Test Summary

Test Results

Expand All Collapse All
All times are UTC
2022-11-28 05:44:51 INFO
TEST-RUNNER
Test instance Z4ivoFoGs56mpgu created
baseUrl
https://www.certification.openid.net/test/a/isv_op_oidc_core_test
variant
{
  "client_auth_type": "private_key_jwt",
  "response_type": "code token",
  "server_metadata": "discovery",
  "client_registration": "dynamic_client",
  "response_mode": "default"
}
alias
isv_op_oidc_core_test
description
isv_op_oidc_core_test_dynamic_client
planId
le2Qz2krbephy
config
{
  "server": {
    "discoveryUrl": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/.well-known/openid-configuration",
    "login_hint": "isvdev@ibm.com"
  },
  "client": {
    "client_name": "Ristretto Core Conformance Test Dynamic Client One"
  },
  "client2": {
    "client_name": "Ristretto Core Conformance Test Dynamic Client Two"
  },
  "consent": {},
  "alias": "isv_op_oidc_core_test",
  "description": "isv_op_oidc_core_test_dynamic_client"
}
testName
oidcc-refresh-token
2022-11-28 05:44:51 SUCCESS
CreateRedirectUri
Created redirect URI
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
2022-11-28 05:44:51
GetDynamicServerConfiguration
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/.well-known/openid-configuration
request_method
GET
request_headers
{
  "accept": "text/plain, application/json, application/*+json, */*",
  "content-length": "0"
}
request_body

                                
2022-11-28 05:44:51 RESPONSE
GetDynamicServerConfiguration
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AKa5d13d9a-241d-4cf2-ab4d-7616329cbe02",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c28163844ad307ee51c3",
  "vary": "Accept-Encoding",
  "date": "Mon, 28 Nov 2022 05:44:51 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:UNsjJx/XrsTkKMZYqjegRvvNzjbmHxfheWQH6cpiq10\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:54725591; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003dA17DCBC41E8DEA722B9FB228EED582F8~-1~YAAQXXYGF3iw44SEAQAAqkrEvAjCxnqqPjjg/TC/JT1mfsUhni2TXvi5v5FieBsEc55BAFSSbQe8TY4IZhOAa57DiKxNrSk5nnZlL5OIxBLVPvZj0kgb3wexfQkVk28/zorXxh16iH2AIX3VPzvtaUbq0qPy/aveHGL83Fwe6GPas2nTcxG+wTRUEBs1BQVer02JyP2GJbowaI1gTwq/UVMPgEa0/MTUCfEHFRt24jbaA2gHJViap940flsLpXFbDTjaV0WN1zTjR0KKftIw5PGNviYJBPPxVJi+nuNJTYqU08KzqV/81fLwERCNf8DrzJqQ0+ha7pRp6Ok02pbp1VfdVcwMXUnuuVFBqpHFQSiZnajdi0hfM6edny11lnprO7OXTu0\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 05:44:51 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d37ADD5DD9784285E5FF37D47DB862059~YAAQXXYGF3mw44SEAQAAqkrEvBEw9lsLcJls8W7LMOwVEkqQCslVNlkYll1+hoN6wGR+MQfXZ5mz/8MqyzpOg591sIPfrYdcuNV1o7OG2dQA8hYg5xi+aVZ4LWXPx7MBX3ExcuN4IpYpb8DoZfbbtu/JsnN5oAGRZZntNn4+RwOXkIBQM9AOpS+KtNRN5Th15TDNoxQKsM2Q1Lf6uOLfcgDkk1hy+wMj/qViWH2yCGuri9VMpmcszAxEa9lzpZDo/f5AF+pegWLZrKReleED4tNsuifnwvoaWfEPay3x5DaGuNrT7hDDTWUYmXas~3359029~3224642; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 09:44:51 GMT; Max-Age\u003d14400; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d104",
    "origin; dur\u003d168"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"issuer":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2","authorization_endpoint":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/authorize","token_endpoint":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/token","introspection_endpoint":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/introspect","userinfo_endpoint":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/userinfo","revocation_endpoint":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/revoke","pushed_authorization_request_endpoint":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/par","registration_endpoint":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register","jwks_uri":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/jwks","response_types_supported":["none","code","token","id_token","code token","code id_token","token id_token","code token id_token"],"response_modes_supported":["query","fragment","form_post","jwt","query.jwt","fragment.jwt","form_post.jwt"],"grant_types_supported":["authorization_code","implicit","password","refresh_token","client_credentials"],"token_endpoint_auth_methods_supported":["client_secret_basic","client_secret_post","private_key_jwt","tls_client_auth"],"authorization_signing_alg_values_supported":["RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512"],"authorization_encryption_alg_values_supported":["none","RSA-OAEP","RSA-OAEP-256"],"authorization_encryption_enc_values_supported":["none","A128GCM","A192GCM","A256GCM"],"id_token_signing_alg_values_supported":["RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512"],"id_token_encryption_alg_values_supported":["none","RSA-OAEP","RSA-OAEP-256"],"id_token_encryption_enc_values_supported":["none","A128GCM","A192GCM","A256GCM"],"userinfo_signing_alg_values_supported":["RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512"],"userinfo_encryption_alg_values_supported":["none","RSA-OAEP","RSA-OAEP-256"],"userinfo_encryption_enc_values_supported":["none","A128GCM","A192GCM","A256GCM"],"token_endpoint_auth_signing_alg_values_supported":["RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512"],"request_object_signing_alg_values_supported":["RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512"],"request_object_encryption_alg_values_supported":["none","RSA-OAEP","RSA-OAEP-256"],"request_object_encryption_enc_values_supported":["none","A128GCM","A192GCM","A256GCM"],"subject_types_supported":["public"],"scopes_supported":["openid","profile","email","phone","address"],"claims_supported":["family_name","job_title","realmName","groupIds","uid","email","name","tenantId","employee_id","mobile_number","department","upn","preferred_username","given_name","iss","acr"],"claim_types_supported":["normal"],"claims_parameter_supported":true,"request_parameter_supported":true,"request_uri_parameter_supported":true,"require_request_uri_registration":true,"tls_client_certificate_bound_access_tokens":true,"mtls_endpoint_aliases":{"introspection_endpoint":"https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/introspect","pushed_authorization_request_endpoint":"https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/par","revocation_endpoint":"https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/revoke","token_endpoint":"https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/token"},"dpop_signing_alg_values_supported":["RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512"]}
2022-11-28 05:44:51 SUCCESS
GetDynamicServerConfiguration
Successfully parsed server configuration
issuer
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2
authorization_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/authorize
token_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/token
introspection_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/introspect
