX7I0uOyekig10mof0AGrs8Yv2SvMEU2iuQfpO8J56gqHcWoLznfzlVtMhZPJ+4XDACCyexqfAiWq/lynCWgF4ArNK3pzOH7Jz+CJWlpaa0/h+iRAGJkYt4KpHA6opZzIX+Ptt7x2Xe7ZeqgDQ49rLmKyNGkslKLtY/XvKRiu8KIuJtAEIDw~3225653~3424580; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 09:28:10 GMT; Max-Age\u003d14399; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d90",
    "origin; dur\u003d121"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"acr":"urn:ibm:security:policy:id:1","amr":["password"],"aud":["88c15784-3dfd-4df3-b296-01cddb07b9be"],"auth_time":1669613033,"iss":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2","name":"ISV Dev","preferred_username":"isvdev@ibm.com","rat":1669613285,"realmName":"cloudIdentityRealm","sub":"6160017N67"}
2022-11-28 05:28:11 SUCCESS
CallProtectedResource
Got a response from the resource endpoint
status
200
endpoint_name
resource
headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK7041c521-3c93-4dda-a787-0585fc103a60",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c281638446ea21a53ca5",
  "content-length": "324",
  "date": "Mon, 28 Nov 2022 05:28:11 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:lPWV0nsykRFFZFKzhU3uwfCZUwgbX+XpbnuYpjDrfHk\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:54725591; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d5FAD2DEAC3F5D372ABCEBE8398A745CE~-1~YAAQJHYGFyLa+4SEAQAAAwa1vAhmHbU0p739FHvYsXyA3wXLk90ThGXyuOdE+Yyq7MFOkghQ9RrELA4NxK7h0TphnpBDZh0QdSPAyMRow0KEy8J5g+m4nHcMAYBwE8KSzRYPQC/WVlj66ef5tGAWgJdTQdyTbAwt6bPP7jtjfGPetrltzmHdCpkXdMjpNOV1huKSx15Hw5ZdtABvg7ArVK58qMQze374xdGLG0xXV0dsBUFydhZYiVKUNbDMSGCAGaIjwhA/HwspmoWrl0Wk4Q2HxuuYmnG4kAKv0p0K+M6PAgf+PJijB6S776nTyQbZ9klUxbtA5JrzjY2Qtnmnh4k2R39oGB3pw8PU86cs4B2LVAjiH1HM2rZAIXfT1wTHkMKBebk\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 05:28:11 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d03C9A18CC4D3C0C44DE7589E9DA09CD6~YAAQJHYGFyPa+4SEAQAAAwa1vBHWzAwYbstpmkAT9RtwcTMsjn091IqrxCCrgl/s6MOfSKmO13ELi+foNQKHnwt+DInEb6fGiYrxrJhK28F23ikMBEQ7wjS/wImacemlFT2YyMSbgX7I0uOyekig10mof0AGrs8Yv2SvMEU2iuQfpO8J56gqHcWoLznfzlVtMhZPJ+4XDACCyexqfAiWq/lynCWgF4ArNK3pzOH7Jz+CJWlpaa0/h+iRAGJkYt4KpHA6opZzIX+Ptt7x2Xe7ZeqgDQ49rLmKyNGkslKLtY/XvKRiu8KIuJtAEIDw~3225653~3424580; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 09:28:10 GMT; Max-Age\u003d14399; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d90",
    "origin; dur\u003d121"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
body
{"acr":"urn:ibm:security:policy:id:1","amr":["password"],"aud":["88c15784-3dfd-4df3-b296-01cddb07b9be"],"auth_time":1669613033,"iss":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2","name":"ISV Dev","preferred_username":"isvdev@ibm.com","rat":1669613285,"realmName":"cloudIdentityRealm","sub":"6160017N67"}
2022-11-28 05:28:11 SUCCESS
EnsureHttpStatusCodeIs200
resource endpoint returned the expected http status
expected_status
200
http_status
200
Second client: Make request to authorization endpoint
2022-11-28 05:28:11 SUCCESS
CreateAuthorizationEndpointRequestFromClientInformation
Created authorization endpoint request
client_id
bc461ba4-7259-47fe-a448-308743221fd4
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
scope
openid
2022-11-28 05:28:11
CreateRandomStateValue
Created state value
requested_state_length
10
state
ldgQGENajN
2022-11-28 05:28:11 SUCCESS
AddStateToAuthorizationEndpointRequest
Added state parameter to request
client_id
bc461ba4-7259-47fe-a448-308743221fd4
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
scope
openid
state
ldgQGENajN
2022-11-28 05:28:11
CreateRandomNonceValue
Created nonce value
requested_nonce_length
10
nonce
lD4ixfAEcX
2022-11-28 05:28:11 SUCCESS
AddNonceToAuthorizationEndpointRequest
Added nonce parameter to request
client_id
bc461ba4-7259-47fe-a448-308743221fd4
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
scope
openid
state
ldgQGENajN
nonce
lD4ixfAEcX
2022-11-28 05:28:11 SUCCESS
SetAuthorizationEndpointRequestResponseTypeFromEnvironment
Added response_type parameter to request
client_id
bc461ba4-7259-47fe-a448-308743221fd4
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
scope
openid
state
ldgQGENajN
nonce
lD4ixfAEcX
response_type
code id_token
2022-11-28 05:28:11 SUCCESS
AddPromptConsentToAuthorizationEndpointRequestIfScopeContainsOfflineAccess
Not adding prompt=consent as the scope in the configuration does not contain offline_access
2022-11-28 05:28:11 SUCCESS
BuildPlainRedirectToAuthorizationEndpoint
Sending to authorization endpoint
auth_request
{
  "client_id": "bc461ba4-7259-47fe-a448-308743221fd4",
  "redirect_uri": "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback",
  "scope": "openid",
  "state": "ldgQGENajN",
  "nonce": "lD4ixfAEcX",
  "response_type": "code id_token"
}
redirect_to_authorization_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/authorize?client_id=bc461ba4-7259-47fe-a448-308743221fd4&redirect_uri=https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback&scope=openid&state=ldgQGENajN&nonce=lD4ixfAEcX&response_type=code%20id_token
2022-11-28 05:28:11 REDIRECT
oidcc-refresh-token
Redirecting to authorization endpoint
redirect_to
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/authorize?client_id=bc461ba4-7259-47fe-a448-308743221fd4&redirect_uri=https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback&scope=openid&state=ldgQGENajN&nonce=lD4ixfAEcX&response_type=code%20id_token
2022-11-28 05:28:17 INCOMING
oidcc-refresh-token
Incoming HTTP request to /test/a/isv_op_oidc_core_test/callback
incoming_headers
{
  "host": "www.certification.openid.net",
  "cache-control": "max-age\u003d0",
  "upgrade-insecure-requests": "1",
  "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,image/avif,image/webp,image/apng,*/*;q\u003d0.8,application/signed-exchange;v\u003db3;q\u003d0.9",
  "sec-fetch-site": "cross-site",
  "sec-fetch-mode": "navigate",
  "sec-fetch-user": "?1",
  "sec-fetch-dest": "document",
  "sec-ch-ua": "\"Google Chrome\";v\u003d\"107\", \"Chromium\";v\u003d\"107\", \"Not\u003dA?Brand\";v\u003d\"24\"",
  "sec-ch-ua-mobile": "?0",
  "sec-ch-ua-platform": "\"Windows\"",
  "referer": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-US,en;q\u003d0.9,zh-CN;q\u003d0.8,zh;q\u003d0.7",
  "cookie": "__utmc\u003d201319536; __utma\u003d201319536.1094656506.1667372526.1669192421.1669574146.18; __utmz\u003d201319536.1669574146.18.4.utmcsr\u003dgoogle|utmccn\u003d(organic)|utmcmd\u003dorganic|utmctr\u003d(not%20provided); JSESSIONID\u003d3F138883B59A4562B9987C6E0F96FA4F",
  "connection": "close"
}
incoming_path
/test/a/isv_op_oidc_core_test/callback
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cert
incoming_query_string_params
{}
incoming_body
incoming_tls_chain
[
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL"
]
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_body_json
2022-11-28 05:28:17 SUCCESS
CreateRandomImplicitSubmitUrl
Created random implicit submission URL
implicit_submit
{
  "path": "implicit/eRtmBUM9947WnS4QaDDu",
  "fullUrl": "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/implicit/eRtmBUM9947WnS4QaDDu"
}
2022-11-28 05:28:17 OUTGOING
oidcc-refresh-token
Response to HTTP request to test instance nO4BA065gJm0PZr
outgoing
ModelAndView [view="implicitCallback"; model={implicitSubmitUrl=https://www.certification.openid.net/test/a/isv_op_oidc_core_test/implicit/eRtmBUM9947WnS4QaDDu, returnUrl=/log-detail.html?log=nO4BA065gJm0PZr}]
outgoing_path
callback
2022-11-28 05:28:18 INCOMING
oidcc-refresh-token
Incoming HTTP request to /test/a/isv_op_oidc_core_test/implicit/eRtmBUM9947WnS4QaDDu
incoming_headers
{
  "host": "www.certification.openid.net",
  "sec-ch-ua": "\"Google Chrome\";v\u003d\"107\", \"Chromium\";v\u003d\"107\", \"Not\u003dA?Brand\";v\u003d\"24\"",
  "accept": "*/*",
  "content-type": "text/plain",
  "x-requested-with": "XMLHttpRequest",
  "sec-ch-ua-mobile": "?0",
  "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36",
  "sec-ch-ua-platform": "\"Windows\"",
  "origin": "https://www.certification.openid.net",
  "sec-fetch-site": "same-origin",
  "sec-fetch-mode": "cors",