userinfo_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/userinfo
revocation_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/revoke
pushed_authorization_request_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/par
registration_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register
jwks_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/jwks
response_types_supported
[
  "none",
  "code",
  "token",
  "id_token",
  "code token",
  "code id_token",
  "token id_token",
  "code token id_token"
]
response_modes_supported
[
  "query",
  "fragment",
  "form_post",
  "jwt",
  "query.jwt",
  "fragment.jwt",
  "form_post.jwt"
]
grant_types_supported
[
  "authorization_code",
  "implicit",
  "password",
  "refresh_token",
  "client_credentials"
]
token_endpoint_auth_methods_supported
[
  "client_secret_basic",
  "client_secret_post",
  "private_key_jwt",
  "tls_client_auth"
]
authorization_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "PS256",
  "PS384",
  "PS512",
  "ES256",
  "ES384",
  "ES512"
]
authorization_encryption_alg_values_supported
[
  "none",
  "RSA-OAEP",
  "RSA-OAEP-256"
]
authorization_encryption_enc_values_supported
[
  "none",
  "A128GCM",
  "A192GCM",
  "A256GCM"
]
id_token_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "PS256",
  "PS384",
  "PS512",
  "ES256",
  "ES384",
  "ES512"
]
id_token_encryption_alg_values_supported
[
  "none",
  "RSA-OAEP",
  "RSA-OAEP-256"
]
id_token_encryption_enc_values_supported
[
  "none",
  "A128GCM",
  "A192GCM",
  "A256GCM"
]
userinfo_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "PS256",
  "PS384",
  "PS512",
  "ES256",
  "ES384",
  "ES512"
]
userinfo_encryption_alg_values_supported
[
  "none",
  "RSA-OAEP",
  "RSA-OAEP-256"
]
userinfo_encryption_enc_values_supported
[
  "none",
  "A128GCM",
  "A192GCM",
  "A256GCM"
]
token_endpoint_auth_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "PS256",
  "PS384",
  "PS512",
  "ES256",
  "ES384",
  "ES512"
]
request_object_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "PS256",
  "PS384",
  "PS512",
  "ES256",
  "ES384",
  "ES512"
]
request_object_encryption_alg_values_supported
[
  "none",
  "RSA-OAEP",
  "RSA-OAEP-256"
]
request_object_encryption_enc_values_supported
[
  "none",
  "A128GCM",
  "A192GCM",
  "A256GCM"
]
subject_types_supported
[
  "public"
]
scopes_supported
[
  "openid",
  "profile",
  "email",
  "phone",
  "address"
]
claims_supported
[
  "family_name",
  "job_title",
  "realmName",
  "groupIds",
  "uid",
  "email",
  "name",
  "tenantId",
  "employee_id",
  "mobile_number",
  "department",
  "upn",
  "preferred_username",
  "given_name",
  "iss",
  "acr"
]
claim_types_supported
[
  "normal"
]
claims_parameter_supported
true
request_parameter_supported
true
request_uri_parameter_supported
true
require_request_uri_registration
true
tls_client_certificate_bound_access_tokens
true
mtls_endpoint_aliases
{
  "introspection_endpoint": "https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/introspect",
  "pushed_authorization_request_endpoint": "https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/par",
  "revocation_endpoint": "https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/revoke",
  "token_endpoint": "https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/token"
}
dpop_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "PS256",
  "PS384",
  "PS512",
  "ES256",
  "ES384",
  "ES512"
]
2022-11-28 05:44:51 SUCCESS
CheckServerConfiguration
Found required server configuration keys
required
[
  "authorization_endpoint",
  "token_endpoint",
  "issuer"
]
2022-11-28 05:44:51 SUCCESS
ExtractTLSTestValuesFromServerConfiguration
Extracted TLS information from authorization server configuration
registration_endpoint
{
  "testHost": "oidc-conformance.rel.verify.ibmcloudsecurity.com",
  "testPort": 443
}
authorization_endpoint
{
  "testHost": "oidc-conformance.rel.verify.ibmcloudsecurity.com",
  "testPort": 443
}
token_endpoint
{
  "testHost": "oidc-conformance.rel.verify.ibmcloudsecurity.com",
  "testPort": 443
}
userinfo_endpoint
{
  "testHost": "oidc-conformance.rel.verify.ibmcloudsecurity.com",
  "testPort": 443
}
2022-11-28 05:44:51
FetchServerKeys
Fetching server key
jwks_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/jwks
2022-11-28 05:44:51
FetchServerKeys
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/jwks
request_method
GET
request_headers
{
  "accept": "text/plain, application/json, application/*+json, */*",
  "content-length": "0"
}
request_body

                                
2022-11-28 05:44:52 RESPONSE
FetchServerKeys
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK5660c64d-5f83-4b0b-9e8a-da5ec456e9dd",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c28163844ad421ae6ce5",
  "vary": "Accept-Encoding",
  "date": "Mon, 28 Nov 2022 05:44:52 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:01hTHjzZfjqYDAXn0G4GtT2siT4DgsJBitKneAYyHS8\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:54725591; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d82854DFA88EE671D7DB78E12137DB19A~-1~YAAQJHYGF+hg/ISEAQAA803EvAicSl8/jUKwjFVoTbPZWMo0V9wa8xG/0FQw5JbegHdi0KrmVkSpY3LqHqOh/mWOLpzmMH2BuuSEYer0u3CJ00kUFM6gcBwBqBhVPC2+nVS8s1ZJA5nKJrerGEwrnjSeB8f+nA+P0/V6AdubuWk14NC0uu/UcoPNapyqC9TwFRS4+NVdE/GcgWoPOKCS+95FaskkxiU+QHhB5b3+bqRb5FXtROTFP6GKEbcEUC10BuvmD2TBO7T9RhPHm5QDa9epT2hqkDztjXRerwhzMSzIg6NOVoZhMDWOZ6HZbqgCEQxVwWDtfK26aczMes0bXPVn50lWuPwFfdDBFDS9QEDfftpaBkVxtSscLCrpERmANPyHR5c\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 05:44:52 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d0C1D92CAA625B0816777EEED6B6140AA~YAAQJHYGF+lg/ISEAQAA803EvBGHwoWLC5lcS9oHfmJa3SzpG4IvJ3r7A+CZFCsgkpRfkFiy3yBxOBj3OJHgYbrUZnkIR6Q85NR3TBXFvRKVA++8RdmPODcacq0vP3rUbcn26Xm0ivwqdaVAkODyme7CklOXKLjedEvr8Z8FU2Xq/X8vUPIIyCpcBrX+oOyjUk2sjlUS7QmDrw2MjoQEZSqMgGd4UydRcY9H3Kh2QLdFnS1qjOvIrsn5fpQ4bXiiYAq+oemGtgFTJSj4E0Gjf61VF8uMgyxqH48yfNzg2+9PsLqha5FYNvgNPmLv~3359029~3224642; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 09:44:51 GMT; Max-Age\u003d14399; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d463",