  "sec-fetch-dest": "empty",
  "referer": "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-US,en;q\u003d0.9,zh-CN;q\u003d0.8,zh;q\u003d0.7",
  "cookie": "__utmc\u003d201319536; __utma\u003d201319536.1094656506.1667372526.1669192421.1669574146.18; __utmz\u003d201319536.1669574146.18.4.utmcsr\u003dgoogle|utmccn\u003d(organic)|utmcmd\u003dorganic|utmctr\u003d(not%20provided); JSESSIONID\u003d3F138883B59A4562B9987C6E0F96FA4F",
  "connection": "close",
  "content-length": "1278"
}
incoming_path
/test/a/isv_op_oidc_core_test/implicit/eRtmBUM9947WnS4QaDDu
incoming_body_form_params
incoming_method
POST
incoming_tls_version
TLSv1.2
incoming_tls_cert
incoming_query_string_params
{}
incoming_body
#code=ywo-uTgw5iEnIQcthsofAhfZOsLdT2uY5oXpvEiHhuk.xhFhnwXfDhfIWkqTk3SlpATJZgst9lePYA9jze3KYJlxKYKOPvS2L9z91aYQTOLwkpfx9WrPF8r_jOo7Etn3Ug&id_token=eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF1ZCI6WyJiYzQ2MWJhNC03MjU5LTQ3ZmUtYTQ0OC0zMDg3NDMyMjFmZDQiXSwiYXV0aF90aW1lIjoxNjY5NjEzMDMzLCJjX2hhc2giOiJMSmZPdnhWeV9uM0JEWGN4azNISkJnIiwiZXhwIjoxNjY5NjIwNDk3LCJpYXQiOjE2Njk2MTMyOTcsImlzcyI6Imh0dHBzOi8vb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tL29hdXRoMiIsImp0aSI6ImJlYjQ2Nzk0LTJlNmYtNDJmMS1hOWQ1LTlkZTNmN2MzNDZlNiIsIm5hbWUiOiJJU1YgRGV2Iiwibm9uY2UiOiJsRDRpeGZBRWNYIiwicHJlZmVycmVkX3VzZXJuYW1lIjoiaXN2ZGV2QGlibS5jb20iLCJyYXQiOjE2Njk2MTMyOTMsInJlYWxtTmFtZSI6ImNsb3VkSWRlbnRpdHlSZWFsbSIsInNfaGFzaCI6Iko2Ujk1djBLelNnWnA1VkxoLUVyTUEiLCJzdWIiOiI2MTYwMDE3TjY3In0.HXdJxntEeqexGCsrbK4FPa9RDjCjLSq-0hr_4UNKjeYUyMHUP7b9twtfRzu0Kr0mfl_PxvON9Fi6O6pWKjP0ITgSTgIScfZQS7DgS07thp0-Pn-t0OkqE0AbajM_boawagccOgwNxAUpuCbBSFic8hOT03cGqgxi-5zBcDzYmhxYq1vguzihuLoHZQg4EXVTUvEiOMXmYP-SyCGiJTqPsYdysihDHSdrVc6m15R3Kr0guI8LqnUurSphe1Wwdckx1bg0MXpxRmRzVg15R4h1Yh6WexIzBTHJgmTkDC2OE3F3rtKCAc9w3z5-gmp0q_ksGuCLKzDOlU2npdJXrKN_-w&iss=https%3A%2F%2Foidc-conformance.rel.verify.ibmcloudsecurity.com%2Foauth2&state=ldgQGENajN
incoming_tls_chain
[
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL"
]
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_body_json
2022-11-28 05:28:18 OUTGOING
oidcc-refresh-token
Response to HTTP request to test instance nO4BA065gJm0PZr
outgoing_status_code
204
outgoing_headers
{}
outgoing_body

                                
outgoing_path
implicit/eRtmBUM9947WnS4QaDDu
2022-11-28 05:28:18
ExtractImplicitHashToCallbackResponse
Extracted response from URL fragment
parameters
[
  {
    "name": "code",
    "value": "ywo-uTgw5iEnIQcthsofAhfZOsLdT2uY5oXpvEiHhuk.xhFhnwXfDhfIWkqTk3SlpATJZgst9lePYA9jze3KYJlxKYKOPvS2L9z91aYQTOLwkpfx9WrPF8r_jOo7Etn3Ug"
  },
  {
    "name": "id_token",
    "value": "eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF1ZCI6WyJiYzQ2MWJhNC03MjU5LTQ3ZmUtYTQ0OC0zMDg3NDMyMjFmZDQiXSwiYXV0aF90aW1lIjoxNjY5NjEzMDMzLCJjX2hhc2giOiJMSmZPdnhWeV9uM0JEWGN4azNISkJnIiwiZXhwIjoxNjY5NjIwNDk3LCJpYXQiOjE2Njk2MTMyOTcsImlzcyI6Imh0dHBzOi8vb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tL29hdXRoMiIsImp0aSI6ImJlYjQ2Nzk0LTJlNmYtNDJmMS1hOWQ1LTlkZTNmN2MzNDZlNiIsIm5hbWUiOiJJU1YgRGV2Iiwibm9uY2UiOiJsRDRpeGZBRWNYIiwicHJlZmVycmVkX3VzZXJuYW1lIjoiaXN2ZGV2QGlibS5jb20iLCJyYXQiOjE2Njk2MTMyOTMsInJlYWxtTmFtZSI6ImNsb3VkSWRlbnRpdHlSZWFsbSIsInNfaGFzaCI6Iko2Ujk1djBLelNnWnA1VkxoLUVyTUEiLCJzdWIiOiI2MTYwMDE3TjY3In0.HXdJxntEeqexGCsrbK4FPa9RDjCjLSq-0hr_4UNKjeYUyMHUP7b9twtfRzu0Kr0mfl_PxvON9Fi6O6pWKjP0ITgSTgIScfZQS7DgS07thp0-Pn-t0OkqE0AbajM_boawagccOgwNxAUpuCbBSFic8hOT03cGqgxi-5zBcDzYmhxYq1vguzihuLoHZQg4EXVTUvEiOMXmYP-SyCGiJTqPsYdysihDHSdrVc6m15R3Kr0guI8LqnUurSphe1Wwdckx1bg0MXpxRmRzVg15R4h1Yh6WexIzBTHJgmTkDC2OE3F3rtKCAc9w3z5-gmp0q_ksGuCLKzDOlU2npdJXrKN_-w"
  },
  {
    "name": "iss",
    "value": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2"
  },
  {
    "name": "state",
    "value": "ldgQGENajN"
  }
]
2022-11-28 05:28:18 SUCCESS
ExtractImplicitHashToCallbackResponse
Extracted the hash values
code
ywo-uTgw5iEnIQcthsofAhfZOsLdT2uY5oXpvEiHhuk.xhFhnwXfDhfIWkqTk3SlpATJZgst9lePYA9jze3KYJlxKYKOPvS2L9z91aYQTOLwkpfx9WrPF8r_jOo7Etn3Ug
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF1ZCI6WyJiYzQ2MWJhNC03MjU5LTQ3ZmUtYTQ0OC0zMDg3NDMyMjFmZDQiXSwiYXV0aF90aW1lIjoxNjY5NjEzMDMzLCJjX2hhc2giOiJMSmZPdnhWeV9uM0JEWGN4azNISkJnIiwiZXhwIjoxNjY5NjIwNDk3LCJpYXQiOjE2Njk2MTMyOTcsImlzcyI6Imh0dHBzOi8vb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tL29hdXRoMiIsImp0aSI6ImJlYjQ2Nzk0LTJlNmYtNDJmMS1hOWQ1LTlkZTNmN2MzNDZlNiIsIm5hbWUiOiJJU1YgRGV2Iiwibm9uY2UiOiJsRDRpeGZBRWNYIiwicHJlZmVycmVkX3VzZXJuYW1lIjoiaXN2ZGV2QGlibS5jb20iLCJyYXQiOjE2Njk2MTMyOTMsInJlYWxtTmFtZSI6ImNsb3VkSWRlbnRpdHlSZWFsbSIsInNfaGFzaCI6Iko2Ujk1djBLelNnWnA1VkxoLUVyTUEiLCJzdWIiOiI2MTYwMDE3TjY3In0.HXdJxntEeqexGCsrbK4FPa9RDjCjLSq-0hr_4UNKjeYUyMHUP7b9twtfRzu0Kr0mfl_PxvON9Fi6O6pWKjP0ITgSTgIScfZQS7DgS07thp0-Pn-t0OkqE0AbajM_boawagccOgwNxAUpuCbBSFic8hOT03cGqgxi-5zBcDzYmhxYq1vguzihuLoHZQg4EXVTUvEiOMXmYP-SyCGiJTqPsYdysihDHSdrVc6m15R3Kr0guI8LqnUurSphe1Wwdckx1bg0MXpxRmRzVg15R4h1Yh6WexIzBTHJgmTkDC2OE3F3rtKCAc9w3z5-gmp0q_ksGuCLKzDOlU2npdJXrKN_-w
iss
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2
state
ldgQGENajN
2022-11-28 05:28:18 REDIRECT-IN
oidcc-refresh-token
Authorization endpoint response captured
url_query
{}
headers
{
  "host": "www.certification.openid.net",
  "cache-control": "max-age\u003d0",
  "upgrade-insecure-requests": "1",
  "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,image/avif,image/webp,image/apng,*/*;q\u003d0.8,application/signed-exchange;v\u003db3;q\u003d0.9",
  "sec-fetch-site": "cross-site",
  "sec-fetch-mode": "navigate",
  "sec-fetch-user": "?1",
  "sec-fetch-dest": "document",
  "sec-ch-ua": "\"Google Chrome\";v\u003d\"107\", \"Chromium\";v\u003d\"107\", \"Not\u003dA?Brand\";v\u003d\"24\"",
  "sec-ch-ua-mobile": "?0",
  "sec-ch-ua-platform": "\"Windows\"",
  "referer": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-US,en;q\u003d0.9,zh-CN;q\u003d0.8,zh;q\u003d0.7",
  "cookie": "__utmc\u003d201319536; __utma\u003d201319536.1094656506.1667372526.1669192421.1669574146.18; __utmz\u003d201319536.1669574146.18.4.utmcsr\u003dgoogle|utmccn\u003d(organic)|utmcmd\u003dorganic|utmctr\u003d(not%20provided); JSESSIONID\u003d3F138883B59A4562B9987C6E0F96FA4F",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "x-forwarded-proto": "https",
  "x-forwarded-port": "443",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
http_method
GET
url_fragment
{
  "code": "ywo-uTgw5iEnIQcthsofAhfZOsLdT2uY5oXpvEiHhuk.xhFhnwXfDhfIWkqTk3SlpATJZgst9lePYA9jze3KYJlxKYKOPvS2L9z91aYQTOLwkpfx9WrPF8r_jOo7Etn3Ug",
  "id_token": "eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF1ZCI6WyJiYzQ2MWJhNC03MjU5LTQ3ZmUtYTQ0OC0zMDg3NDMyMjFmZDQiXSwiYXV0aF90aW1lIjoxNjY5NjEzMDMzLCJjX2hhc2giOiJMSmZPdnhWeV9uM0JEWGN4azNISkJnIiwiZXhwIjoxNjY5NjIwNDk3LCJpYXQiOjE2Njk2MTMyOTcsImlzcyI6Imh0dHBzOi8vb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tL29hdXRoMiIsImp0aSI6ImJlYjQ2Nzk0LTJlNmYtNDJmMS1hOWQ1LTlkZTNmN2MzNDZlNiIsIm5hbWUiOiJJU1YgRGV2Iiwibm9uY2UiOiJsRDRpeGZBRWNYIiwicHJlZmVycmVkX3VzZXJuYW1lIjoiaXN2ZGV2QGlibS5jb20iLCJyYXQiOjE2Njk2MTMyOTMsInJlYWxtTmFtZSI6ImNsb3VkSWRlbnRpdHlSZWFsbSIsInNfaGFzaCI6Iko2Ujk1djBLelNnWnA1VkxoLUVyTUEiLCJzdWIiOiI2MTYwMDE3TjY3In0.HXdJxntEeqexGCsrbK4FPa9RDjCjLSq-0hr_4UNKjeYUyMHUP7b9twtfRzu0Kr0mfl_PxvON9Fi6O6pWKjP0ITgSTgIScfZQS7DgS07thp0-Pn-t0OkqE0AbajM_boawagccOgwNxAUpuCbBSFic8hOT03cGqgxi-5zBcDzYmhxYq1vguzihuLoHZQg4EXVTUvEiOMXmYP-SyCGiJTqPsYdysihDHSdrVc6m15R3Kr0guI8LqnUurSphe1Wwdckx1bg0MXpxRmRzVg15R4h1Yh6WexIzBTHJgmTkDC2OE3F3rtKCAc9w3z5-gmp0q_ksGuCLKzDOlU2npdJXrKN_-w",
  "iss": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "state": "ldgQGENajN"
}
post_body
Second client: Verify authorization endpoint response
2022-11-28 05:28:18 SUCCESS
RejectAuthCodeInUrlQuery
Authorization code is not present in URL query returned from authorization endpoint
2022-11-28 05:28:18 SUCCESS
RejectErrorInUrlQuery
'error' is not present in URL query returned from authorization endpoint
2022-11-28 05:28:18 SUCCESS
CheckMatchingCallbackParameters
Callback parameters successfully verified
2022-11-28 05:28:18 SUCCESS
ValidateIssInAuthorizationResponse
'iss' parameter in authorization response matches server's issuer value.