    "origin; dur\u003d260"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"keys":[{"kid":"server","kty":"RSA","use":"sig","x5c":["MIIDYDCCAkigAwIBAgIEIFW8uDANBgkqhkiG9w0BAQsFADByMQkwBwYDVQQGEwAxCTAHBgNVBAgTADEJMAcGA1UEBxMAMQkwBwYDVQQKEwAxCTAHBgNVBAsTADE5MDcGA1UEAxMwb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tMB4XDTIyMTExNDA0NDI0MFoXDTMyMTExMTA0NDI0MFowcjEJMAcGA1UEBhMAMQkwBwYDVQQIEwAxCTAHBgNVBAcTADEJMAcGA1UEChMAMQkwBwYDVQQLEwAxOTA3BgNVBAMTMG9pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALBtmxl55OH/ceueSG0bRucWkdCLybhWwz+x9J6IOb8Q89d4lcd7xhdkN+9nYEjqQMDrUEFDj2ajikKlxrJk7tZSkbu5skFuxHUETDhjHBqnNQb1jwhAdYzBPFTyQ9Ii7lm0uYTthnBJKvpvjKPoz7H9Vuu15RNDujq7RF6sDGSIJUTaxbx7EM2Xv37iqfSAjaMCvfLelacNHUfCAoyGeJYXCIOnlg2/KdfoN4QHKw9Dwq12Br2vau/TcvbD8Na4b+Mm/NEf00wFjt+MtbMCDyUFMQbsAuAk2eFS3eABb1VOQ9ZZOOcsXwB4nRewWIVVhJyMEixDXxm73G9oJBUpI6sCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAhvvrczfcb1xsYJeEiVtctWlLfHXyKkfyJpIU1nTGdKpd18tPv4OeLMyuJsOFenhJD95UauFwz3AT1zdHShp04JHWTtkb7aezFN4C9fpb97BUR0BheoYzkC6pgZ7M4QkkKE/AKYZfWLahqcbZ6ICmUfXyDJ2mWpXLpLm+l6jh32NF74ho8h4b65cMpDk5mFEp9vf1WgnmaWGtFjVuhAgaS8IrYcDy3DzVrZX/0kCPa0EXng7Xx1IkhUaKz0ajx3ZCmC6HmNa6U+oDKboGq7w1ZfscjOr8nB9M0f5BUAQN1m0nGAR1Ac96BMjfwwS/05lpPLF3Dv5CzOGLuIi0Cws7xA=="],"x5t#S256":"PVCDmVgwC-YE7Q8Bfe_9jJ8izpYjwStjUEYZEe-58Y4","n":"sG2bGXnk4f9x655IbRtG5xaR0IvJuFbDP7H0nog5vxDz13iVx3vGF2Q372dgSOpAwOtQQUOPZqOKQqXGsmTu1lKRu7myQW7EdQRMOGMcGqc1BvWPCEB1jME8VPJD0iLuWbS5hO2GcEkq-m-Mo-jPsf1W67XlE0O6OrtEXqwMZIglRNrFvHsQzZe_fuKp9ICNowK98t6Vpw0dR8ICjIZ4lhcIg6eWDb8p1-g3hAcrD0PCrXYGva9q79Ny9sPw1rhv4yb80R_TTAWO34y1swIPJQUxBuwC4CTZ4VLd4AFvVU5D1lk45yxfAHidF7BYhVWEnIwSLENfGbvcb2gkFSkjqw","e":"AQAB"}]}
2022-11-28 05:44:52
FetchServerKeys
Found JWK set string
jwk_string
{"keys":[{"kid":"server","kty":"RSA","use":"sig","x5c":["MIIDYDCCAkigAwIBAgIEIFW8uDANBgkqhkiG9w0BAQsFADByMQkwBwYDVQQGEwAxCTAHBgNVBAgTADEJMAcGA1UEBxMAMQkwBwYDVQQKEwAxCTAHBgNVBAsTADE5MDcGA1UEAxMwb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tMB4XDTIyMTExNDA0NDI0MFoXDTMyMTExMTA0NDI0MFowcjEJMAcGA1UEBhMAMQkwBwYDVQQIEwAxCTAHBgNVBAcTADEJMAcGA1UEChMAMQkwBwYDVQQLEwAxOTA3BgNVBAMTMG9pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALBtmxl55OH/ceueSG0bRucWkdCLybhWwz+x9J6IOb8Q89d4lcd7xhdkN+9nYEjqQMDrUEFDj2ajikKlxrJk7tZSkbu5skFuxHUETDhjHBqnNQb1jwhAdYzBPFTyQ9Ii7lm0uYTthnBJKvpvjKPoz7H9Vuu15RNDujq7RF6sDGSIJUTaxbx7EM2Xv37iqfSAjaMCvfLelacNHUfCAoyGeJYXCIOnlg2/KdfoN4QHKw9Dwq12Br2vau/TcvbD8Na4b+Mm/NEf00wFjt+MtbMCDyUFMQbsAuAk2eFS3eABb1VOQ9ZZOOcsXwB4nRewWIVVhJyMEixDXxm73G9oJBUpI6sCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAhvvrczfcb1xsYJeEiVtctWlLfHXyKkfyJpIU1nTGdKpd18tPv4OeLMyuJsOFenhJD95UauFwz3AT1zdHShp04JHWTtkb7aezFN4C9fpb97BUR0BheoYzkC6pgZ7M4QkkKE/AKYZfWLahqcbZ6ICmUfXyDJ2mWpXLpLm+l6jh32NF74ho8h4b65cMpDk5mFEp9vf1WgnmaWGtFjVuhAgaS8IrYcDy3DzVrZX/0kCPa0EXng7Xx1IkhUaKz0ajx3ZCmC6HmNa6U+oDKboGq7w1ZfscjOr8nB9M0f5BUAQN1m0nGAR1Ac96BMjfwwS/05lpPLF3Dv5CzOGLuIi0Cws7xA=="],"x5t#S256":"PVCDmVgwC-YE7Q8Bfe_9jJ8izpYjwStjUEYZEe-58Y4","n":"sG2bGXnk4f9x655IbRtG5xaR0IvJuFbDP7H0nog5vxDz13iVx3vGF2Q372dgSOpAwOtQQUOPZqOKQqXGsmTu1lKRu7myQW7EdQRMOGMcGqc1BvWPCEB1jME8VPJD0iLuWbS5hO2GcEkq-m-Mo-jPsf1W67XlE0O6OrtEXqwMZIglRNrFvHsQzZe_fuKp9ICNowK98t6Vpw0dR8ICjIZ4lhcIg6eWDb8p1-g3hAcrD0PCrXYGva9q79Ny9sPw1rhv4yb80R_TTAWO34y1swIPJQUxBuwC4CTZ4VLd4AFvVU5D1lk45yxfAHidF7BYhVWEnIwSLENfGbvcb2gkFSkjqw","e":"AQAB"}]}
2022-11-28 05:44:52 SUCCESS
FetchServerKeys
Found server JWK set
server_jwks
{
  "keys": [
    {
      "kid": "server",
      "kty": "RSA",
      "use": "sig",
      "x5c": [
        "MIIDYDCCAkigAwIBAgIEIFW8uDANBgkqhkiG9w0BAQsFADByMQkwBwYDVQQGEwAxCTAHBgNVBAgTADEJMAcGA1UEBxMAMQkwBwYDVQQKEwAxCTAHBgNVBAsTADE5MDcGA1UEAxMwb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tMB4XDTIyMTExNDA0NDI0MFoXDTMyMTExMTA0NDI0MFowcjEJMAcGA1UEBhMAMQkwBwYDVQQIEwAxCTAHBgNVBAcTADEJMAcGA1UEChMAMQkwBwYDVQQLEwAxOTA3BgNVBAMTMG9pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALBtmxl55OH/ceueSG0bRucWkdCLybhWwz+x9J6IOb8Q89d4lcd7xhdkN+9nYEjqQMDrUEFDj2ajikKlxrJk7tZSkbu5skFuxHUETDhjHBqnNQb1jwhAdYzBPFTyQ9Ii7lm0uYTthnBJKvpvjKPoz7H9Vuu15RNDujq7RF6sDGSIJUTaxbx7EM2Xv37iqfSAjaMCvfLelacNHUfCAoyGeJYXCIOnlg2/KdfoN4QHKw9Dwq12Br2vau/TcvbD8Na4b+Mm/NEf00wFjt+MtbMCDyUFMQbsAuAk2eFS3eABb1VOQ9ZZOOcsXwB4nRewWIVVhJyMEixDXxm73G9oJBUpI6sCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAhvvrczfcb1xsYJeEiVtctWlLfHXyKkfyJpIU1nTGdKpd18tPv4OeLMyuJsOFenhJD95UauFwz3AT1zdHShp04JHWTtkb7aezFN4C9fpb97BUR0BheoYzkC6pgZ7M4QkkKE/AKYZfWLahqcbZ6ICmUfXyDJ2mWpXLpLm+l6jh32NF74ho8h4b65cMpDk5mFEp9vf1WgnmaWGtFjVuhAgaS8IrYcDy3DzVrZX/0kCPa0EXng7Xx1IkhUaKz0ajx3ZCmC6HmNa6U+oDKboGq7w1ZfscjOr8nB9M0f5BUAQN1m0nGAR1Ac96BMjfwwS/05lpPLF3Dv5CzOGLuIi0Cws7xA\u003d\u003d"
      ],
      "x5t#S256": "PVCDmVgwC-YE7Q8Bfe_9jJ8izpYjwStjUEYZEe-58Y4",
      "n": "sG2bGXnk4f9x655IbRtG5xaR0IvJuFbDP7H0nog5vxDz13iVx3vGF2Q372dgSOpAwOtQQUOPZqOKQqXGsmTu1lKRu7myQW7EdQRMOGMcGqc1BvWPCEB1jME8VPJD0iLuWbS5hO2GcEkq-m-Mo-jPsf1W67XlE0O6OrtEXqwMZIglRNrFvHsQzZe_fuKp9ICNowK98t6Vpw0dR8ICjIZ4lhcIg6eWDb8p1-g3hAcrD0PCrXYGva9q79Ny9sPw1rhv4yb80R_TTAWO34y1swIPJQUxBuwC4CTZ4VLd4AFvVU5D1lk45yxfAHidF7BYhVWEnIwSLENfGbvcb2gkFSkjqw",
      "e": "AQAB"
    }
  ]
}
2022-11-28 05:44:52 SUCCESS
CheckServerKeysIsValid
Server JWKs is valid
server_jwks
{
  "keys": [
    {
      "kid": "server",
      "kty": "RSA",
      "use": "sig",
      "x5c": [
        "MIIDYDCCAkigAwIBAgIEIFW8uDANBgkqhkiG9w0BAQsFADByMQkwBwYDVQQGEwAxCTAHBgNVBAgTADEJMAcGA1UEBxMAMQkwBwYDVQQKEwAxCTAHBgNVBAsTADE5MDcGA1UEAxMwb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tMB4XDTIyMTExNDA0NDI0MFoXDTMyMTExMTA0NDI0MFowcjEJMAcGA1UEBhMAMQkwBwYDVQQIEwAxCTAHBgNVBAcTADEJMAcGA1UEChMAMQkwBwYDVQQLEwAxOTA3BgNVBAMTMG9pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALBtmxl55OH/ceueSG0bRucWkdCLybhWwz+x9J6IOb8Q89d4lcd7xhdkN+9nYEjqQMDrUEFDj2ajikKlxrJk7tZSkbu5skFuxHUETDhjHBqnNQb1jwhAdYzBPFTyQ9Ii7lm0uYTthnBJKvpvjKPoz7H9Vuu15RNDujq7RF6sDGSIJUTaxbx7EM2Xv37iqfSAjaMCvfLelacNHUfCAoyGeJYXCIOnlg2/KdfoN4QHKw9Dwq12Br2vau/TcvbD8Na4b+Mm/NEf00wFjt+MtbMCDyUFMQbsAuAk2eFS3eABb1VOQ9ZZOOcsXwB4nRewWIVVhJyMEixDXxm73G9oJBUpI6sCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAhvvrczfcb1xsYJeEiVtctWlLfHXyKkfyJpIU1nTGdKpd18tPv4OeLMyuJsOFenhJD95UauFwz3AT1zdHShp04JHWTtkb7aezFN4C9fpb97BUR0BheoYzkC6pgZ7M4QkkKE/AKYZfWLahqcbZ6ICmUfXyDJ2mWpXLpLm+l6jh32NF74ho8h4b65cMpDk5mFEp9vf1WgnmaWGtFjVuhAgaS8IrYcDy3DzVrZX/0kCPa0EXng7Xx1IkhUaKz0ajx3ZCmC6HmNa6U+oDKboGq7w1ZfscjOr8nB9M0f5BUAQN1m0nGAR1Ac96BMjfwwS/05lpPLF3Dv5CzOGLuIi0Cws7xA\u003d\u003d"
      ],
      "x5t#S256": "PVCDmVgwC-YE7Q8Bfe_9jJ8izpYjwStjUEYZEe-58Y4",
      "n": "sG2bGXnk4f9x655IbRtG5xaR0IvJuFbDP7H0nog5vxDz13iVx3vGF2Q372dgSOpAwOtQQUOPZqOKQqXGsmTu1lKRu7myQW7EdQRMOGMcGqc1BvWPCEB1jME8VPJD0iLuWbS5hO2GcEkq-m-Mo-jPsf1W67XlE0O6OrtEXqwMZIglRNrFvHsQzZe_fuKp9ICNowK98t6Vpw0dR8ICjIZ4lhcIg6eWDb8p1-g3hAcrD0PCrXYGva9q79Ny9sPw1rhv4yb80R_TTAWO34y1swIPJQUxBuwC4CTZ4VLd4AFvVU5D1lk45yxfAHidF7BYhVWEnIwSLENfGbvcb2gkFSkjqw",
      "e": "AQAB"
    }
  ]
}
2022-11-28 05:44:52 SUCCESS
ValidateServerJWKs
Valid server JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2022-11-28 05:44:52 SUCCESS
CheckForKeyIdInServerJWKs
All keys contain kids
2022-11-28 05:44:52 SUCCESS
CheckDistinctKeyIdValueInServerJWKs
Distinct 'kid' value in all keys of server_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2022-11-28 05:44:52 SUCCESS
EnsureServerJwksDoesNotContainPrivateOrSymmetricKeys
Jwks does not contain any private or symmetric keys
2022-11-28 05:44:52
StoreOriginalClientConfiguration
Created original_client_config object from the client configuration.
client_name
Ristretto Core Conformance Test Dynamic Client One
2022-11-28 05:44:52
ExtractClientNameFromStoredConfig
Extracted client_name from stored client configuration.
client_name
Ristretto Core Conformance Test Dynamic Client One
2022-11-28 05:44:52 SUCCESS
GenerateRS256ClientJWKs
Generated client JWKs
client_jwks
{
  "keys": [
    {
      "p": "7euQ7JJHbzJF7eEosTwDdrPP5Yu1FGPfe9DOrYQSp4yBKAkpgCZO-mTfTbxCp4R5Oz3VNTesK2HNQfm45CsWSVtuZbA5yWP98Z--Quy_j_RxNa820JsiC3dTcOzIiEGvZv5BuMhkIfUMlD48jdFoT9_22sQWdr1D3BaEX2M433s",
      "kty": "RSA",
      "q": "x0mIb6vWt0aUy2p-b_StrOLXNPy9XofrtBEcNgjesHgjiVfuP4loUqrWPPXP0wBe5zBdU_S7AwlmMKHLOH1gvlC_2ra4m7cZRtRL__cOj8GEiPe1zZw-E9vVYya2xQ4BwZSxBVk-jwzQUhWMHSNeHl6V1D4OEuD2qrLYaysvYcE",
      "d": "Hh4VzxLJj7f0mLawlxuNXJTW3Lg3X8760u5MAK9e9Y8v9E7fZdNH_pONBWXQ-VgQBAC2SOJVeWMdXdYQzNsN0jQ9tsXOW6MCaJz06pp4EMs0eOnoTvxxmEj3nlel7d9DjcTXdZnT5FRlOQ-GCvU_8RnOODU2GfLPhunn4uISmwNkEYqYx_eylx-xegbf00G9S8_OGPbEgpp8EjMREue4OUWSRT8MBfZpuJkDqUiGHjkWixGNWXSY4STRGOihao9OhygnSpQccdJcyKVV63gr5xwBE1aQwI4Gqu46L8YHoKWB90eJ0TxK--MKXyqgvYE-JTH_qYx-P0ebOgkSmDDFgQ",
      "e": "AQAB",
      "use": "sig",
      "qi": "qrKBTqAG_Nh4ABynp6rzSmbkneNqXGS3aDq6gNuE1trpGbg9uNGsyBZQNhaF5xraDyyW09BGOOhS4vyxf_650nX0AJSdv2PMDqXdsb1pPvgW54T5akZZw9f5msNjk3lPzXZ0IVgHC9OuJMKvnYLE7SbB3SLDTakAOvvOaY1PqVo",
      "dp": "cYUigx5Qo0fTgesa5WYDKRImshn07qOwsH0zACuyUuuBfL7SZGji6ipTOd4H17InvhKEtn230oM50q76fzPn0Fyl0jNBf0wMkMttlrUrud4iXkEZ4HMEzX_D-m-gRxNAQ94xMZ-710_7Doibj_dI1EPCnyNMrJ8lz8-WnYTUUB0",
      "alg": "RS256",
      "dq": "w9nhSxYOy0mDO7IqFi7ZbBn2s-1a0gc0Pl--YOAwsi8vhW-0Bh8tNmkMaRaOqugnXH9siPDvxVk8Y7jt9lNJe1_yXKjMHsRABBrpoeGUHvVpIg6HTk0puOyH9ox6fIh6c1uE6SO-1mkaZkEk1RIIEkKUbuSZgjYyVKm1BQWI6EE",
      "n": "uTZ0oScAqSZSgb-a3Q0_TPJReKOjd_9LZvXQLBbDm4ti-0meoexMPd6BBQppDRGXsvSlBRVdLHp7KI8jEeSJDOaz_tXec8UNOhfqFOJZZC1iLgjq27ifCqe3uda8tBiJVU-QyjK4x3vSTCq8ugHxf9BTEU5XqMZb8t7YW-gDlNJKc_riavQymUpkNCTbJVfdBpi8h79IK9XqvYD7w4oNpYMfnFyynmgkRczAxpdaRo-PIfqG8Iod9SaT60krmqt4uuwhYjNBGHe7AwVBG4mx3bCRBNc9ptTHBQ_rsIhkUP4RH6fkqCj6eFzk18iRyNbBzXVhC_7RiKdPKuXmCyMWuw"
    }
  ]
}
public_client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "alg": "RS256",
      "n": "uTZ0oScAqSZSgb-a3Q0_TPJReKOjd_9LZvXQLBbDm4ti-0meoexMPd6BBQppDRGXsvSlBRVdLHp7KI8jEeSJDOaz_tXec8UNOhfqFOJZZC1iLgjq27ifCqe3uda8tBiJVU-QyjK4x3vSTCq8ugHxf9BTEU5XqMZb8t7YW-gDlNJKc_riavQymUpkNCTbJVfdBpi8h79IK9XqvYD7w4oNpYMfnFyynmgkRczAxpdaRo-PIfqG8Iod9SaT60krmqt4uuwhYjNBGHe7AwVBG4mx3bCRBNc9ptTHBQ_rsIhkUP4RH6fkqCj6eFzk18iRyNbBzXVhC_7RiKdPKuXmCyMWuw"
    }
  ]
}
2022-11-28 05:44:52 SUCCESS
CheckDistinctKeyIdValueInClientJWKs
Distinct 'kid' value in all keys of client_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2022-11-28 05:44:52
CreateEmptyDynamicRegistrationRequest
Created empty dynamic registration request
2022-11-28 05:44:52
AddClientNameToDynamicRegistrationRequest
Added client_name to registration request
client_name
Ristretto Core Conformance Test Dynamic Client One Z4ivoFoGs56mpgu
2022-11-28 05:44:52
AddAuthorizationCodeGrantTypeToDynamicRegistrationRequest
Added 'authorization_code' to 'grant_types'
grant_types
[
  "authorization_code"
]
2022-11-28 05:44:52
AddImplicitGrantTypeToDynamicRegistrationRequest
Added 'implicit' to 'grant_types'
grant_types
[
  "authorization_code",
  "implicit"
]
2022-11-28 05:44:52
AddPublicJwksToDynamicRegistrationRequest
Added client public JWKS to dynamic registration request
dynamic_registration_request
{
  "client_name": "Ristretto Core Conformance Test Dynamic Client One Z4ivoFoGs56mpgu",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "uTZ0oScAqSZSgb-a3Q0_TPJReKOjd_9LZvXQLBbDm4ti-0meoexMPd6BBQppDRGXsvSlBRVdLHp7KI8jEeSJDOaz_tXec8UNOhfqFOJZZC1iLgjq27ifCqe3uda8tBiJVU-QyjK4x3vSTCq8ugHxf9BTEU5XqMZb8t7YW-gDlNJKc_riavQymUpkNCTbJVfdBpi8h79IK9XqvYD7w4oNpYMfnFyynmgkRczAxpdaRo-PIfqG8Iod9SaT60krmqt4uuwhYjNBGHe7AwVBG4mx3bCRBNc9ptTHBQ_rsIhkUP4RH6fkqCj6eFzk18iRyNbBzXVhC_7RiKdPKuXmCyMWuw"
      }
    ]
  }
}
2022-11-28 05:44:52
AddTokenEndpointAuthMethodToDynamicRegistrationRequestFromEnvironment
Added token endpoint auth method to dynamic registration request
dynamic_registration_request
{
  "client_name": "Ristretto Core Conformance Test Dynamic Client One Z4ivoFoGs56mpgu",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "uTZ0oScAqSZSgb-a3Q0_TPJReKOjd_9LZvXQLBbDm4ti-0meoexMPd6BBQppDRGXsvSlBRVdLHp7KI8jEeSJDOaz_tXec8UNOhfqFOJZZC1iLgjq27ifCqe3uda8tBiJVU-QyjK4x3vSTCq8ugHxf9BTEU5XqMZb8t7YW-gDlNJKc_riavQymUpkNCTbJVfdBpi8h79IK9XqvYD7w4oNpYMfnFyynmgkRczAxpdaRo-PIfqG8Iod9SaT60krmqt4uuwhYjNBGHe7AwVBG4mx3bCRBNc9ptTHBQ_rsIhkUP4RH6fkqCj6eFzk18iRyNbBzXVhC_7RiKdPKuXmCyMWuw"
      }
    ]
  },
  "token_endpoint_auth_method": "private_key_jwt"
}
2022-11-28 05:44:52
AddResponseTypesArrayToDynamicRegistrationRequestFromEnvironment
Added response_types array to dynamic registration request
dynamic_registration_request
{
  "client_name": "Ristretto Core Conformance Test Dynamic Client One Z4ivoFoGs56mpgu",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "uTZ0oScAqSZSgb-a3Q0_TPJReKOjd_9LZvXQLBbDm4ti-0meoexMPd6BBQppDRGXsvSlBRVdLHp7KI8jEeSJDOaz_tXec8UNOhfqFOJZZC1iLgjq27ifCqe3uda8tBiJVU-QyjK4x3vSTCq8ugHxf9BTEU5XqMZb8t7YW-gDlNJKc_riavQymUpkNCTbJVfdBpi8h79IK9XqvYD7w4oNpYMfnFyynmgkRczAxpdaRo-PIfqG8Iod9SaT60krmqt4uuwhYjNBGHe7AwVBG4mx3bCRBNc9ptTHBQ_rsIhkUP4RH6fkqCj6eFzk18iRyNbBzXVhC_7RiKdPKuXmCyMWuw"
      }
    ]
  },
  "token_endpoint_auth_method": "private_key_jwt",
  "response_types": [
    "code token"
  ]
}
2022-11-28 05:44:52
AddRedirectUriToDynamicRegistrationRequest
Added redirect_uris array to dynamic registration request
dynamic_registration_request
{
  "client_name": "Ristretto Core Conformance Test Dynamic Client One Z4ivoFoGs56mpgu",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "uTZ0oScAqSZSgb-a3Q0_TPJReKOjd_9LZvXQLBbDm4ti-0meoexMPd6BBQppDRGXsvSlBRVdLHp7KI8jEeSJDOaz_tXec8UNOhfqFOJZZC1iLgjq27ifCqe3uda8tBiJVU-QyjK4x3vSTCq8ugHxf9BTEU5XqMZb8t7YW-gDlNJKc_riavQymUpkNCTbJVfdBpi8h79IK9XqvYD7w4oNpYMfnFyynmgkRczAxpdaRo-PIfqG8Iod9SaT60krmqt4uuwhYjNBGHe7AwVBG4mx3bCRBNc9ptTHBQ_rsIhkUP4RH6fkqCj6eFzk18iRyNbBzXVhC_7RiKdPKuXmCyMWuw"
      }
    ]
  },
  "token_endpoint_auth_method": "private_key_jwt",
  "response_types": [
    "code token"
  ],
  "redirect_uris": [
    "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"
  ]
}
2022-11-28 05:44:52
AddContactsToDynamicRegistrationRequest
Added contacts array to dynamic registration request
dynamic_registration_request
{
  "client_name": "Ristretto Core Conformance Test Dynamic Client One Z4ivoFoGs56mpgu",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "uTZ0oScAqSZSgb-a3Q0_TPJReKOjd_9LZvXQLBbDm4ti-0meoexMPd6BBQppDRGXsvSlBRVdLHp7KI8jEeSJDOaz_tXec8UNOhfqFOJZZC1iLgjq27ifCqe3uda8tBiJVU-QyjK4x3vSTCq8ugHxf9BTEU5XqMZb8t7YW-gDlNJKc_riavQymUpkNCTbJVfdBpi8h79IK9XqvYD7w4oNpYMfnFyynmgkRczAxpdaRo-PIfqG8Iod9SaT60krmqt4uuwhYjNBGHe7AwVBG4mx3bCRBNc9ptTHBQ_rsIhkUP4RH6fkqCj6eFzk18iRyNbBzXVhC_7RiKdPKuXmCyMWuw"
      }
    ]
  },
  "token_endpoint_auth_method": "private_key_jwt",
  "response_types": [
    "code token"
  ],
  "redirect_uris": [
    "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"
  ],
  "contacts": [
    "certification@oidf.org"
  ]
}
2022-11-28 05:44:52
AddRefreshTokenGrantTypeToDynamicRegistrationRequest
Added 'refresh_token' to 'grant_types'
grant_types
[
  "authorization_code",
  "implicit",
  "refresh_token"
]
2022-11-28 05:44:52
CallDynamicRegistrationEndpoint
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register
request_method
POST
request_headers
{
  "accept": "application/json",
  "accept-charset": "utf-8",
  "content-type": "application/json",
  "content-length": "778"
}
request_body
{"client_name":"Ristretto Core Conformance Test Dynamic Client One Z4ivoFoGs56mpgu","grant_types":["authorization_code","implicit","refresh_token"],"jwks":{"keys":[{"kty":"RSA","e":"AQAB","use":"sig","alg":"RS256","n":"uTZ0oScAqSZSgb-a3Q0_TPJReKOjd_9LZvXQLBbDm4ti-0meoexMPd6BBQppDRGXsvSlBRVdLHp7KI8jEeSJDOaz_tXec8UNOhfqFOJZZC1iLgjq27ifCqe3uda8tBiJVU-QyjK4x3vSTCq8ugHxf9BTEU5XqMZb8t7YW-gDlNJKc_riavQymUpkNCTbJVfdBpi8h79IK9XqvYD7w4oNpYMfnFyynmgkRczAxpdaRo-PIfqG8Iod9SaT60krmqt4uuwhYjNBGHe7AwVBG4mx3bCRBNc9ptTHBQ_rsIhkUP4RH6fkqCj6eFzk18iRyNbBzXVhC_7RiKdPKuXmCyMWuw"}]},"token_endpoint_auth_method":"private_key_jwt","response_types":["code token"],"redirect_uris":["https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"],"contacts":["certification@oidf.org"]}
2022-11-28 05:44:54 RESPONSE