2022-11-28 05:28:18 SUCCESS
CheckIfAuthorizationEndpointError
No error from authorization endpoint
2022-11-28 05:28:18 SUCCESS
CheckStateInAuthorizationResponse
State in response correctly returned
state
ldgQGENajN
2022-11-28 05:28:18 SUCCESS
ExtractAuthorizationCodeFromAuthorizationResponse
Found authorization code
code
ywo-uTgw5iEnIQcthsofAhfZOsLdT2uY5oXpvEiHhuk.xhFhnwXfDhfIWkqTk3SlpATJZgst9lePYA9jze3KYJlxKYKOPvS2L9z91aYQTOLwkpfx9WrPF8r_jOo7Etn3Ug
2022-11-28 05:28:18 SUCCESS
ExtractIdTokenFromAuthorizationResponse
Found and parsed the id_token from authorization_endpoint_response
value
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF1ZCI6WyJiYzQ2MWJhNC03MjU5LTQ3ZmUtYTQ0OC0zMDg3NDMyMjFmZDQiXSwiYXV0aF90aW1lIjoxNjY5NjEzMDMzLCJjX2hhc2giOiJMSmZPdnhWeV9uM0JEWGN4azNISkJnIiwiZXhwIjoxNjY5NjIwNDk3LCJpYXQiOjE2Njk2MTMyOTcsImlzcyI6Imh0dHBzOi8vb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tL29hdXRoMiIsImp0aSI6ImJlYjQ2Nzk0LTJlNmYtNDJmMS1hOWQ1LTlkZTNmN2MzNDZlNiIsIm5hbWUiOiJJU1YgRGV2Iiwibm9uY2UiOiJsRDRpeGZBRWNYIiwicHJlZmVycmVkX3VzZXJuYW1lIjoiaXN2ZGV2QGlibS5jb20iLCJyYXQiOjE2Njk2MTMyOTMsInJlYWxtTmFtZSI6ImNsb3VkSWRlbnRpdHlSZWFsbSIsInNfaGFzaCI6Iko2Ujk1djBLelNnWnA1VkxoLUVyTUEiLCJzdWIiOiI2MTYwMDE3TjY3In0.HXdJxntEeqexGCsrbK4FPa9RDjCjLSq-0hr_4UNKjeYUyMHUP7b9twtfRzu0Kr0mfl_PxvON9Fi6O6pWKjP0ITgSTgIScfZQS7DgS07thp0-Pn-t0OkqE0AbajM_boawagccOgwNxAUpuCbBSFic8hOT03cGqgxi-5zBcDzYmhxYq1vguzihuLoHZQg4EXVTUvEiOMXmYP-SyCGiJTqPsYdysihDHSdrVc6m15R3Kr0guI8LqnUurSphe1Wwdckx1bg0MXpxRmRzVg15R4h1Yh6WexIzBTHJgmTkDC2OE3F3rtKCAc9w3z5-gmp0q_ksGuCLKzDOlU2npdJXrKN_-w
header
{
  "kid": "server",
  "alg": "RS256"
}
claims
{
  "sub": "6160017N67",
  "rat": 1669613293,
  "realmName": "cloudIdentityRealm",
  "amr": [
    "password"
  ],
  "iss": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "preferred_username": "isvdev@ibm.com",
  "nonce": "lD4ixfAEcX",
  "acr": "urn:ibm:security:policy:id:1",
  "aud": "bc461ba4-7259-47fe-a448-308743221fd4",
  "c_hash": "LJfOvxVy_n3BDXcxk3HJBg",
  "s_hash": "J6R95v0KzSgZp5VLh-ErMA",
  "auth_time": 1669613033,
  "name": "ISV Dev",
  "exp": 1669620497,
  "iat": 1669613297,
  "jti": "beb46794-2e6f-42f1-a9d5-9de3f7c346e6"
}
2022-11-28 05:28:18 SUCCESS
ValidateIdToken
ID token iss, aud, exp, iat, auth_time, acr & nbf claims passed validation checks
2022-11-28 05:28:18
ValidateIdTokenStandardClaims
sub is a string with content
2022-11-28 05:28:18
ValidateIdTokenStandardClaims
Skipping unknown claim: rat
2022-11-28 05:28:18
ValidateIdTokenStandardClaims
Skipping unknown claim: realmName
2022-11-28 05:28:18
ValidateIdTokenStandardClaims
preferred_username is a string with content
2022-11-28 05:28:18
ValidateIdTokenStandardClaims
name is a string with content
2022-11-28 05:28:18 SUCCESS
ValidateIdTokenStandardClaims
id_token claims are valid
2022-11-28 05:28:18 SUCCESS
ValidateIdTokenNonce
Nonce values match
nonce
lD4ixfAEcX
2022-11-28 05:28:18 SUCCESS
ValidateIdTokenACRClaimAgainstRequest
Nothing to check; the conformance suite did not request an acr claim in request object
2022-11-28 05:28:18 SUCCESS
ValidateIdTokenSignature
id_token signature validated
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF1ZCI6WyJiYzQ2MWJhNC03MjU5LTQ3ZmUtYTQ0OC0zMDg3NDMyMjFmZDQiXSwiYXV0aF90aW1lIjoxNjY5NjEzMDMzLCJjX2hhc2giOiJMSmZPdnhWeV9uM0JEWGN4azNISkJnIiwiZXhwIjoxNjY5NjIwNDk3LCJpYXQiOjE2Njk2MTMyOTcsImlzcyI6Imh0dHBzOi8vb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tL29hdXRoMiIsImp0aSI6ImJlYjQ2Nzk0LTJlNmYtNDJmMS1hOWQ1LTlkZTNmN2MzNDZlNiIsIm5hbWUiOiJJU1YgRGV2Iiwibm9uY2UiOiJsRDRpeGZBRWNYIiwicHJlZmVycmVkX3VzZXJuYW1lIjoiaXN2ZGV2QGlibS5jb20iLCJyYXQiOjE2Njk2MTMyOTMsInJlYWxtTmFtZSI6ImNsb3VkSWRlbnRpdHlSZWFsbSIsInNfaGFzaCI6Iko2Ujk1djBLelNnWnA1VkxoLUVyTUEiLCJzdWIiOiI2MTYwMDE3TjY3In0.HXdJxntEeqexGCsrbK4FPa9RDjCjLSq-0hr_4UNKjeYUyMHUP7b9twtfRzu0Kr0mfl_PxvON9Fi6O6pWKjP0ITgSTgIScfZQS7DgS07thp0-Pn-t0OkqE0AbajM_boawagccOgwNxAUpuCbBSFic8hOT03cGqgxi-5zBcDzYmhxYq1vguzihuLoHZQg4EXVTUvEiOMXmYP-SyCGiJTqPsYdysihDHSdrVc6m15R3Kr0guI8LqnUurSphe1Wwdckx1bg0MXpxRmRzVg15R4h1Yh6WexIzBTHJgmTkDC2OE3F3rtKCAc9w3z5-gmp0q_ksGuCLKzDOlU2npdJXrKN_-w
2022-11-28 05:28:18 SUCCESS
ValidateIdTokenSignatureUsingKid
id_token signature validated
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF1ZCI6WyJiYzQ2MWJhNC03MjU5LTQ3ZmUtYTQ0OC0zMDg3NDMyMjFmZDQiXSwiYXV0aF90aW1lIjoxNjY5NjEzMDMzLCJjX2hhc2giOiJMSmZPdnhWeV9uM0JEWGN4azNISkJnIiwiZXhwIjoxNjY5NjIwNDk3LCJpYXQiOjE2Njk2MTMyOTcsImlzcyI6Imh0dHBzOi8vb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tL29hdXRoMiIsImp0aSI6ImJlYjQ2Nzk0LTJlNmYtNDJmMS1hOWQ1LTlkZTNmN2MzNDZlNiIsIm5hbWUiOiJJU1YgRGV2Iiwibm9uY2UiOiJsRDRpeGZBRWNYIiwicHJlZmVycmVkX3VzZXJuYW1lIjoiaXN2ZGV2QGlibS5jb20iLCJyYXQiOjE2Njk2MTMyOTMsInJlYWxtTmFtZSI6ImNsb3VkSWRlbnRpdHlSZWFsbSIsInNfaGFzaCI6Iko2Ujk1djBLelNnWnA1VkxoLUVyTUEiLCJzdWIiOiI2MTYwMDE3TjY3In0.HXdJxntEeqexGCsrbK4FPa9RDjCjLSq-0hr_4UNKjeYUyMHUP7b9twtfRzu0Kr0mfl_PxvON9Fi6O6pWKjP0ITgSTgIScfZQS7DgS07thp0-Pn-t0OkqE0AbajM_boawagccOgwNxAUpuCbBSFic8hOT03cGqgxi-5zBcDzYmhxYq1vguzihuLoHZQg4EXVTUvEiOMXmYP-SyCGiJTqPsYdysihDHSdrVc6m15R3Kr0guI8LqnUurSphe1Wwdckx1bg0MXpxRmRzVg15R4h1Yh6WexIzBTHJgmTkDC2OE3F3rtKCAc9w3z5-gmp0q_ksGuCLKzDOlU2npdJXrKN_-w
2022-11-28 05:28:18 SUCCESS
CheckForSubjectInIdToken
Found 'sub' in id_token
sub
6160017N67
2022-11-28 05:28:18
EnsureIdTokenUpdatedAtValid
id_token response does not contain 'updated_at'
2022-11-28 05:28:18 INFO
ValidateEncryptedIdTokenHasKid
Skipped evaluation due to missing required element: id_token jwe_header
path
jwe_header
mapped
object
id_token
2022-11-28 05:28:18 SUCCESS
CreateTokenEndpointRequestForAuthorizationCodeGrant
Created token endpoint request
grant_type
authorization_code
code
ywo-uTgw5iEnIQcthsofAhfZOsLdT2uY5oXpvEiHhuk.xhFhnwXfDhfIWkqTk3SlpATJZgst9lePYA9jze3KYJlxKYKOPvS2L9z91aYQTOLwkpfx9WrPF8r_jOo7Etn3Ug
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
2022-11-28 05:28:18 SUCCESS
CreateClientAuthenticationAssertionClaims
Created client assertion claims
iss
bc461ba4-7259-47fe-a448-308743221fd4
sub
bc461ba4-7259-47fe-a448-308743221fd4
aud
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/token
jti
YWmh3b2BjIz149xbAFZ1
iat
1669613298
exp
1669613358
2022-11-28 05:28:18 SUCCESS
SignClientAuthenticationAssertion
Signed the client assertion
client_assertion
eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJiYzQ2MWJhNC03MjU5LTQ3ZmUtYTQ0OC0zMDg3NDMyMjFmZDQiLCJhdWQiOiJodHRwczpcL1wvb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tXC9vYXV0aDJcL3Rva2VuIiwiaXNzIjoiYmM0NjFiYTQtNzI1OS00N2ZlLWE0NDgtMzA4NzQzMjIxZmQ0IiwiZXhwIjoxNjY5NjEzMzU4LCJpYXQiOjE2Njk2MTMyOTgsImp0aSI6IllXbWgzYjJCakl6MTQ5eGJBRloxIn0.DYRPJ6tjURkVLfUhvIthGVJz3VcfyGwsh1TWmqWEVATjX8C4tT-XBSg1HYkBHQTE2FvQbqH7FHnTEmvlSP5U4gGhr0OZBXNEG5YY47Eir7_dpbc2BvJzVhqPDfbIBh-ATUAJjmJEeFIySoUmxsb733a6LEnvXvBU0ZGK1__0AfK8O5_zPST8h7d0tmsjfQx2TH6WXsDzkVHbC0g7mWJknZXMuj6q5CYLWQYdvW2oZURCn13kGLUH-5cwgC3NiGbwwlyIvR6HxNzkaIxbFMY6N39QeKX18fIAr0HWTMOrlo4xYbD69Fiq00VZOyXEZoOeSXJ6qnHf_kW7VIh9PThTvw
2022-11-28 05:28:18
AddClientAssertionToTokenEndpointRequest
Added client assertion
grant_type
authorization_code
code
ywo-uTgw5iEnIQcthsofAhfZOsLdT2uY5oXpvEiHhuk.xhFhnwXfDhfIWkqTk3SlpATJZgst9lePYA9jze3KYJlxKYKOPvS2L9z91aYQTOLwkpfx9WrPF8r_jOo7Etn3Ug
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
client_assertion
eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJiYzQ2MWJhNC03MjU5LTQ3ZmUtYTQ0OC0zMDg3NDMyMjFmZDQiLCJhdWQiOiJodHRwczpcL1wvb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tXC9vYXV0aDJcL3Rva2VuIiwiaXNzIjoiYmM0NjFiYTQtNzI1OS00N2ZlLWE0NDgtMzA4NzQzMjIxZmQ0IiwiZXhwIjoxNjY5NjEzMzU4LCJpYXQiOjE2Njk2MTMyOTgsImp0aSI6IllXbWgzYjJCakl6MTQ5eGJBRloxIn0.DYRPJ6tjURkVLfUhvIthGVJz3VcfyGwsh1TWmqWEVATjX8C4tT-XBSg1HYkBHQTE2FvQbqH7FHnTEmvlSP5U4gGhr0OZBXNEG5YY47Eir7_dpbc2BvJzVhqPDfbIBh-ATUAJjmJEeFIySoUmxsb733a6LEnvXvBU0ZGK1__0AfK8O5_zPST8h7d0tmsjfQx2TH6WXsDzkVHbC0g7mWJknZXMuj6q5CYLWQYdvW2oZURCn13kGLUH-5cwgC3NiGbwwlyIvR6HxNzkaIxbFMY6N39QeKX18fIAr0HWTMOrlo4xYbD69Fiq00VZOyXEZoOeSXJ6qnHf_kW7VIh9PThTvw
client_assertion_type
urn:ietf:params:oauth:client-assertion-type:jwt-bearer
2022-11-28 05:28:18
CallTokenEndpoint
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/token
request_method
POST
request_headers
{
  "accept": "application/json",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "1051"
}
request_body