CallDynamicRegistrationEndpoint
HTTP response
response_status_code
201 CREATED
response_status_text
Created
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AKcd30f87d-f3c3-46d5-ab77-61da42334195",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c28163844ad421ae6f25",
  "content-length": "1446",
  "date": "Mon, 28 Nov 2022 05:44:54 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:tdnqFgv+mHU2xevyAcKr3yO7yCyO+azlB7fn5fbekQ4\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:61017047; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d5FDEC743994F64F81E775A3AA04D6127~-1~YAAQJHYGF/5g/ISEAQAA6FXEvAiGxiuqThHZjWt7t99HPJmCFDCZwwp8cAzUT3CQhiIzM9EaBhQaAZ4n/QZn8tSe8yF8U9ad68dxd3Fre1U2T7/nQVUMELHHmef9efV9xQzN1cx9s2Nbn6jhUNHZnEp9QDCnDVeXVv/jZ6nDvycErQl3JGpMfMByxLmgkaq8o4mPAHLQM4fi6wfh9KfHd6nL2QWBEsW2zvk1opHO2nbyvNYEa3lCfO4nIfuWLmafUjqcYYjNsw+sHIZ7jWe1a+HQ0c0qcXg9eYgWWx2GKkAPgBo85LhOzaROIWIeXC440Vf7OLUkyD5DiLX0p3WMKBEEoryamXlPHx586QKgRgEdCoh1M+oG8LGvaRYzftwXWeqGjKI\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 05:44:54 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d3C3259DFECCBE4AC9C408E1C73F82FA7~YAAQJHYGF/9g/ISEAQAA6FXEvBHEzfmrd8OuADfOxGc/R3N7DGy4ht10es4Zw/rKeEExgjyRinsYvEoCD7JEfp+gXYpoe4rjZgnNqZ8caa9apjl4W4wYOgGvNjBcQLSJC7rO1EDe/4xSElhVHsv0D6oSvJyy4WM8ln2jb6UTyP3cJbNZ2DmYHrf0xkpjNVlj+8MVr11oiUVLFeRAzaUkS0wcvd44/iwg738pzibBjhrNKw++h8VbfL172WXgPXwLJ3crUrTpKtpqVxOK96ZIcACe7hA6vzkxIzm5kOE/deX0gq1ljnMP3MDkJ25P~3551813~3422002; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 09:44:52 GMT; Max-Age\u003d14398; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d100",
    "origin; dur\u003d1763"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"all_users_entitled":true,"client_id":"18ee4145-ac69-4b92-88d0-5f4cb2e9a9b1","client_id_issued_at":"2022-11-28T05:44:52Z","client_name":"Ristretto Core Conformance Test Dynamic Client One Z4ivoFoGs56mpgu","client_secret":"QHtLgoXXvg","client_secret_expires_at":0,"consent_action":"always_prompt","enforce_pkce":false,"grant_types":["authorization_code","implicit","refresh_token"],"id_token_map":[],"id_token_signed_response_alg":"RS256","initiate_login_uri":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com","jwks":{"keys":[{"use":"sig","kty":"RSA","alg":"RS256","n":"uTZ0oScAqSZSgb-a3Q0_TPJReKOjd_9LZvXQLBbDm4ti-0meoexMPd6BBQppDRGXsvSlBRVdLHp7KI8jEeSJDOaz_tXec8UNOhfqFOJZZC1iLgjq27ifCqe3uda8tBiJVU-QyjK4x3vSTCq8ugHxf9BTEU5XqMZb8t7YW-gDlNJKc_riavQymUpkNCTbJVfdBpi8h79IK9XqvYD7w4oNpYMfnFyynmgkRczAxpdaRo-PIfqG8Iod9SaT60krmqt4uuwhYjNBGHe7AwVBG4mx3bCRBNc9ptTHBQ_rsIhkUP4RH6fkqCj6eFzk18iRyNbBzXVhC_7RiKdPKuXmCyMWuw","e":"AQAB"}]},"redirect_uris":["https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"],"registration_access_token":"1D6-1T6NMTtsJFvQrZrNTn2NS0D0gCf647EZbDa2kos.u9SI10-j8DNndgMoE4xIq5YK44NbqF9AgV6jSfj9gaGhrY6szgsA6dV2kkk3n72ETl_lzF-_txWSBW07-kqmWQ.M18xNjY5NjE0Mjk0XzE4","registration_client_uri":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register/18ee4145-ac69-4b92-88d0-5f4cb2e9a9b1","response_types":["code token"],"token_endpoint_auth_method":"private_key_jwt","token_map":[]}
2022-11-28 05:44:54
CallDynamicRegistrationEndpoint
Parsed registration endpoint response
status
201
endpoint_name
dynamic registration
headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AKcd30f87d-f3c3-46d5-ab77-61da42334195",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c28163844ad421ae6f25",
  "content-length": "1446",
  "date": "Mon, 28 Nov 2022 05:44:54 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:tdnqFgv+mHU2xevyAcKr3yO7yCyO+azlB7fn5fbekQ4\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:61017047; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d5FDEC743994F64F81E775A3AA04D6127~-1~YAAQJHYGF/5g/ISEAQAA6FXEvAiGxiuqThHZjWt7t99HPJmCFDCZwwp8cAzUT3CQhiIzM9EaBhQaAZ4n/QZn8tSe8yF8U9ad68dxd3Fre1U2T7/nQVUMELHHmef9efV9xQzN1cx9s2Nbn6jhUNHZnEp9QDCnDVeXVv/jZ6nDvycErQl3JGpMfMByxLmgkaq8o4mPAHLQM4fi6wfh9KfHd6nL2QWBEsW2zvk1opHO2nbyvNYEa3lCfO4nIfuWLmafUjqcYYjNsw+sHIZ7jWe1a+HQ0c0qcXg9eYgWWx2GKkAPgBo85LhOzaROIWIeXC440Vf7OLUkyD5DiLX0p3WMKBEEoryamXlPHx586QKgRgEdCoh1M+oG8LGvaRYzftwXWeqGjKI\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 05:44:54 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d3C3259DFECCBE4AC9C408E1C73F82FA7~YAAQJHYGF/9g/ISEAQAA6FXEvBHEzfmrd8OuADfOxGc/R3N7DGy4ht10es4Zw/rKeEExgjyRinsYvEoCD7JEfp+gXYpoe4rjZgnNqZ8caa9apjl4W4wYOgGvNjBcQLSJC7rO1EDe/4xSElhVHsv0D6oSvJyy4WM8ln2jb6UTyP3cJbNZ2DmYHrf0xkpjNVlj+8MVr11oiUVLFeRAzaUkS0wcvd44/iwg738pzibBjhrNKw++h8VbfL172WXgPXwLJ3crUrTpKtpqVxOK96ZIcACe7hA6vzkxIzm5kOE/deX0gq1ljnMP3MDkJ25P~3551813~3422002; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 09:44:52 GMT; Max-Age\u003d14398; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d100",
    "origin; dur\u003d1763"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
body
{"all_users_entitled":true,"client_id":"18ee4145-ac69-4b92-88d0-5f4cb2e9a9b1","client_id_issued_at":"2022-11-28T05:44:52Z","client_name":"Ristretto Core Conformance Test Dynamic Client One Z4ivoFoGs56mpgu","client_secret":"QHtLgoXXvg","client_secret_expires_at":0,"consent_action":"always_prompt","enforce_pkce":false,"grant_types":["authorization_code","implicit","refresh_token"],"id_token_map":[],"id_token_signed_response_alg":"RS256","initiate_login_uri":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com","jwks":{"keys":[{"use":"sig","kty":"RSA","alg":"RS256","n":"uTZ0oScAqSZSgb-a3Q0_TPJReKOjd_9LZvXQLBbDm4ti-0meoexMPd6BBQppDRGXsvSlBRVdLHp7KI8jEeSJDOaz_tXec8UNOhfqFOJZZC1iLgjq27ifCqe3uda8tBiJVU-QyjK4x3vSTCq8ugHxf9BTEU5XqMZb8t7YW-gDlNJKc_riavQymUpkNCTbJVfdBpi8h79IK9XqvYD7w4oNpYMfnFyynmgkRczAxpdaRo-PIfqG8Iod9SaT60krmqt4uuwhYjNBGHe7AwVBG4mx3bCRBNc9ptTHBQ_rsIhkUP4RH6fkqCj6eFzk18iRyNbBzXVhC_7RiKdPKuXmCyMWuw","e":"AQAB"}]},"redirect_uris":["https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"],"registration_access_token":"1D6-1T6NMTtsJFvQrZrNTn2NS0D0gCf647EZbDa2kos.u9SI10-j8DNndgMoE4xIq5YK44NbqF9AgV6jSfj9gaGhrY6szgsA6dV2kkk3n72ETl_lzF-_txWSBW07-kqmWQ.M18xNjY5NjE0Mjk0XzE4","registration_client_uri":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register/18ee4145-ac69-4b92-88d0-5f4cb2e9a9b1","response_types":["code token"],"token_endpoint_auth_method":"private_key_jwt","token_map":[]}
body_json
{
  "all_users_entitled": true,
  "client_id": "18ee4145-ac69-4b92-88d0-5f4cb2e9a9b1",
  "client_id_issued_at": "2022-11-28T05:44:52Z",
  "client_name": "Ristretto Core Conformance Test Dynamic Client One Z4ivoFoGs56mpgu",
  "client_secret": "QHtLgoXXvg",
  "client_secret_expires_at": 0,
  "consent_action": "always_prompt",
  "enforce_pkce": false,
  "grant_types": [
    "authorization_code",
    "implicit",
    "refresh_token"
  ],
  "id_token_map": [],
  "id_token_signed_response_alg": "RS256",
  "initiate_login_uri": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com",
  "jwks": {
    "keys": [
      {
        "use": "sig",
        "kty": "RSA",
        "alg": "RS256",
        "n": "uTZ0oScAqSZSgb-a3Q0_TPJReKOjd_9LZvXQLBbDm4ti-0meoexMPd6BBQppDRGXsvSlBRVdLHp7KI8jEeSJDOaz_tXec8UNOhfqFOJZZC1iLgjq27ifCqe3uda8tBiJVU-QyjK4x3vSTCq8ugHxf9BTEU5XqMZb8t7YW-gDlNJKc_riavQymUpkNCTbJVfdBpi8h79IK9XqvYD7w4oNpYMfnFyynmgkRczAxpdaRo-PIfqG8Iod9SaT60krmqt4uuwhYjNBGHe7AwVBG4mx3bCRBNc9ptTHBQ_rsIhkUP4RH6fkqCj6eFzk18iRyNbBzXVhC_7RiKdPKuXmCyMWuw",
        "e": "AQAB"
      }
    ]
  },
  "redirect_uris": [
    "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"
  ],
  "registration_access_token": "1D6-1T6NMTtsJFvQrZrNTn2NS0D0gCf647EZbDa2kos.u9SI10-j8DNndgMoE4xIq5YK44NbqF9AgV6jSfj9gaGhrY6szgsA6dV2kkk3n72ETl_lzF-_txWSBW07-kqmWQ.M18xNjY5NjE0Mjk0XzE4",
  "registration_client_uri": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register/18ee4145-ac69-4b92-88d0-5f4cb2e9a9b1",
  "response_types": [
    "code token"
  ],
  "token_endpoint_auth_method": "private_key_jwt",
  "token_map": []
}
2022-11-28 05:44:54 SUCCESS
EnsureContentTypeJson
endpoint_response Content-Type: header is application/json
2022-11-28 05:44:54 SUCCESS
EnsureHttpStatusCodeIs201
dynamic registration endpoint returned the expected http status
expected_status
201
http_status
201
2022-11-28 05:44:54 SUCCESS
CheckNoErrorFromDynamicRegistrationEndpoint
Dynamic registration endpoint did not return an error.
2022-11-28 05:44:54 SUCCESS
ExtractDynamicRegistrationResponse
Extracted client from dynamic registration response
client_id
18ee4145-ac69-4b92-88d0-5f4cb2e9a9b1
2022-11-28 05:44:54 SUCCESS
VerifyClientManagementCredentials
Verified dynamic registration management credentials
registration_client_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register/18ee4145-ac69-4b92-88d0-5f4cb2e9a9b1
registration_access_token
1D6-1T6NMTtsJFvQrZrNTn2NS0D0gCf647EZbDa2kos.u9SI10-j8DNndgMoE4xIq5YK44NbqF9AgV6jSfj9gaGhrY6szgsA6dV2kkk3n72ETl_lzF-_txWSBW07-kqmWQ.M18xNjY5NjE0Mjk0XzE4
2022-11-28 05:44:54
SetScopeInClientConfigurationToOpenId
Set scope in client configuration to "openid"
scope
openid
2022-11-28 05:44:54
SetScopeInClientConfigurationToOpenIdOfflineAccessIfServerSupportsOfflineAccess
scopes supported does not contain 'offline_access' so not adding it to the list of scopes to be requested
scopes_supported
[
  "openid",
  "profile",
  "email",
  "phone",
  "address"
]
2022-11-28 05:44:54 SUCCESS
EnsureServerConfigurationSupportsPrivateKeyJwt
Found supported private_key_jwt method
method
private_key_jwt
2022-11-28 05:44:54
StoreOriginalClient2Configuration
Created original_client_config object from the client configuration.
client_name
Ristretto Core Conformance Test Dynamic Client Two
2022-11-28 05:44:54
ExtractClientNameFromStoredConfig
Extracted client_name from stored client configuration.
client_name
Ristretto Core Conformance Test Dynamic Client Two
2022-11-28 05:44:54 SUCCESS
GenerateRS256ClientJWKs
Generated client JWKs
client_jwks
{
  "keys": [
    {
      "p": "5GkZqTKj4ROw4OnxGcIfT6xT3RHa4IcX-h-3tkmdAL9thpUzv03Bb30pGYev4opcQg11grQCIOD67A63JQnScd6UbV6OhINp8iwz-sL5vi7GbaX49kj4AT0PqNhYAE5b4PuDfiD63Un4FenjVFIJZEdMRNdkIzhMrLVXAX2Wirc",
      "kty": "RSA",
      "q": "nmx0WtYIOrGoE-9d-GxoRowmubRVnBduE6yh-5iMQaVd9A2tr_itSIx0tP4ZNFstMfiyIWimLXwGkSp4Tynx2WwBqVxWf6CU93r7K0fcWkw00N-KzHHsjy7rDClLiiDJNHiKXmAvNL6KozA5qDQX0clinfD_5r4l78PQix8AQeM",
      "d": "dU7sKAZ4bpRjaZkB00NfBtsaOzKK_myY9qNdD6uw4e9S0XH4v6HJaokpA1BzSuiqemEIW1H5akKhxZIxUVb_vB7cvbr5-gXlASWXCdIxPFxBzFrz2yJD8O0ATx0LbCczHHz67wdyI-9098y-z38LMuKejvWsphpwsOVO-AxLc_axQCrbxq_Sk05DyVuAPK52mK6ne6M0CPCWl29W7YTA28XgWe5CiSERQoZdrS7DWC5PJfV4XMOHyLMsYXWmULL7AZU3QRM3psZuq4GwvR8KVu3dVoHDszzFtdnbObbVs9UnSxBANi47qAEoYdqhbNpgQK-pEnFWvBxqyNLtBDAbSQ",
      "e": "AQAB",
      "use": "sig",
      "qi": "oraEwhzlb5bJgP5eivxwAiIK4ryGgHcRFTk7pa5e8QXvMUafkhsMhYJifrqP2pnyUZso7qZCnQAoOmYx-uDashGvE4ZkdAku2Aua6UOSttNKo6lINRMxIb96mWOueJoHx2B8Cr1Rh292vLSQaiKRnnRmrz7KOqRoZEaGng36Hb0",
      "dp": "Mx4eYxJ1QKsSe9N_ZN9f-Im9nw0e6f7x68VrbP1eiMtOrL75fMffEZ92MkN-pnmGmjW-5ch5bXhMT8YfUMe49Ej2-N8fkCKE9HDWFTnLgLehKurpI91Cu6w5s_TvBOqEf35qeDDTU_D495aHjNhrR6j5NbLqs0MnTcOrvCaqKVM",
      "alg": "RS256",
      "dq": "BeN6H7Y88BGSccs_7u_4oEatWdG-LOMiEFEmZDezXu1KpLutbRENP9kYrXGUdkG9WFIqLNu68Y3eoJ63ghnJB4_gL-9it7O8VcaYd29gXWrfu7PTcO37IQdZbUZLrIKzd-PTINbqakd6173_JqVpDT8zDzPaDzWaK2NX6RPp6ok",
      "n": "jVmh_ewtZZW7I-VIIwrrx-fUzYmzlfbnV6tfCyPDtG3vMOz3gdVcnvMXi55RqyCzGL7rJpjNpfg0rcqyED_KeIFFKeq-MejlC25Hq-ypBZupjKG5jyk3o61Hry6ePxoBitcO2FomLaAUqyU5TRO3EsUH_96K54yCcveOMn2S3HYTHm8-JpFS2Ft3L7PcAgkMFT2Zhjfw1FpasBJofY7B5ulgfBJXCFIE2_MmgidqRsIECG-SMvxaNOFuj2Twub7of9bnlrFIdE18CsMGvwwWwfD5sRq3aQtyQ45ExtVALJraF8WBfMxvAu6o9m5yidtGLTl19pgZ4Nlh78NevrV3RQ"
    }
  ]
}
public_client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "alg": "RS256",
      "n": "jVmh_ewtZZW7I-VIIwrrx-fUzYmzlfbnV6tfCyPDtG3vMOz3gdVcnvMXi55RqyCzGL7rJpjNpfg0rcqyED_KeIFFKeq-MejlC25Hq-ypBZupjKG5jyk3o61Hry6ePxoBitcO2FomLaAUqyU5TRO3EsUH_96K54yCcveOMn2S3HYTHm8-JpFS2Ft3L7PcAgkMFT2Zhjfw1FpasBJofY7B5ulgfBJXCFIE2_MmgidqRsIECG-SMvxaNOFuj2Twub7of9bnlrFIdE18CsMGvwwWwfD5sRq3aQtyQ45ExtVALJraF8WBfMxvAu6o9m5yidtGLTl19pgZ4Nlh78NevrV3RQ"
    }
  ]
}
2022-11-28 05:44:54 SUCCESS
CheckDistinctKeyIdValueInClientJWKs
Distinct 'kid' value in all keys of client_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2022-11-28 05:44:54
CreateEmptyDynamicRegistrationRequest
Created empty dynamic registration request
2022-11-28 05:44:54
AddClientNameToDynamicRegistrationRequest
Added client_name to registration request
client_name
Ristretto Core Conformance Test Dynamic Client Two Z4ivoFoGs56mpgu
2022-11-28 05:44:54
AddAuthorizationCodeGrantTypeToDynamicRegistrationRequest
Added 'authorization_code' to 'grant_types'
grant_types
[
  "authorization_code"
]
2022-11-28 05:44:54
AddImplicitGrantTypeToDynamicRegistrationRequest
Added 'implicit' to 'grant_types'
grant_types
[
  "authorization_code",
  "implicit"
]
2022-11-28 05:44:54
AddPublicJwksToDynamicRegistrationRequest
Added client public JWKS to dynamic registration request
dynamic_registration_request
{
  "client_name": "Ristretto Core Conformance Test Dynamic Client Two Z4ivoFoGs56mpgu",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "jVmh_ewtZZW7I-VIIwrrx-fUzYmzlfbnV6tfCyPDtG3vMOz3gdVcnvMXi55RqyCzGL7rJpjNpfg0rcqyED_KeIFFKeq-MejlC25Hq-ypBZupjKG5jyk3o61Hry6ePxoBitcO2FomLaAUqyU5TRO3EsUH_96K54yCcveOMn2S3HYTHm8-JpFS2Ft3L7PcAgkMFT2Zhjfw1FpasBJofY7B5ulgfBJXCFIE2_MmgidqRsIECG-SMvxaNOFuj2Twub7of9bnlrFIdE18CsMGvwwWwfD5sRq3aQtyQ45ExtVALJraF8WBfMxvAu6o9m5yidtGLTl19pgZ4Nlh78NevrV3RQ"
      }
    ]
  }
}
2022-11-28 05:44:54
AddTokenEndpointAuthMethodToDynamicRegistrationRequestFromEnvironment
Added token endpoint auth method to dynamic registration request
dynamic_registration_request
{
  "client_name": "Ristretto Core Conformance Test Dynamic Client Two Z4ivoFoGs56mpgu",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "jVmh_ewtZZW7I-VIIwrrx-fUzYmzlfbnV6tfCyPDtG3vMOz3gdVcnvMXi55RqyCzGL7rJpjNpfg0rcqyED_KeIFFKeq-MejlC25Hq-ypBZupjKG5jyk3o61Hry6ePxoBitcO2FomLaAUqyU5TRO3EsUH_96K54yCcveOMn2S3HYTHm8-JpFS2Ft3L7PcAgkMFT2Zhjfw1FpasBJofY7B5ulgfBJXCFIE2_MmgidqRsIECG-SMvxaNOFuj2Twub7of9bnlrFIdE18CsMGvwwWwfD5sRq3aQtyQ45ExtVALJraF8WBfMxvAu6o9m5yidtGLTl19pgZ4Nlh78NevrV3RQ"
      }
    ]
  },
  "token_endpoint_auth_method": "private_key_jwt"
}
2022-11-28 05:44:54
AddResponseTypesArrayToDynamicRegistrationRequestFromEnvironment
Added response_types array to dynamic registration request
dynamic_registration_request
{