grant_type=authorization_code&code=ywo-uTgw5iEnIQcthsofAhfZOsLdT2uY5oXpvEiHhuk.xhFhnwXfDhfIWkqTk3SlpATJZgst9lePYA9jze3KYJlxKYKOPvS2L9z91aYQTOLwkpfx9WrPF8r_jOo7Etn3Ug&redirect_uri=https%3A%2F%2Fwww.certification.openid.net%2Ftest%2Fa%2Fisv_op_oidc_core_test%2Fcallback&client_assertion=eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJiYzQ2MWJhNC03MjU5LTQ3ZmUtYTQ0OC0zMDg3NDMyMjFmZDQiLCJhdWQiOiJodHRwczpcL1wvb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tXC9vYXV0aDJcL3Rva2VuIiwiaXNzIjoiYmM0NjFiYTQtNzI1OS00N2ZlLWE0NDgtMzA4NzQzMjIxZmQ0IiwiZXhwIjoxNjY5NjEzMzU4LCJpYXQiOjE2Njk2MTMyOTgsImp0aSI6IllXbWgzYjJCakl6MTQ5eGJBRloxIn0.DYRPJ6tjURkVLfUhvIthGVJz3VcfyGwsh1TWmqWEVATjX8C4tT-XBSg1HYkBHQTE2FvQbqH7FHnTEmvlSP5U4gGhr0OZBXNEG5YY47Eir7_dpbc2BvJzVhqPDfbIBh-ATUAJjmJEeFIySoUmxsb733a6LEnvXvBU0ZGK1__0AfK8O5_zPST8h7d0tmsjfQx2TH6WXsDzkVHbC0g7mWJknZXMuj6q5CYLWQYdvW2oZURCn13kGLUH-5cwgC3NiGbwwlyIvR6HxNzkaIxbFMY6N39QeKX18fIAr0HWTMOrlo4xYbD69Fiq00VZOyXEZoOeSXJ6qnHf_kW7VIh9PThTvw&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer
2022-11-28 05:28:18 RESPONSE
CallTokenEndpoint
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AKdf51c4ce-6afa-45ac-84eb-3dc8d29462a0",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c281638446f221a522b5",
  "content-length": "1498",
  "date": "Mon, 28 Nov 2022 05:28:18 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:zEUr80mN64ixUphDiZA+dIo1kH0l3rq54MfJqHSc/uo\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:57871319; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003dF9FB7A179883E10619AA3DDF3645DB59~-1~YAAQXXYGF80644SEAQAAtSS1vAhvlOjYM4yRP7pu3tIwYDx+TNgq5zQt+XmnccGMmnUFNJwDF6EhG26eYaRcC0aFi4fa4mE9dQB2ygF6gT59sp/EuVTwcNawhJTZjq5UbXUIAHuMBEPnW4nJgp1gGcZJ+KwSiplcnEgXvYJptmHdopyzDu5xHTu63AJOqRVLNuoZsPBPp0iMXLxhoGKpmUj8T7quvlaumbXojWPONxLLG/jpVIFQd+MT6B8schLlMlZ5DFy32H3tZR8Vfc/cezBx7P8H29+9Hk6F3DdXQLcrke87nqbfrQVLXD5xfQXR/41V8N5K5aRLkz6c55HAdSrrHRMoa0d66oTh+0S4Fzozg6MJ5jLA8lO4TMQ89zsFDWjHWD0\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 05:28:18 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d7A6F7115867DA171DB21DE1BA6CED1D1~YAAQXXYGF84644SEAQAAtSS1vBFAGwmUJX7zM60/zrFojo1we19U89uAMjLmgq6wJHZzBVOoenn+qQZDZA3KjGRyBj50KzBGJdhEPMmgvFqB2cZOmJ+toEn3fE+TFcVVCIFzBI2K5QtCNXbJ7EU36h8rRZyururTkNbgeR630x35ipjb/jw4FOVrfbN3kTS1i+LMM17gQ6N4AYOv63HahnkvZJMnfOKSwHqFtiSyiqsa/siBri3Vw/VGhYsHj0Iq1CBMZwFKLJShlXysK+woFHPZ6oFk4a1kFPrxzd0fvL17Sc36gsq4QU4e5O9m~4273461~3491124; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 09:28:18 GMT; Max-Age\u003d14400; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d133",
    "origin; dur\u003d402"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"access_token":"YaMR0IFCgPr-sBe8yeGBg1-qcncjB1nT8IVmZKuwnL8.aiUtlf_XVs3yMuJ3JqAFaARk_KXJ45NGrOjpCtOrZQwcCfpspciisrO6-JIybsTGS88GncYXu8qWpsKMN85-LA.M18xNjY5NjEzMjk4XzE4","expires_in":7200,"id_token":"eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJSY2RoNUxCdWRINTRSTW9MMzZZd0RBIiwiYXVkIjpbImJjNDYxYmE0LTcyNTktNDdmZS1hNDQ4LTMwODc0MzIyMWZkNCJdLCJhdXRoX3RpbWUiOjE2Njk2MTMwMzMsImV4cCI6MTY2OTYyMDQ5OCwiaWF0IjoxNjY5NjEzMjk4LCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiI4NzE4NmYwMS04YjYwLTRmN2YtYWRkZC00NTQ0YWZkODE1NjYiLCJuYW1lIjoiSVNWIERldiIsIm5vbmNlIjoibEQ0aXhmQUVjWCIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NjEzMjkzLCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoieTVYTmhRYTRnSjN4NkwwSXFNZEVTZyIsInNfaGFzaCI6Iko2Ujk1djBLelNnWnA1VkxoLUVyTUEiLCJzdWIiOiI2MTYwMDE3TjY3In0.YeLehZT7oOSa8uowyu5iLqghVnbOd7BtA0EQE4aXSoGksiBYvwrjiEkEP9OwOjqamtcKaI-MXSQMZXuudd180DaSdzR3cBmG8r9w8OVuui2fg_9XHltlDtbn_wb527KrHekI40dSvajgjwvt-deqYCbVwCu3DSL79kxTnX8h5X8TfUAT0Bv15m_fntuDLdi8UtfMWgoW5XBpV9wYVwb52iX_deQhh41NrwCoNG5tN99ojkve9VNUZq5x8W2YySV1toCvNi055hNvaGqHIn_FobCuYeVS_Ouo3Zf83aDSKvci7KRwAGTe9gmlsxUoJlG6fQx9lUgkYc8hz2jEpeb7yA","refresh_token":"z4rYCfylnB3cH1_JWU1-hAstA9G4k8xu_YSbTLRE3rs.yIYRcH8QuPdYTp0g7uauLnQRrLRW1XJocgHNBH0SPTEx-QtIr-oEgdFkFxoszpvytCttVLkiDq0KJj4G2jESFw.M18xNjY5NjEzMjk4XzE4","scope":"openid","token_type":"bearer"}
2022-11-28 05:28:18 SUCCESS
CallTokenEndpoint
Parsed token endpoint response
access_token
YaMR0IFCgPr-sBe8yeGBg1-qcncjB1nT8IVmZKuwnL8.aiUtlf_XVs3yMuJ3JqAFaARk_KXJ45NGrOjpCtOrZQwcCfpspciisrO6-JIybsTGS88GncYXu8qWpsKMN85-LA.M18xNjY5NjEzMjk4XzE4
expires_in
7200
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJSY2RoNUxCdWRINTRSTW9MMzZZd0RBIiwiYXVkIjpbImJjNDYxYmE0LTcyNTktNDdmZS1hNDQ4LTMwODc0MzIyMWZkNCJdLCJhdXRoX3RpbWUiOjE2Njk2MTMwMzMsImV4cCI6MTY2OTYyMDQ5OCwiaWF0IjoxNjY5NjEzMjk4LCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiI4NzE4NmYwMS04YjYwLTRmN2YtYWRkZC00NTQ0YWZkODE1NjYiLCJuYW1lIjoiSVNWIERldiIsIm5vbmNlIjoibEQ0aXhmQUVjWCIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NjEzMjkzLCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoieTVYTmhRYTRnSjN4NkwwSXFNZEVTZyIsInNfaGFzaCI6Iko2Ujk1djBLelNnWnA1VkxoLUVyTUEiLCJzdWIiOiI2MTYwMDE3TjY3In0.YeLehZT7oOSa8uowyu5iLqghVnbOd7BtA0EQE4aXSoGksiBYvwrjiEkEP9OwOjqamtcKaI-MXSQMZXuudd180DaSdzR3cBmG8r9w8OVuui2fg_9XHltlDtbn_wb527KrHekI40dSvajgjwvt-deqYCbVwCu3DSL79kxTnX8h5X8TfUAT0Bv15m_fntuDLdi8UtfMWgoW5XBpV9wYVwb52iX_deQhh41NrwCoNG5tN99ojkve9VNUZq5x8W2YySV1toCvNi055hNvaGqHIn_FobCuYeVS_Ouo3Zf83aDSKvci7KRwAGTe9gmlsxUoJlG6fQx9lUgkYc8hz2jEpeb7yA
refresh_token
z4rYCfylnB3cH1_JWU1-hAstA9G4k8xu_YSbTLRE3rs.yIYRcH8QuPdYTp0g7uauLnQRrLRW1XJocgHNBH0SPTEx-QtIr-oEgdFkFxoszpvytCttVLkiDq0KJj4G2jESFw.M18xNjY5NjEzMjk4XzE4
scope
openid
token_type
bearer
2022-11-28 05:28:18 SUCCESS
CheckIfTokenEndpointResponseError
No error from token endpoint
2022-11-28 05:28:18 SUCCESS
CheckForAccessTokenValue
Found an access token
access_token
YaMR0IFCgPr-sBe8yeGBg1-qcncjB1nT8IVmZKuwnL8.aiUtlf_XVs3yMuJ3JqAFaARk_KXJ45NGrOjpCtOrZQwcCfpspciisrO6-JIybsTGS88GncYXu8qWpsKMN85-LA.M18xNjY5NjEzMjk4XzE4
2022-11-28 05:28:18 SUCCESS
ExtractAccessTokenFromTokenResponse
Extracted the access token
value
YaMR0IFCgPr-sBe8yeGBg1-qcncjB1nT8IVmZKuwnL8.aiUtlf_XVs3yMuJ3JqAFaARk_KXJ45NGrOjpCtOrZQwcCfpspciisrO6-JIybsTGS88GncYXu8qWpsKMN85-LA.M18xNjY5NjEzMjk4XzE4
type
bearer
2022-11-28 05:28:18 SUCCESS
ExtractExpiresInFromTokenEndpointResponse
Extracted 'expires_in'
expires_in
7200
2022-11-28 05:28:18 SUCCESS
ValidateExpiresIn
expires_in passed all validation checks
expires_in
7200
2022-11-28 05:28:18 SUCCESS
CheckForRefreshTokenValue
Found a refresh token
refresh_token
z4rYCfylnB3cH1_JWU1-hAstA9G4k8xu_YSbTLRE3rs.yIYRcH8QuPdYTp0g7uauLnQRrLRW1XJocgHNBH0SPTEx-QtIr-oEgdFkFxoszpvytCttVLkiDq0KJj4G2jESFw.M18xNjY5NjEzMjk4XzE4
2022-11-28 05:28:18 SUCCESS
ExtractIdTokenFromTokenResponse
Found and parsed the id_token from token_endpoint_response
value
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJSY2RoNUxCdWRINTRSTW9MMzZZd0RBIiwiYXVkIjpbImJjNDYxYmE0LTcyNTktNDdmZS1hNDQ4LTMwODc0MzIyMWZkNCJdLCJhdXRoX3RpbWUiOjE2Njk2MTMwMzMsImV4cCI6MTY2OTYyMDQ5OCwiaWF0IjoxNjY5NjEzMjk4LCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiI4NzE4NmYwMS04YjYwLTRmN2YtYWRkZC00NTQ0YWZkODE1NjYiLCJuYW1lIjoiSVNWIERldiIsIm5vbmNlIjoibEQ0aXhmQUVjWCIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NjEzMjkzLCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoieTVYTmhRYTRnSjN4NkwwSXFNZEVTZyIsInNfaGFzaCI6Iko2Ujk1djBLelNnWnA1VkxoLUVyTUEiLCJzdWIiOiI2MTYwMDE3TjY3In0.YeLehZT7oOSa8uowyu5iLqghVnbOd7BtA0EQE4aXSoGksiBYvwrjiEkEP9OwOjqamtcKaI-MXSQMZXuudd180DaSdzR3cBmG8r9w8OVuui2fg_9XHltlDtbn_wb527KrHekI40dSvajgjwvt-deqYCbVwCu3DSL79kxTnX8h5X8TfUAT0Bv15m_fntuDLdi8UtfMWgoW5XBpV9wYVwb52iX_deQhh41NrwCoNG5tN99ojkve9VNUZq5x8W2YySV1toCvNi055hNvaGqHIn_FobCuYeVS_Ouo3Zf83aDSKvci7KRwAGTe9gmlsxUoJlG6fQx9lUgkYc8hz2jEpeb7yA
header
{
  "kid": "server",
  "alg": "RS256"
}
claims
{
  "at_hash": "Rcdh5LBudH54RMoL36YwDA",
  "sub": "6160017N67",
  "rat": 1669613293,
  "realmName": "cloudIdentityRealm",
  "amr": [
    "password"
  ],
  "iss": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "preferred_username": "isvdev@ibm.com",
  "nonce": "lD4ixfAEcX",
  "rt_hash": "y5XNhQa4gJ3x6L0IqMdESg",
  "acr": "urn:ibm:security:policy:id:1",
  "aud": "bc461ba4-7259-47fe-a448-308743221fd4",
  "s_hash": "J6R95v0KzSgZp5VLh-ErMA",
  "auth_time": 1669613033,
  "name": "ISV Dev",
  "exp": 1669620498,
  "iat": 1669613298,
  "jti": "87186f01-8b60-4f7f-addd-4544afd81566"
}
2022-11-28 05:28:18 SUCCESS
ValidateIdToken
ID token iss, aud, exp, iat, auth_time, acr & nbf claims passed validation checks
2022-11-28 05:28:18
ValidateIdTokenStandardClaims
sub is a string with content
2022-11-28 05:28:18
ValidateIdTokenStandardClaims
Skipping unknown claim: rat