  "client_name": "Ristretto Core Conformance Test Dynamic Client Two Z4ivoFoGs56mpgu",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "jVmh_ewtZZW7I-VIIwrrx-fUzYmzlfbnV6tfCyPDtG3vMOz3gdVcnvMXi55RqyCzGL7rJpjNpfg0rcqyED_KeIFFKeq-MejlC25Hq-ypBZupjKG5jyk3o61Hry6ePxoBitcO2FomLaAUqyU5TRO3EsUH_96K54yCcveOMn2S3HYTHm8-JpFS2Ft3L7PcAgkMFT2Zhjfw1FpasBJofY7B5ulgfBJXCFIE2_MmgidqRsIECG-SMvxaNOFuj2Twub7of9bnlrFIdE18CsMGvwwWwfD5sRq3aQtyQ45ExtVALJraF8WBfMxvAu6o9m5yidtGLTl19pgZ4Nlh78NevrV3RQ"
      }
    ]
  },
  "token_endpoint_auth_method": "private_key_jwt",
  "response_types": [
    "code token"
  ]
}
2022-11-28 05:44:54
AddRedirectUriToDynamicRegistrationRequest
Added redirect_uris array to dynamic registration request
dynamic_registration_request
{
  "client_name": "Ristretto Core Conformance Test Dynamic Client Two Z4ivoFoGs56mpgu",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "jVmh_ewtZZW7I-VIIwrrx-fUzYmzlfbnV6tfCyPDtG3vMOz3gdVcnvMXi55RqyCzGL7rJpjNpfg0rcqyED_KeIFFKeq-MejlC25Hq-ypBZupjKG5jyk3o61Hry6ePxoBitcO2FomLaAUqyU5TRO3EsUH_96K54yCcveOMn2S3HYTHm8-JpFS2Ft3L7PcAgkMFT2Zhjfw1FpasBJofY7B5ulgfBJXCFIE2_MmgidqRsIECG-SMvxaNOFuj2Twub7of9bnlrFIdE18CsMGvwwWwfD5sRq3aQtyQ45ExtVALJraF8WBfMxvAu6o9m5yidtGLTl19pgZ4Nlh78NevrV3RQ"
      }
    ]
  },
  "token_endpoint_auth_method": "private_key_jwt",
  "response_types": [
    "code token"
  ],
  "redirect_uris": [
    "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"
  ]
}
2022-11-28 05:44:54
AddContactsToDynamicRegistrationRequest
Added contacts array to dynamic registration request
dynamic_registration_request
{
  "client_name": "Ristretto Core Conformance Test Dynamic Client Two Z4ivoFoGs56mpgu",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "jVmh_ewtZZW7I-VIIwrrx-fUzYmzlfbnV6tfCyPDtG3vMOz3gdVcnvMXi55RqyCzGL7rJpjNpfg0rcqyED_KeIFFKeq-MejlC25Hq-ypBZupjKG5jyk3o61Hry6ePxoBitcO2FomLaAUqyU5TRO3EsUH_96K54yCcveOMn2S3HYTHm8-JpFS2Ft3L7PcAgkMFT2Zhjfw1FpasBJofY7B5ulgfBJXCFIE2_MmgidqRsIECG-SMvxaNOFuj2Twub7of9bnlrFIdE18CsMGvwwWwfD5sRq3aQtyQ45ExtVALJraF8WBfMxvAu6o9m5yidtGLTl19pgZ4Nlh78NevrV3RQ"
      }
    ]
  },
  "token_endpoint_auth_method": "private_key_jwt",
  "response_types": [
    "code token"
  ],
  "redirect_uris": [
    "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"
  ],
  "contacts": [
    "certification@oidf.org"
  ]
}
2022-11-28 05:44:54
AddRefreshTokenGrantTypeToDynamicRegistrationRequest
Added 'refresh_token' to 'grant_types'
grant_types
[
  "authorization_code",
  "implicit",
  "refresh_token"
]
2022-11-28 05:44:54
CallDynamicRegistrationEndpoint
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register
request_method
POST
request_headers
{
  "accept": "application/json",
  "accept-charset": "utf-8",
  "content-type": "application/json",
  "content-length": "778"
}
request_body
{"client_name":"Ristretto Core Conformance Test Dynamic Client Two Z4ivoFoGs56mpgu","grant_types":["authorization_code","implicit","refresh_token"],"jwks":{"keys":[{"kty":"RSA","e":"AQAB","use":"sig","alg":"RS256","n":"jVmh_ewtZZW7I-VIIwrrx-fUzYmzlfbnV6tfCyPDtG3vMOz3gdVcnvMXi55RqyCzGL7rJpjNpfg0rcqyED_KeIFFKeq-MejlC25Hq-ypBZupjKG5jyk3o61Hry6ePxoBitcO2FomLaAUqyU5TRO3EsUH_96K54yCcveOMn2S3HYTHm8-JpFS2Ft3L7PcAgkMFT2Zhjfw1FpasBJofY7B5ulgfBJXCFIE2_MmgidqRsIECG-SMvxaNOFuj2Twub7of9bnlrFIdE18CsMGvwwWwfD5sRq3aQtyQ45ExtVALJraF8WBfMxvAu6o9m5yidtGLTl19pgZ4Nlh78NevrV3RQ"}]},"token_endpoint_auth_method":"private_key_jwt","response_types":["code token"],"redirect_uris":["https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"],"contacts":["certification@oidf.org"]}
2022-11-28 05:44:56 RESPONSE
CallDynamicRegistrationEndpoint
HTTP response
response_status_code
201 CREATED
response_status_text
Created
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK77b26e1e-d53c-4e85-b863-9e11abade1bb",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c28163844ad60830ae7d",
  "content-length": "1446",
  "date": "Mon, 28 Nov 2022 05:44:56 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:/dtws5Z9WUyuu9WSkmsUhz87qUB4uBoI3VIzRQKDfkU\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:61017047; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003dF659EB830391ED561A57B1B8DE95D951~-1~YAAQJHYGFw5h/ISEAQAAJV/EvAiZ5CbQVeILErm+cyeZYQWj9hSnQTWj7Vtb/Xa12Vto7N0r+eUmKy1+OzbHpN2qY5L8t2kdM4K7/9Z3Mx2/iUHo/P+sL+MKnHU8e+88FOheiUzTUtCb6qRBbBJy7Z7/mtd2Kx358i4laYICjWwdOlPhMEn7qhDWFFz/T9NdCYXtXaVxdhchTbabdl1IPvPE/KxyvTiJLyDgKMMfp5LfFFKL/xpP+z5pAM8/p123qoute4mjXDfayVx3kgA/poREhsXDZAjO6qDyzbl6mMN1ZZv6O5y0VJoRqTUBTWJYN2v0urHrX4IDsvuLDzLgJQMWMEmH4Bg/kOXHmYxnez1fx29QXbUku2Q+1yuutLsSrfhPr1s\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 05:44:56 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d7F0D12AB305F280F1700CE3C3A0B94C5~YAAQJHYGFw9h/ISEAQAAJV/EvBGjBsKvaNbTDSon2bk4OCe3rPNg99h1S0wi8wrjlDEbN932hkz9OMzd+gePl35HzjfCoe0Gd7l/BYBolMKcp4wNz5VZVUyPLY5UUGMbzdH8eNoRNKr4YwXb7TXgrAySh/bG0oCRmnm+v1x2iRO7DwI4gRwCe/4TtoWuj4vdn+r1UHg5+FFmxsxbt4aJP0kHF83CMAs4eImtO5P/Cr180uEGKB4HjKv7wZg3hOWvd7E/dCm8pmcAl9vEaV34Y4cKyW77WhVyHydZu6MYKZGFmSSXNoClWIGMHm93~3556916~3748166; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 09:44:54 GMT; Max-Age\u003d14398; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d98",
    "origin; dur\u003d2086"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"all_users_entitled":true,"client_id":"2c654440-2106-442c-972b-01b364e58331","client_id_issued_at":"2022-11-28T05:44:54Z","client_name":"Ristretto Core Conformance Test Dynamic Client Two Z4ivoFoGs56mpgu","client_secret":"6LR3qBLbWG","client_secret_expires_at":0,"consent_action":"always_prompt","enforce_pkce":false,"grant_types":["authorization_code","implicit","refresh_token"],"id_token_map":[],"id_token_signed_response_alg":"RS256","initiate_login_uri":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com","jwks":{"keys":[{"use":"sig","kty":"RSA","alg":"RS256","n":"jVmh_ewtZZW7I-VIIwrrx-fUzYmzlfbnV6tfCyPDtG3vMOz3gdVcnvMXi55RqyCzGL7rJpjNpfg0rcqyED_KeIFFKeq-MejlC25Hq-ypBZupjKG5jyk3o61Hry6ePxoBitcO2FomLaAUqyU5TRO3EsUH_96K54yCcveOMn2S3HYTHm8-JpFS2Ft3L7PcAgkMFT2Zhjfw1FpasBJofY7B5ulgfBJXCFIE2_MmgidqRsIECG-SMvxaNOFuj2Twub7of9bnlrFIdE18CsMGvwwWwfD5sRq3aQtyQ45ExtVALJraF8WBfMxvAu6o9m5yidtGLTl19pgZ4Nlh78NevrV3RQ","e":"AQAB"}]},"redirect_uris":["https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"],"registration_access_token":"jT2dbP3JvaW8cBR4Njx1P0Yg119GvlUUTsP9FojcVBY.nyn-QtpdPXOJTmsUi7CevMLmpLs5IdEV0nsfcw5PTBTxgD5VcyTCCpDT2VBa8lNG_poK1c5hZXPeVZDrlUgGEw.M18xNjY5NjE0Mjk2XzE4","registration_client_uri":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register/2c654440-2106-442c-972b-01b364e58331","response_types":["code token"],"token_endpoint_auth_method":"private_key_jwt","token_map":[]}