2022-11-28 05:28:18
ValidateIdTokenStandardClaims
Skipping unknown claim: realmName
2022-11-28 05:28:18
ValidateIdTokenStandardClaims
preferred_username is a string with content
2022-11-28 05:28:18
ValidateIdTokenStandardClaims
Skipping unknown claim: rt_hash
2022-11-28 05:28:18
ValidateIdTokenStandardClaims
name is a string with content
2022-11-28 05:28:18 SUCCESS
ValidateIdTokenStandardClaims
id_token claims are valid
2022-11-28 05:28:18 SUCCESS
ValidateIdTokenNonce
Nonce values match
nonce
lD4ixfAEcX
2022-11-28 05:28:18 SUCCESS
ValidateIdTokenACRClaimAgainstRequest
Nothing to check; the conformance suite did not request an acr claim in request object
2022-11-28 05:28:18 SUCCESS
ValidateIdTokenSignature
id_token signature validated
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJSY2RoNUxCdWRINTRSTW9MMzZZd0RBIiwiYXVkIjpbImJjNDYxYmE0LTcyNTktNDdmZS1hNDQ4LTMwODc0MzIyMWZkNCJdLCJhdXRoX3RpbWUiOjE2Njk2MTMwMzMsImV4cCI6MTY2OTYyMDQ5OCwiaWF0IjoxNjY5NjEzMjk4LCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiI4NzE4NmYwMS04YjYwLTRmN2YtYWRkZC00NTQ0YWZkODE1NjYiLCJuYW1lIjoiSVNWIERldiIsIm5vbmNlIjoibEQ0aXhmQUVjWCIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NjEzMjkzLCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoieTVYTmhRYTRnSjN4NkwwSXFNZEVTZyIsInNfaGFzaCI6Iko2Ujk1djBLelNnWnA1VkxoLUVyTUEiLCJzdWIiOiI2MTYwMDE3TjY3In0.YeLehZT7oOSa8uowyu5iLqghVnbOd7BtA0EQE4aXSoGksiBYvwrjiEkEP9OwOjqamtcKaI-MXSQMZXuudd180DaSdzR3cBmG8r9w8OVuui2fg_9XHltlDtbn_wb527KrHekI40dSvajgjwvt-deqYCbVwCu3DSL79kxTnX8h5X8TfUAT0Bv15m_fntuDLdi8UtfMWgoW5XBpV9wYVwb52iX_deQhh41NrwCoNG5tN99ojkve9VNUZq5x8W2YySV1toCvNi055hNvaGqHIn_FobCuYeVS_Ouo3Zf83aDSKvci7KRwAGTe9gmlsxUoJlG6fQx9lUgkYc8hz2jEpeb7yA
2022-11-28 05:28:18 SUCCESS
ValidateIdTokenSignatureUsingKid
id_token signature validated
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJSY2RoNUxCdWRINTRSTW9MMzZZd0RBIiwiYXVkIjpbImJjNDYxYmE0LTcyNTktNDdmZS1hNDQ4LTMwODc0MzIyMWZkNCJdLCJhdXRoX3RpbWUiOjE2Njk2MTMwMzMsImV4cCI6MTY2OTYyMDQ5OCwiaWF0IjoxNjY5NjEzMjk4LCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiI4NzE4NmYwMS04YjYwLTRmN2YtYWRkZC00NTQ0YWZkODE1NjYiLCJuYW1lIjoiSVNWIERldiIsIm5vbmNlIjoibEQ0aXhmQUVjWCIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NjEzMjkzLCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoieTVYTmhRYTRnSjN4NkwwSXFNZEVTZyIsInNfaGFzaCI6Iko2Ujk1djBLelNnWnA1VkxoLUVyTUEiLCJzdWIiOiI2MTYwMDE3TjY3In0.YeLehZT7oOSa8uowyu5iLqghVnbOd7BtA0EQE4aXSoGksiBYvwrjiEkEP9OwOjqamtcKaI-MXSQMZXuudd180DaSdzR3cBmG8r9w8OVuui2fg_9XHltlDtbn_wb527KrHekI40dSvajgjwvt-deqYCbVwCu3DSL79kxTnX8h5X8TfUAT0Bv15m_fntuDLdi8UtfMWgoW5XBpV9wYVwb52iX_deQhh41NrwCoNG5tN99ojkve9VNUZq5x8W2YySV1toCvNi055hNvaGqHIn_FobCuYeVS_Ouo3Zf83aDSKvci7KRwAGTe9gmlsxUoJlG6fQx9lUgkYc8hz2jEpeb7yA
2022-11-28 05:28:18 SUCCESS
CheckForSubjectInIdToken
Found 'sub' in id_token
sub
6160017N67
2022-11-28 05:28:18
EnsureIdTokenUpdatedAtValid
id_token response does not contain 'updated_at'
2022-11-28 05:28:18 INFO
ValidateEncryptedIdTokenHasKid
Skipped evaluation due to missing required element: id_token jwe_header
path
jwe_header
mapped
object
id_token
2022-11-28 05:28:18 SUCCESS
VerifyIdTokenSubConsistentHybridFlow
authorization endpoint and token endpoint id_token have same sub
sub_auth_endpoint
6160017N67
sub_token_endpoint
6160017N67
2022-11-28 05:28:18 SUCCESS
ExtractRefreshTokenFromTokenResponse
Extracted refresh token from response
refresh_token
z4rYCfylnB3cH1_JWU1-hAstA9G4k8xu_YSbTLRE3rs.yIYRcH8QuPdYTp0g7uauLnQRrLRW1XJocgHNBH0SPTEx-QtIr-oEgdFkFxoszpvytCttVLkiDq0KJj4G2jESFw.M18xNjY5NjEzMjk4XzE4
2022-11-28 05:28:18 SUCCESS
EnsureServerConfigurationSupportsRefreshToken
The server configuration indicates support for refresh tokens
supported_grant_types
[
  "authorization_code",
  "implicit",
  "password",
  "refresh_token",
  "client_credentials"
]
2022-11-28 05:28:18 SUCCESS
EnsureRefreshTokenContainsAllowedCharactersOnly
Refresh token does not contain any illegal characters
Second client: Refresh Token Request
2022-11-28 05:28:18 SUCCESS
CreateRefreshTokenRequest
Created token endpoint request parameters
grant_type
refresh_token
refresh_token
z4rYCfylnB3cH1_JWU1-hAstA9G4k8xu_YSbTLRE3rs.yIYRcH8QuPdYTp0g7uauLnQRrLRW1XJocgHNBH0SPTEx-QtIr-oEgdFkFxoszpvytCttVLkiDq0KJj4G2jESFw.M18xNjY5NjEzMjk4XzE4
2022-11-28 05:28:18 SUCCESS
CreateClientAuthenticationAssertionClaims
Created client assertion claims
iss
bc461ba4-7259-47fe-a448-308743221fd4
sub
bc461ba4-7259-47fe-a448-308743221fd4
aud
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/token
jti
Itb1oOx2PccKYSFROST7
iat
1669613298
exp
1669613358
2022-11-28 05:28:18 SUCCESS
SignClientAuthenticationAssertion
Signed the client assertion
client_assertion
eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJiYzQ2MWJhNC03MjU5LTQ3ZmUtYTQ0OC0zMDg3NDMyMjFmZDQiLCJhdWQiOiJodHRwczpcL1wvb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tXC9vYXV0aDJcL3Rva2VuIiwiaXNzIjoiYmM0NjFiYTQtNzI1OS00N2ZlLWE0NDgtMzA4NzQzMjIxZmQ0IiwiZXhwIjoxNjY5NjEzMzU4LCJpYXQiOjE2Njk2MTMyOTgsImp0aSI6Ikl0YjFvT3gyUGNjS1lTRlJPU1Q3In0.Q1bobhcee9Snv_e0ZU8zCsy-gJ7Jy1PPgFGckLP18SkH2BrGLgWZ7O-cICsEM0YccQw7N7iKowSM5jKx5T7x_Qx30sLqko6uV8sS6tS48tfzaWUr7ryEoK8hJklJaP-4lgiuz1xde66l7IpL8aMFByJ4zP2fLHBUw_KBxn4bovknQVMRtjAuqYyM04SdEXYh0RxrMt0VeXdhS2DJFaWCKLOExjbUiVQOcNbZsyq9uU16a-zHAiG_W9f7B7geNVxvUz05oGbMXrJiBF0DLELEOOahRu93E6HOqdDsnbe2wa4FEeMoTF_PavOwjvtRJy7ensAvEul6lR92bv8U9jV_BQ
2022-11-28 05:28:18
AddClientAssertionToTokenEndpointRequest
Added client assertion
grant_type
refresh_token
refresh_token
z4rYCfylnB3cH1_JWU1-hAstA9G4k8xu_YSbTLRE3rs.yIYRcH8QuPdYTp0g7uauLnQRrLRW1XJocgHNBH0SPTEx-QtIr-oEgdFkFxoszpvytCttVLkiDq0KJj4G2jESFw.M18xNjY5NjEzMjk4XzE4
client_assertion
eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJiYzQ2MWJhNC03MjU5LTQ3ZmUtYTQ0OC0zMDg3NDMyMjFmZDQiLCJhdWQiOiJodHRwczpcL1wvb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tXC9vYXV0aDJcL3Rva2VuIiwiaXNzIjoiYmM0NjFiYTQtNzI1OS00N2ZlLWE0NDgtMzA4NzQzMjIxZmQ0IiwiZXhwIjoxNjY5NjEzMzU4LCJpYXQiOjE2Njk2MTMyOTgsImp0aSI6Ikl0YjFvT3gyUGNjS1lTRlJPU1Q3In0.Q1bobhcee9Snv_e0ZU8zCsy-gJ7Jy1PPgFGckLP18SkH2BrGLgWZ7O-cICsEM0YccQw7N7iKowSM5jKx5T7x_Qx30sLqko6uV8sS6tS48tfzaWUr7ryEoK8hJklJaP-4lgiuz1xde66l7IpL8aMFByJ4zP2fLHBUw_KBxn4bovknQVMRtjAuqYyM04SdEXYh0RxrMt0VeXdhS2DJFaWCKLOExjbUiVQOcNbZsyq9uU16a-zHAiG_W9f7B7geNVxvUz05oGbMXrJiBF0DLELEOOahRu93E6HOqdDsnbe2wa4FEeMoTF_PavOwjvtRJy7ensAvEul6lR92bv8U9jV_BQ
client_assertion_type
urn:ietf:params:oauth:client-assertion-type:jwt-bearer
2022-11-28 05:28:18 SUCCESS
WaitForOneSecond
Pausing for 1 seconds
2022-11-28 05:28:19 SUCCESS
WaitForOneSecond
Woke up after 1 seconds sleep
2022-11-28 05:28:19
CallTokenEndpointAndReturnFullResponse
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/token
request_method
POST
request_headers
{
  "accept": "application/json",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "974"
}
request_body
grant_type=refresh_token&refresh_token=z4rYCfylnB3cH1_JWU1-hAstA9G4k8xu_YSbTLRE3rs.yIYRcH8QuPdYTp0g7uauLnQRrLRW1XJocgHNBH0SPTEx-QtIr-oEgdFkFxoszpvytCttVLkiDq0KJj4G2jESFw.M18xNjY5NjEzMjk4XzE4&client_assertion=eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJiYzQ2MWJhNC03MjU5LTQ3ZmUtYTQ0OC0zMDg3NDMyMjFmZDQiLCJhdWQiOiJodHRwczpcL1wvb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tXC9vYXV0aDJcL3Rva2VuIiwiaXNzIjoiYmM0NjFiYTQtNzI1OS00N2ZlLWE0NDgtMzA4NzQzMjIxZmQ0IiwiZXhwIjoxNjY5NjEzMzU4LCJpYXQiOjE2Njk2MTMyOTgsImp0aSI6Ikl0YjFvT3gyUGNjS1lTRlJPU1Q3In0.Q1bobhcee9Snv_e0ZU8zCsy-gJ7Jy1PPgFGckLP18SkH2BrGLgWZ7O-cICsEM0YccQw7N7iKowSM5jKx5T7x_Qx30sLqko6uV8sS6tS48tfzaWUr7ryEoK8hJklJaP-4lgiuz1xde66l7IpL8aMFByJ4zP2fLHBUw_KBxn4bovknQVMRtjAuqYyM04SdEXYh0RxrMt0VeXdhS2DJFaWCKLOExjbUiVQOcNbZsyq9uU16a-zHAiG_W9f7B7geNVxvUz05oGbMXrJiBF0DLELEOOahRu93E6HOqdDsnbe2wa4FEeMoTF_PavOwjvtRJy7ensAvEul6lR92bv8U9jV_BQ&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer
2022-11-28 05:28:20 RESPONSE
CallTokenEndpointAndReturnFullResponse
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AKc480fa00-d314-4907-8360-8efa8357c2f8",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c281638446f421a54f45",
  "content-length": "1425",
  "date": "Mon, 28 Nov 2022 05:28:20 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:A73ZMjhxYL2p+hKM056vwmSXbsfuo4QcPXO8qO6n9gA\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:61017047; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d14CAF3F7E787BDCF55BABCA77DFE92F2~-1~YAAQXXYGFwk744SEAQAAHSu1vAgH2Te8TogpRnbzFJMvqVONw996+K7ZgJtpu8GyQruxb/bq5VQz40MdN0+REB4eFh8VmyXLHLX5EBbci5KPo/Lh0fB19E6RwDFVMqn0rleGcJI5EGDcawL5Cod3n7p0sRhYsnJJalKAE4rLF5xtRr+KKgDl/8Y9WbdaEeBg6Uwgm1+lMmvWhKCOeer1J11W9PqA/YOwbSeuZx2xfgreSMB3ZbeHPrp+dffFPP+fs9TR/+dLqZ+wNPc6EniPUSTkzYgLAgHiE9dobQme2RX8ypMT2lqWOoSffWSkIlIJtAre6SbLplHsQOjfCaGElaofiPx/m84gbhO2k8LkI/l6Nh1AQRAmUPuNv65D+M+C0JepzHs\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 05:28:20 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003dB5D130D004EF7CD93D463D6C0F77E027~YAAQXXYGFwo744SEAQAAHSu1vBGgWRPGcrRMsNDlO7CEv3eEHu9B8k4p4QpbRDhPuwis8J7zuM1Fgt3ESeLRA7T+SrtRuP6WaYWwK1tUMhMYHwIkAWuaBqZS85RXHLZ5KEZ9dtP/M4zQlIR/sDzNMXis3DN3YhKd9ilE61yUbS0taGYnP5wA2E4Yev6wVGGt39ey1t4GTcbsqukLR+2HkGckTml+chQKNun71Eoijm+5fUpo+MZ3ESdNRpuAy5+4oKDeHJIfO6J8zJZL2ECGq4yNaQNnXwO9/0F4I5Rz2QUNqIA1YOzVtAzPcxL3~3621953~3556660; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 09:28:19 GMT; Max-Age\u003d14399; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d119",
    "origin; dur\u003d436"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"access_token":"nUQwJBlolrZmfV1pQbt5ZQLRDqCrZu7SU0ybJLBiT4c.2bTGpTi22dJV2VjIWt9UHrOE7y0VM24l2IqdCBu1tr4lza4NJhS28NTYiEezBNpmkQHsTTcXQ1Bqhy5qfmfsew.M18xNjY5NjEzMzAwXzE4","expires_in":7199,"id_token":"eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiI2czA2RVNycXBHU0NDc2hpYkV4RHZBIiwiYXVkIjpbImJjNDYxYmE0LTcyNTktNDdmZS1hNDQ4LTMwODc0MzIyMWZkNCJdLCJhdXRoX3RpbWUiOjE2Njk2MTMwMzMsImV4cCI6MTY2OTYyMDUwMCwiaWF0IjoxNjY5NjEzMzAwLCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiJlM2ZiMzI0Ny03YzlhLTRhNDItYWI0My04OWVjOTVhN2FlZjQiLCJuYW1lIjoiSVNWIERldiIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NjEzMjkzLCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoiV0tsaWRFOEVpLUJvRkVncXNEV0JFdyIsInN1YiI6IjYxNjAwMTdONjcifQ.HfYJoXtZZpZ7i_wv6cUdKV69k47jhrD7jNBjqwQHui2I4eUCWDZMkXo3lcetRfmfb8pMb89TU-bPtXfDMelP_5K7Q-mM-9PIQgYkasDAcb-Z1xVGt1MuL6T4j4DYWFoB-9PGXwl5o-1S0spGJG8WSAif-IC-u3gT0WkZd4z5vfKWjhv9kzBPE9lFCXWPspHix6h7rWmtns-oLrY29UR6egUE-4sSrmdAoIQy3POpJzpOOFSRILd2U2-kN9K-vz7UMJvZRP9aaTDCfKAvSCVD17AywplDrwq07Mg35lvoVaKV-T9XlmUOsOVL1ojBK30zgaZdv2KblWeU_HFoNW6B8w","refresh_token":"BjfRvUxiaicXXzQv7dR-msIai8W7NkKJ9FjY0wIllJ4.W7xv2OZgMmZ0pqe1FCGneD5Na5skQR9jhwd-D0hcMLHZFlAAZ0vQuSLu9lK7KcdW0ovlLonWw9LiQmR5Zifyrg.M18xNjY5NjEzMzAwXzE4","scope":"openid","token_type":"bearer"}
2022-11-28 05:28:20 SUCCESS
CallTokenEndpointAndReturnFullResponse
Parsed token endpoint response
access_token
nUQwJBlolrZmfV1pQbt5ZQLRDqCrZu7SU0ybJLBiT4c.2bTGpTi22dJV2VjIWt9UHrOE7y0VM24l2IqdCBu1tr4lza4NJhS28NTYiEezBNpmkQHsTTcXQ1Bqhy5qfmfsew.M18xNjY5NjEzMzAwXzE4
expires_in
7199
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiI2czA2RVNycXBHU0NDc2hpYkV4RHZBIiwiYXVkIjpbImJjNDYxYmE0LTcyNTktNDdmZS1hNDQ4LTMwODc0MzIyMWZkNCJdLCJhdXRoX3RpbWUiOjE2Njk2MTMwMzMsImV4cCI6MTY2OTYyMDUwMCwiaWF0IjoxNjY5NjEzMzAwLCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiJlM2ZiMzI0Ny03YzlhLTRhNDItYWI0My04OWVjOTVhN2FlZjQiLCJuYW1lIjoiSVNWIERldiIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NjEzMjkzLCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoiV0tsaWRFOEVpLUJvRkVncXNEV0JFdyIsInN1YiI6IjYxNjAwMTdONjcifQ.HfYJoXtZZpZ7i_wv6cUdKV69k47jhrD7jNBjqwQHui2I4eUCWDZMkXo3lcetRfmfb8pMb89TU-bPtXfDMelP_5K7Q-mM-9PIQgYkasDAcb-Z1xVGt1MuL6T4j4DYWFoB-9PGXwl5o-1S0spGJG8WSAif-IC-u3gT0WkZd4z5vfKWjhv9kzBPE9lFCXWPspHix6h7rWmtns-oLrY29UR6egUE-4sSrmdAoIQy3POpJzpOOFSRILd2U2-kN9K-vz7UMJvZRP9aaTDCfKAvSCVD17AywplDrwq07Mg35lvoVaKV-T9XlmUOsOVL1ojBK30zgaZdv2KblWeU_HFoNW6B8w
refresh_token
BjfRvUxiaicXXzQv7dR-msIai8W7NkKJ9FjY0wIllJ4.W7xv2OZgMmZ0pqe1FCGneD5Na5skQR9jhwd-D0hcMLHZFlAAZ0vQuSLu9lK7KcdW0ovlLonWw9LiQmR5Zifyrg.M18xNjY5NjEzMzAwXzE4
scope
openid
token_type
bearer
2022-11-28 05:28:20 SUCCESS
CheckTokenEndpointHttpStatus200
Token endpoint http status code was 200
2022-11-28 05:28:20 SUCCESS
CheckTokenEndpointReturnedJsonContentType
token_endpoint_response_headers Content-Type: header is application/json
2022-11-28 05:28:20 SUCCESS
CheckTokenEndpointCacheHeaders
'cache-control' header in token endpoint response contains expected value.
cache_control_header
no-store
2022-11-28 05:28:20 SUCCESS
CheckIfTokenEndpointResponseError
No error from token endpoint
2022-11-28 05:28:20 SUCCESS
ExtractAccessTokenFromTokenResponse
Extracted the access token
value
nUQwJBlolrZmfV1pQbt5ZQLRDqCrZu7SU0ybJLBiT4c.2bTGpTi22dJV2VjIWt9UHrOE7y0VM24l2IqdCBu1tr4lza4NJhS28NTYiEezBNpmkQHsTTcXQ1Bqhy5qfmfsew.M18xNjY5NjEzMzAwXzE4
type
bearer
2022-11-28 05:28:20 SUCCESS
CheckTokenTypeIsBearer
Token type is bearer
2022-11-28 05:28:20 SUCCESS
EnsureMinimumAccessTokenEntropy
Calculated shannon entropy seems sufficient
actual
847.9761162790477
expected
96.0
value
nUQwJBlolrZmfV1pQbt5ZQLRDqCrZu7SU0ybJLBiT4c.2bTGpTi22dJV2VjIWt9UHrOE7y0VM24l2IqdCBu1tr4lza4NJhS28NTYiEezBNpmkQHsTTcXQ1Bqhy5qfmfsew.M18xNjY5NjEzMzAwXzE4
2022-11-28 05:28:20 SUCCESS
EnsureAccessTokenContainsAllowedCharactersOnly
Access token does not contain any illegal characters
2022-11-28 05:28:20 SUCCESS
ExtractExpiresInFromTokenEndpointResponse
Extracted 'expires_in'
expires_in
7199
2022-11-28 05:28:20 SUCCESS
ValidateExpiresIn
expires_in passed all validation checks
expires_in
7199
2022-11-28 05:28:20 SUCCESS
EnsureAccessTokenValuesAreDifferent
Access token values are not the same
first_access_token
YaMR0IFCgPr-sBe8yeGBg1-qcncjB1nT8IVmZKuwnL8.aiUtlf_XVs3yMuJ3JqAFaARk_KXJ45NGrOjpCtOrZQwcCfpspciisrO6-JIybsTGS88GncYXu8qWpsKMN85-LA.M18xNjY5NjEzMjk4XzE4
second_access_token
nUQwJBlolrZmfV1pQbt5ZQLRDqCrZu7SU0ybJLBiT4c.2bTGpTi22dJV2VjIWt9UHrOE7y0VM24l2IqdCBu1tr4lza4NJhS28NTYiEezBNpmkQHsTTcXQ1Bqhy5qfmfsew.M18xNjY5NjEzMzAwXzE4
2022-11-28 05:28:20 SUCCESS
ExtractIdTokenFromTokenResponse
Found and parsed the id_token from token_endpoint_response
value
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiI2czA2RVNycXBHU0NDc2hpYkV4RHZBIiwiYXVkIjpbImJjNDYxYmE0LTcyNTktNDdmZS1hNDQ4LTMwODc0MzIyMWZkNCJdLCJhdXRoX3RpbWUiOjE2Njk2MTMwMzMsImV4cCI6MTY2OTYyMDUwMCwiaWF0IjoxNjY5NjEzMzAwLCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiJlM2ZiMzI0Ny03YzlhLTRhNDItYWI0My04OWVjOTVhN2FlZjQiLCJuYW1lIjoiSVNWIERldiIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NjEzMjkzLCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoiV0tsaWRFOEVpLUJvRkVncXNEV0JFdyIsInN1YiI6IjYxNjAwMTdONjcifQ.HfYJoXtZZpZ7i_wv6cUdKV69k47jhrD7jNBjqwQHui2I4eUCWDZMkXo3lcetRfmfb8pMb89TU-bPtXfDMelP_5K7Q-mM-9PIQgYkasDAcb-Z1xVGt1MuL6T4j4DYWFoB-9PGXwl5o-1S0spGJG8WSAif-IC-u3gT0WkZd4z5vfKWjhv9kzBPE9lFCXWPspHix6h7rWmtns-oLrY29UR6egUE-4sSrmdAoIQy3POpJzpOOFSRILd2U2-kN9K-vz7UMJvZRP9aaTDCfKAvSCVD17AywplDrwq07Mg35lvoVaKV-T9XlmUOsOVL1ojBK30zgaZdv2KblWeU_HFoNW6B8w
header
{
  "kid": "server",
  "alg": "RS256"
}
claims
{
  "at_hash": "6s06ESrqpGSCCshibExDvA",
  "sub": "6160017N67",
  "rat": 1669613293,
  "realmName": "cloudIdentityRealm",
  "amr": [
    "password"
  ],
  "iss": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "preferred_username": "isvdev@ibm.com",
  "rt_hash": "WKlidE8Ei-BoFEgqsDWBEw",
  "acr": "urn:ibm:security:policy:id:1",
  "aud": "bc461ba4-7259-47fe-a448-308743221fd4",
  "auth_time": 1669613033,
  "name": "ISV Dev",
  "exp": 1669620500,
  "iat": 1669613300,
  "jti": "e3fb3247-7c9a-4a42-ab43-89ec95a7aef4"
}
2022-11-28 05:28:20 SUCCESS
ExtractRefreshTokenFromTokenResponse
Extracted refresh token from response
refresh_token
BjfRvUxiaicXXzQv7dR-msIai8W7NkKJ9FjY0wIllJ4.W7xv2OZgMmZ0pqe1FCGneD5Na5skQR9jhwd-D0hcMLHZFlAAZ0vQuSLu9lK7KcdW0ovlLonWw9LiQmR5Zifyrg.M18xNjY5NjEzMzAwXzE4
2022-11-28 05:28:20 SUCCESS
EnsureMinimumRefreshTokenLength
Refresh token is of sufficient length
actual
1208
required
128
2022-11-28 05:28:20 SUCCESS
EnsureMinimumRefreshTokenEntropy
Calculated shannon entropy seems sufficient
actual
854.5472852719946
expected
96.0
value
BjfRvUxiaicXXzQv7dR-msIai8W7NkKJ9FjY0wIllJ4.W7xv2OZgMmZ0pqe1FCGneD5Na5skQR9jhwd-D0hcMLHZFlAAZ0vQuSLu9lK7KcdW0ovlLonWw9LiQmR5Zifyrg.M18xNjY5NjEzMzAwXzE4
2022-11-28 05:28:20 SUCCESS
CompareIdTokenClaims
Validated id token claims successfully
iss
{
  "first": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "second": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "note": "Values are expected to be equal"
}
sub
{
  "first": "6160017N67",
  "second": "6160017N67",
  "note": "Values are expected to be equal"
}
iat
{
  "first": 1669613298,
  "second": 1669613300,
  "note": "Values are expected to be different"
}
aud
{
  "first": "bc461ba4-7259-47fe-a448-308743221fd4",
  "second": "bc461ba4-7259-47fe-a448-308743221fd4",
  "note": "Values are expected to be equal"
}
auth_time
{
  "first": 1669613033,
  "second": 1669613033,
  "note": "Values are expected to be equal"
}
azp
Id tokens do not contain azp claims
Second client: Userinfo endpoint tests
2022-11-28 05:28:20
CallProtectedResource
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/userinfo
request_method
GET
request_headers
{
  "accept": "application/json",
  "authorization": "bearer nUQwJBlolrZmfV1pQbt5ZQLRDqCrZu7SU0ybJLBiT4c.2bTGpTi22dJV2VjIWt9UHrOE7y0VM24l2IqdCBu1tr4lza4NJhS28NTYiEezBNpmkQHsTTcXQ1Bqhy5qfmfsew.M18xNjY5NjEzMzAwXzE4",
  "content-length": "0"
}
request_body

                                
2022-11-28 05:28:20 RESPONSE
CallProtectedResource
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK6eea5a58-fac7-42f9-95f7-cd4613d4f5de",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c281638446f4374272a1",
  "content-length": "324",
  "date": "Mon, 28 Nov 2022 05:28:20 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:hPp84Ym4Iy9mAZ3vTFfiinpBZixDkQQtZVRw33TI4AU\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:57871319; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d1EA9F6C0AF7F75DDE18B919E8B944612~-1~YAAQXXYGFxk744SEAQAAXSy1vAiIMJDymmkcpb80fr/EnSM0LPasyUkQN2l7xwtBWCPI3qyiPDYw2hzDVSl9ojYFXbQgbYY8eNwvTuxyoBQil+Pgu/gvk/ZAPfr/n0KSNXCSGZwZSOukl8u0V9f2be+NTvYZLVR72T/7opm1QXdE8Xvl1zxBfXAy6jFW/Xl30U1F4+JXmU26iyarvhDJVcYSYxnXh9Ee8SONzDN4YPge56TKCkTUNa2r8faoCh7ommmxNYUpylYxMRPHN5WHTTu/mRTEABfYOjpm7DHd1+9Vtvp3wq3UGH4tyolJ5RPZCoemaSoOhElIK2T5bzcCyyuQr952VOuj5RPBzH2eTss4kpOIG/AW5KbgscHPDJzk3H/Jjcw\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 05:28:20 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003dEFE1023F81E857C8E809752D1915BB32~YAAQXXYGFxo744SEAQAAXSy1vBF9VDHDs58pvX4pvTVgZFxrC6xqiDXQ1IZLLmhb87BE00RBO+EdLxBVY3SU7Y3AWwuk4HWa63AJN08z56ZBZrkP4yCBM6FvYo7S0NfhgOZwlopzahjFkk75XReD8s/Z5jgrI0zfkE66jdZbU8NGDLlM4aNnhtTH2WtFf/AJsD9Ybt67VrLUnhGQaheWGu4LC8275htPdSiLgy8VulknQeHzC3e9BsV7p5bE2KtlE4pSz/K3azhVhpPYpgcGsx6DOwu4PF+EZBygZ1D0M5GHWhLY0b5Vh6vUPPJF~4601399~4534583; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 09:28:20 GMT; Max-Age\u003d14400; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d92",
    "origin; dur\u003d142"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"acr":"urn:ibm:security:policy:id:1","amr":["password"],"aud":["bc461ba4-7259-47fe-a448-308743221fd4"],"auth_time":1669613033,"iss":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2","name":"ISV Dev","preferred_username":"isvdev@ibm.com","rat":1669613293,"realmName":"cloudIdentityRealm","sub":"6160017N67"}
2022-11-28 05:28:20 SUCCESS
CallProtectedResource
Got a response from the resource endpoint
status
200
endpoint_name
resource
headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK6eea5a58-fac7-42f9-95f7-cd4613d4f5de",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c281638446f4374272a1",
  "content-length": "324",
  "date": "Mon, 28 Nov 2022 05:28:20 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:hPp84Ym4Iy9mAZ3vTFfiinpBZixDkQQtZVRw33TI4AU\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:57871319; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d1EA9F6C0AF7F75DDE18B919E8B944612~-1~YAAQXXYGFxk744SEAQAAXSy1vAiIMJDymmkcpb80fr/EnSM0LPasyUkQN2l7xwtBWCPI3qyiPDYw2hzDVSl9ojYFXbQgbYY8eNwvTuxyoBQil+Pgu/gvk/ZAPfr/n0KSNXCSGZwZSOukl8u0V9f2be+NTvYZLVR72T/7opm1QXdE8Xvl1zxBfXAy6jFW/Xl30U1F4+JXmU26iyarvhDJVcYSYxnXh9Ee8SONzDN4YPge56TKCkTUNa2r8faoCh7ommmxNYUpylYxMRPHN5WHTTu/mRTEABfYOjpm7DHd1+9Vtvp3wq3UGH4tyolJ5RPZCoemaSoOhElIK2T5bzcCyyuQr952VOuj5RPBzH2eTss4kpOIG/AW5KbgscHPDJzk3H/Jjcw\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 05:28:20 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003dEFE1023F81E857C8E809752D1915BB32~YAAQXXYGFxo744SEAQAAXSy1vBF9VDHDs58pvX4pvTVgZFxrC6xqiDXQ1IZLLmhb87BE00RBO+EdLxBVY3SU7Y3AWwuk4HWa63AJN08z56ZBZrkP4yCBM6FvYo7S0NfhgOZwlopzahjFkk75XReD8s/Z5jgrI0zfkE66jdZbU8NGDLlM4aNnhtTH2WtFf/AJsD9Ybt67VrLUnhGQaheWGu4LC8275htPdSiLgy8VulknQeHzC3e9BsV7p5bE2KtlE4pSz/K3azhVhpPYpgcGsx6DOwu4PF+EZBygZ1D0M5GHWhLY0b5Vh6vUPPJF~4601399~4534583; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 09:28:20 GMT; Max-Age\u003d14400; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d92",
    "origin; dur\u003d142"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
body
{"acr":"urn:ibm:security:policy:id:1","amr":["password"],"aud":["bc461ba4-7259-47fe-a448-308743221fd4"],"auth_time":1669613033,"iss":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2","name":"ISV Dev","preferred_username":"isvdev@ibm.com","rat":1669613293,"realmName":"cloudIdentityRealm","sub":"6160017N67"}
2022-11-28 05:28:20 SUCCESS
EnsureHttpStatusCodeIs200
resource endpoint returned the expected http status
expected_status
200
http_status
200
Attempting to use refresh_token issued to client 2 with client 1
2022-11-28 05:28:20 SUCCESS
CreateRefreshTokenRequest
Created token endpoint request parameters
grant_type
refresh_token
refresh_token
BjfRvUxiaicXXzQv7dR-msIai8W7NkKJ9FjY0wIllJ4.W7xv2OZgMmZ0pqe1FCGneD5Na5skQR9jhwd-D0hcMLHZFlAAZ0vQuSLu9lK7KcdW0ovlLonWw9LiQmR5Zifyrg.M18xNjY5NjEzMzAwXzE4
2022-11-28 05:28:20 SUCCESS
AddScopeToTokenEndpointRequest
Added scope of 'openid' to token endpoint request
grant_type
refresh_token
refresh_token
BjfRvUxiaicXXzQv7dR-msIai8W7NkKJ9FjY0wIllJ4.W7xv2OZgMmZ0pqe1FCGneD5Na5skQR9jhwd-D0hcMLHZFlAAZ0vQuSLu9lK7KcdW0ovlLonWw9LiQmR5Zifyrg.M18xNjY5NjEzMzAwXzE4
scope
openid
2022-11-28 05:28:20 SUCCESS
CreateClientAuthenticationAssertionClaims
Created client assertion claims
iss
88c15784-3dfd-4df3-b296-01cddb07b9be
sub
88c15784-3dfd-4df3-b296-01cddb07b9be
aud
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/token
jti
KDhaeD6puvXyPoRoUes1
iat
1669613300
exp
1669613360
2022-11-28 05:28:20 SUCCESS
SignClientAuthenticationAssertion
Signed the client assertion
client_assertion
eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiI4OGMxNTc4NC0zZGZkLTRkZjMtYjI5Ni0wMWNkZGIwN2I5YmUiLCJhdWQiOiJodHRwczpcL1wvb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tXC9vYXV0aDJcL3Rva2VuIiwiaXNzIjoiODhjMTU3ODQtM2RmZC00ZGYzLWIyOTYtMDFjZGRiMDdiOWJlIiwiZXhwIjoxNjY5NjEzMzYwLCJpYXQiOjE2Njk2MTMzMDAsImp0aSI6IktEaGFlRDZwdXZYeVBvUm9VZXMxIn0.nd9K867T23UKe-Q5idRqh9Kgjt9GxIMQYQcPsUb9xP-nXAJXJcxUXm2QxaEUZaX0smcIZKClSGds3nwteXXg4NEEznqdUpEuUv9diVaMgD2jY2WgjavGr-SLA4Q5xs0lYVqDKUrE_v5IxstcRPwfBAzC8DP26KJsVWPdVogy4Es6-nZPsJAmC_yMDIBsjxO1WSfvOwGKpPINF55fNpcS29ISugMTvWnOhbQWQRSxYrSHyhKSmfg6HB4EXXe-ut9teeSP8ca2_A-rKkMFmhw1tvFFlB063suv2zmr-U8kyvRa1qi970qMad-XCNlnkdVGw3xxUT8nA3MpDEJUMBlogw
2022-11-28 05:28:20
AddClientAssertionToTokenEndpointRequest
Added client assertion
grant_type
refresh_token
refresh_token
BjfRvUxiaicXXzQv7dR-msIai8W7NkKJ9FjY0wIllJ4.W7xv2OZgMmZ0pqe1FCGneD5Na5skQR9jhwd-D0hcMLHZFlAAZ0vQuSLu9lK7KcdW0ovlLonWw9LiQmR5Zifyrg.M18xNjY5NjEzMzAwXzE4
scope
openid
client_assertion
eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiI4OGMxNTc4NC0zZGZkLTRkZjMtYjI5Ni0wMWNkZGIwN2I5YmUiLCJhdWQiOiJodHRwczpcL1wvb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tXC9vYXV0aDJcL3Rva2VuIiwiaXNzIjoiODhjMTU3ODQtM2RmZC00ZGYzLWIyOTYtMDFjZGRiMDdiOWJlIiwiZXhwIjoxNjY5NjEzMzYwLCJpYXQiOjE2Njk2MTMzMDAsImp0aSI6IktEaGFlRDZwdXZYeVBvUm9VZXMxIn0.nd9K867T23UKe-Q5idRqh9Kgjt9GxIMQYQcPsUb9xP-nXAJXJcxUXm2QxaEUZaX0smcIZKClSGds3nwteXXg4NEEznqdUpEuUv9diVaMgD2jY2WgjavGr-SLA4Q5xs0lYVqDKUrE_v5IxstcRPwfBAzC8DP26KJsVWPdVogy4Es6-nZPsJAmC_yMDIBsjxO1WSfvOwGKpPINF55fNpcS29ISugMTvWnOhbQWQRSxYrSHyhKSmfg6HB4EXXe-ut9teeSP8ca2_A-rKkMFmhw1tvFFlB063suv2zmr-U8kyvRa1qi970qMad-XCNlnkdVGw3xxUT8nA3MpDEJUMBlogw
client_assertion_type
urn:ietf:params:oauth:client-assertion-type:jwt-bearer
2022-11-28 05:28:20
CallTokenEndpointAndReturnFullResponse
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/token
request_method
POST
request_headers
{
  "accept": "application/json",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "987"
}
request_body
grant_type=refresh_token&refresh_token=BjfRvUxiaicXXzQv7dR-msIai8W7NkKJ9FjY0wIllJ4.W7xv2OZgMmZ0pqe1FCGneD5Na5skQR9jhwd-D0hcMLHZFlAAZ0vQuSLu9lK7KcdW0ovlLonWw9LiQmR5Zifyrg.M18xNjY5NjEzMzAwXzE4&scope=openid&client_assertion=eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiI4OGMxNTc4NC0zZGZkLTRkZjMtYjI5Ni0wMWNkZGIwN2I5YmUiLCJhdWQiOiJodHRwczpcL1wvb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tXC9vYXV0aDJcL3Rva2VuIiwiaXNzIjoiODhjMTU3ODQtM2RmZC00ZGYzLWIyOTYtMDFjZGRiMDdiOWJlIiwiZXhwIjoxNjY5NjEzMzYwLCJpYXQiOjE2Njk2MTMzMDAsImp0aSI6IktEaGFlRDZwdXZYeVBvUm9VZXMxIn0.nd9K867T23UKe-Q5idRqh9Kgjt9GxIMQYQcPsUb9xP-nXAJXJcxUXm2QxaEUZaX0smcIZKClSGds3nwteXXg4NEEznqdUpEuUv9diVaMgD2jY2WgjavGr-SLA4Q5xs0lYVqDKUrE_v5IxstcRPwfBAzC8DP26KJsVWPdVogy4Es6-nZPsJAmC_yMDIBsjxO1WSfvOwGKpPINF55fNpcS29ISugMTvWnOhbQWQRSxYrSHyhKSmfg6HB4EXXe-ut9teeSP8ca2_A-rKkMFmhw1tvFFlB063suv2zmr-U8kyvRa1qi970qMad-XCNlnkdVGw3xxUT8nA3MpDEJUMBlogw&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer
2022-11-28 05:28:21 RESPONSE
CallTokenEndpointAndReturnFullResponse
HTTP response
response_status_code
400 BAD_REQUEST
response_status_text
Bad Request
response_headers
{
  "x-backside-transport": "FAIL FAIL",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AKb69a33e6-4871-463e-b297-2d5e4e206b16",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c281638446f421a55345",
  "content-length": "157",
  "date": "Mon, 28 Nov 2022 05:28:21 GMT",
  "connection": "close",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:q3gnJiQK1k71JNPEgmNGmkSpJcBHLxw4P8XMod5YUJ4\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:54725591; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d4FFDE9CBF44EAD0C31793B1CC9A8FD8C~-1~YAAQXXYGFyE744SEAQAAPy61vAgwmA3z1rMUKmuImibtH6TPSwQiuB2MWz10joHMtWEPwxtaa3+ABR/JBl+/WLpdhEN7p/N/rV/5vwlGgs2osEdQXI24zB3Njh6mtm+85I5QIsGtDsxE+AGJHNoQFmFIZ5mJLkIaW3i0Qm4PYd2r6tb/axnCKZIf66H/1Cc0dzhbX7bTZCNXKb0hoH6KI+n3r1TU+vi6zBId2kA1+7fjtADhiMc7xe9ZLK5xaH9DZ54zm3faLGYMuWiRXBRgwZUdGLHb+HXCwCQQuiBQzUhR9xwxWCUj6fqXimpIQTfXft8DrpdMWqwhxyP7iiiO9rKwsBC4yku+ZKKcinS+Y/AsWpLL2BEJ8cFD/+3u+bj3kUX6few\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 05:28:21 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d07CFA08DFF4C35FD824E765D44AB0C06~YAAQXXYGFyI744SEAQAAPy61vBFf/7jZft1Va81OM8L8XLv1k4+84pf7X5pes+tpiusYvs/6yz18HvoPADBdsdL36J+yX3cL1fg5LQXm7k/al30yBdp4FNXmyJEraRutzQiOyXdN4WZ4W6jsO8VQrgukSktPww3zjdn7e9xs8wIY4SRXyIaa1yzIXeNvpsRFqscqCnmfSSKeB8JFTZulh5pSiDyV5I76b6yb1V5m7yyLVvLoOZgkXG8YOS3Yu484JHnKoECU0FMr5UeN0zam62KV7FhJ5hua6AQXaUSrYb8KzsYe6Hy6jyfZbZdR~4601399~4534583; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 09:28:20 GMT; Max-Age\u003d14399; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d102",
    "origin; dur\u003d304"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"error":"invalid_grant","error_description":"CSIAQ5087E The OAuth 2.0 Client ID from this request does not match the ID during the initial token issuance."}
2022-11-28 05:28:21 SUCCESS
CallTokenEndpointAndReturnFullResponse
Parsed token endpoint response
error
invalid_grant
error_description
CSIAQ5087E The OAuth 2.0 Client ID from this request does not match the ID during the initial token issuance.
2022-11-28 05:28:21 SUCCESS
ValidateErrorFromTokenEndpointResponseError
Token endpoint response error returned valid 'error' field
error
invalid_grant
2022-11-28 05:28:21 SUCCESS
CheckTokenEndpointHttpStatus400
Token endpoint http status code was 400
2022-11-28 05:28:21 SUCCESS
CheckTokenEndpointReturnedJsonContentType
token_endpoint_response_headers Content-Type: header is application/json
2022-11-28 05:28:21 SUCCESS
CheckErrorFromTokenEndpointResponseErrorInvalidGrant
Token Endpoint response error returned expected 'error' of 'invalid_grant'
expected
[
  "invalid_grant"
]
2022-11-28 05:28:21 FINISHED
oidcc-refresh-token
Test has run to completion
testmodule_result
PASSED
Unregister dynamically registered client
2022-11-28 05:28:21
UnregisterDynamicallyRegisteredClient
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register/88c15784-3dfd-4df3-b296-01cddb07b9be
request_method
DELETE
request_headers
{
  "accept": "application/json",
  "authorization": "Bearer uilg3jW4piU1dJGvMBMIctrTl3zDHBG1ra7bA9SlVB8.BvDdJqmcY8QBHiAJHLaq1vRdvEXmvU8xcJizekTCs_taxKOPC908nkVO5heC4b9WmhCbWSsDU-Iy5iwKUhEwXw.M18xNjY5NjEzMjgwXzE4",
  "content-length": "0"
}
request_body

                                
2022-11-28 05:28:22 RESPONSE
UnregisterDynamicallyRegisteredClient
HTTP response
response_status_code
204 NO_CONTENT
response_status_text
No Content
response_headers
{
  "x-backside-transport": "OK OK",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK16bbb9da-eda2-4156-9ec4-e90c229093be",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c281638446f521a55465",
  "date": "Mon, 28 Nov 2022 05:28:22 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:CeLIR5jU8Gikw39no19WnWiz3ATqzX4sIThPypz2d6c\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:54725591; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d317E9B95E2E715BB4F148D3C1113D9FB~-1~YAAQXXYGF08744SEAQAAKTS1vAiwCkLfxb3lvnz60hvo6OOrzAarsi3HDOndFA76stupTwhRBOXRGLH049O0K2ZWIYMREPDaPRvooPM+eVr75Od7ska3ZuPjXETIDF61kaNM08qZA19sFH9qWEIz5PCQp4XBqu3jFUuLROqAhCWgkW1k8S1tD7Qb9UpGxqRsTqSEuHU9bkmTYtQ7//vzTn5NXv3a8V3gpViN2QAAIilTzKBDrmbia68dvY1FZyohhHChcLoaJZ4U8nauEfk59BxXJz3QaNtfY4Aa34gLqDr17LGTRxSgK5Phfa0evIXy3OPpsAruXO/8xePfnmZVubwi8RZps4AIJP+L9aMJ4lXyImxkFgzwihXresSbNp5hvR4utDk\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 05:28:22 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d55791A9CCB6FFBE6CE00918805D42286~YAAQXXYGF1A744SEAQAAKTS1vBGzL9uKJR/vZ36upry9eEt09Z6KiKD+Ygmjo4sNcpLqCRD9uz2Y1owFqnaemczAVHcVf9WbP71wmd5oddlyg0OmsDyLVxsGZdQZF1pv/OEY4ixtzbgu/1ckUTMhmuSPaI5JsXYnKdCar7wpZUHaWTG8Q4kjUIPtwd4QhDduVpd6q9dnewOGrQYnr8tzrX2HIXXBYJLE6ZVI9LBofP1egOy3jw4/knYjQQBUAPukge3Cb1/tRLp1MCsQm/SjtuJR8brFUgtLkrcW5KEKIgBQttshFXAIuLbfh7Tr~3228984~3486512; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 09:28:21 GMT; Max-Age\u003d14399; Secure"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body

                                
2022-11-28 05:28:22 SUCCESS
UnregisterDynamicallyRegisteredClient
Client successfully unregistered
Second client: Unregister dynamically registered client
2022-11-28 05:28:22
UnregisterDynamicallyRegisteredClient
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register/bc461ba4-7259-47fe-a448-308743221fd4
request_method
DELETE
request_headers
{
  "accept": "application/json",
  "authorization": "Bearer OMdfpo1tGGzNyMb7-tCJmh1M9IaWR22R9qR-0e1SkcI.i-_nKnGGQfNNGKrkZ9ZSmpPG-656qwjJ51cx6G3rRCXoolaD-z5gURMOeCASDmNuhu9AGKdN9CzKMTdhGxLHyA.M18xNjY5NjEzMjgyXzE4",
  "content-length": "0"
}
request_body

                                
2022-11-28 05:28:23 RESPONSE
UnregisterDynamicallyRegisteredClient
HTTP response
response_status_code
204 NO_CONTENT
response_status_text
No Content
response_headers
{
  "x-backside-transport": "OK OK",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AKd65f8bbf-7966-4bcc-aa76-5c8013d9f6c4",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c281638446f737427961",
  "date": "Mon, 28 Nov 2022 05:28:23 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:dxxJTCpOn0RTXL45ZUuXrOhPdDtJt5lpzpcwNJPY/lo\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:54725591; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003dF72E968F787AE631EB4AE7E20071D313~-1~YAAQXXYGF2U744SEAQAAxze1vAgwHbeod5Hl55jf5EVAMLTeaBSWoisZY1BYw7wom08sbi0QO6ZXTVMgP4HaJns3jS6qhWBvqzUVbsSIWP3GEwYRBBff5VnwgBMWMmPVc5+cFYCbzpdevcHA5IjvAJ2+vA063la/nMnbVRs4n7oDZO2DeFGVp+cuJMSlKrFz0QXLGdxk4LePyLmkSfPye1Ymz0nIsCDq/h+dR7On9Z78HL4V2tkZ0C/BM1B4kkXIEe3LHQBm5SofyoP3f4j/gnxPlhli32/sBEVpuJFTU8uuWz6KzWc/AXaDudz1rADhpC+0TmgVOICbkUn+3AO+SUJab9Asjdbp8dyadN4owK1a7tzqBbkmawvYOvmheNuZJvEiMb4\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 05:28:23 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003dAF18D43AE2ADD78A781410A309834640~YAAQXXYGF2Y744SEAQAAxze1vBFt4QpzsPE3Mcp1LJ19f8NsGZuEw1cv22CfyworvkWpb/rn9V2HHTKCrsH1sMYYPXP0yIkssG1k5UZ+hZAV0iislDpNuqU4DFmt39eiI6cMPkm12GO2D9HiZuYymeHsgod2KhKfAFLNqfXBjWXXOy8UIGFciM/YS/WEOcGcpVaTiFNL+rfV6l+l9c6aUATSBeJXA5JwaMTVY9+K5eVyfmzhNddNr3boYeBzm+j/OTKFKd7DLXV+iFJbtFuBiNwx59dHGkLg1tZ3RV6d79MDHWlLNFLcXJS7oajR~3687737~3684165; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 09:28:22 GMT; Max-Age\u003d14399; Secure"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body

                                
2022-11-28 05:28:23 SUCCESS
UnregisterDynamicallyRegisteredClient
Client successfully unregistered
2022-11-28 05:29:26
TEST-RUNNER
Alias has now been claimed by another test
alias
isv_op_oidc_core_test
new_test_id
v38kMALfDs1vj9r
Test Results