2022-11-28 05:44:56
CallDynamicRegistrationEndpoint
Parsed registration endpoint response
status
201
endpoint_name
dynamic registration
headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK77b26e1e-d53c-4e85-b863-9e11abade1bb",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c28163844ad60830ae7d",
  "content-length": "1446",
  "date": "Mon, 28 Nov 2022 05:44:56 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:/dtws5Z9WUyuu9WSkmsUhz87qUB4uBoI3VIzRQKDfkU\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:61017047; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003dF659EB830391ED561A57B1B8DE95D951~-1~YAAQJHYGFw5h/ISEAQAAJV/EvAiZ5CbQVeILErm+cyeZYQWj9hSnQTWj7Vtb/Xa12Vto7N0r+eUmKy1+OzbHpN2qY5L8t2kdM4K7/9Z3Mx2/iUHo/P+sL+MKnHU8e+88FOheiUzTUtCb6qRBbBJy7Z7/mtd2Kx358i4laYICjWwdOlPhMEn7qhDWFFz/T9NdCYXtXaVxdhchTbabdl1IPvPE/KxyvTiJLyDgKMMfp5LfFFKL/xpP+z5pAM8/p123qoute4mjXDfayVx3kgA/poREhsXDZAjO6qDyzbl6mMN1ZZv6O5y0VJoRqTUBTWJYN2v0urHrX4IDsvuLDzLgJQMWMEmH4Bg/kOXHmYxnez1fx29QXbUku2Q+1yuutLsSrfhPr1s\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 05:44:56 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d7F0D12AB305F280F1700CE3C3A0B94C5~YAAQJHYGFw9h/ISEAQAAJV/EvBGjBsKvaNbTDSon2bk4OCe3rPNg99h1S0wi8wrjlDEbN932hkz9OMzd+gePl35HzjfCoe0Gd7l/BYBolMKcp4wNz5VZVUyPLY5UUGMbzdH8eNoRNKr4YwXb7TXgrAySh/bG0oCRmnm+v1x2iRO7DwI4gRwCe/4TtoWuj4vdn+r1UHg5+FFmxsxbt4aJP0kHF83CMAs4eImtO5P/Cr180uEGKB4HjKv7wZg3hOWvd7E/dCm8pmcAl9vEaV34Y4cKyW77WhVyHydZu6MYKZGFmSSXNoClWIGMHm93~3556916~3748166; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 09:44:54 GMT; Max-Age\u003d14398; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d98",
    "origin; dur\u003d2086"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
body
{"all_users_entitled":true,"client_id":"2c654440-2106-442c-972b-01b364e58331","client_id_issued_at":"2022-11-28T05:44:54Z","client_name":"Ristretto Core Conformance Test Dynamic Client Two Z4ivoFoGs56mpgu","client_secret":"6LR3qBLbWG","client_secret_expires_at":0,"consent_action":"always_prompt","enforce_pkce":false,"grant_types":["authorization_code","implicit","refresh_token"],"id_token_map":[],"id_token_signed_response_alg":"RS256","initiate_login_uri":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com","jwks":{"keys":[{"use":"sig","kty":"RSA","alg":"RS256","n":"jVmh_ewtZZW7I-VIIwrrx-fUzYmzlfbnV6tfCyPDtG3vMOz3gdVcnvMXi55RqyCzGL7rJpjNpfg0rcqyED_KeIFFKeq-MejlC25Hq-ypBZupjKG5jyk3o61Hry6ePxoBitcO2FomLaAUqyU5TRO3EsUH_96K54yCcveOMn2S3HYTHm8-JpFS2Ft3L7PcAgkMFT2Zhjfw1FpasBJofY7B5ulgfBJXCFIE2_MmgidqRsIECG-SMvxaNOFuj2Twub7of9bnlrFIdE18CsMGvwwWwfD5sRq3aQtyQ45ExtVALJraF8WBfMxvAu6o9m5yidtGLTl19pgZ4Nlh78NevrV3RQ","e":"AQAB"}]},"redirect_uris":["https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"],"registration_access_token":"jT2dbP3JvaW8cBR4Njx1P0Yg119GvlUUTsP9FojcVBY.nyn-QtpdPXOJTmsUi7CevMLmpLs5IdEV0nsfcw5PTBTxgD5VcyTCCpDT2VBa8lNG_poK1c5hZXPeVZDrlUgGEw.M18xNjY5NjE0Mjk2XzE4","registration_client_uri":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register/2c654440-2106-442c-972b-01b364e58331","response_types":["code token"],"token_endpoint_auth_method":"private_key_jwt","token_map":[]}
body_json
{
  "all_users_entitled": true,
  "client_id": "2c654440-2106-442c-972b-01b364e58331",
  "client_id_issued_at": "2022-11-28T05:44:54Z",
  "client_name": "Ristretto Core Conformance Test Dynamic Client Two Z4ivoFoGs56mpgu",
  "client_secret": "6LR3qBLbWG",
  "client_secret_expires_at": 0,
  "consent_action": "always_prompt",
  "enforce_pkce": false,
  "grant_types": [
    "authorization_code",
    "implicit",
    "refresh_token"
  ],
  "id_token_map": [],
  "id_token_signed_response_alg": "RS256",
  "initiate_login_uri": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com",
  "jwks": {
    "keys": [
      {
        "use": "sig",
        "kty": "RSA",
        "alg": "RS256",
        "n": "jVmh_ewtZZW7I-VIIwrrx-fUzYmzlfbnV6tfCyPDtG3vMOz3gdVcnvMXi55RqyCzGL7rJpjNpfg0rcqyED_KeIFFKeq-MejlC25Hq-ypBZupjKG5jyk3o61Hry6ePxoBitcO2FomLaAUqyU5TRO3EsUH_96K54yCcveOMn2S3HYTHm8-JpFS2Ft3L7PcAgkMFT2Zhjfw1FpasBJofY7B5ulgfBJXCFIE2_MmgidqRsIECG-SMvxaNOFuj2Twub7of9bnlrFIdE18CsMGvwwWwfD5sRq3aQtyQ45ExtVALJraF8WBfMxvAu6o9m5yidtGLTl19pgZ4Nlh78NevrV3RQ",
        "e": "AQAB"
      }
    ]
  },
  "redirect_uris": [
    "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"
  ],
  "registration_access_token": "jT2dbP3JvaW8cBR4Njx1P0Yg119GvlUUTsP9FojcVBY.nyn-QtpdPXOJTmsUi7CevMLmpLs5IdEV0nsfcw5PTBTxgD5VcyTCCpDT2VBa8lNG_poK1c5hZXPeVZDrlUgGEw.M18xNjY5NjE0Mjk2XzE4",
  "registration_client_uri": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register/2c654440-2106-442c-972b-01b364e58331",
  "response_types": [
    "code token"
  ],
  "token_endpoint_auth_method": "private_key_jwt",
  "token_map": []
}
2022-11-28 05:44:56 SUCCESS
EnsureContentTypeJson
endpoint_response Content-Type: header is application/json
2022-11-28 05:44:56 SUCCESS
EnsureHttpStatusCodeIs201
dynamic registration endpoint returned the expected http status
expected_status
201
http_status
201
2022-11-28 05:44:56 SUCCESS
CheckNoErrorFromDynamicRegistrationEndpoint
Dynamic registration endpoint did not return an error.
2022-11-28 05:44:56 SUCCESS
ExtractDynamicRegistrationResponse
Extracted client from dynamic registration response
client_id
2c654440-2106-442c-972b-01b364e58331
2022-11-28 05:44:56 SUCCESS
VerifyClientManagementCredentials
Verified dynamic registration management credentials
registration_client_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register/2c654440-2106-442c-972b-01b364e58331
registration_access_token
jT2dbP3JvaW8cBR4Njx1P0Yg119GvlUUTsP9FojcVBY.nyn-QtpdPXOJTmsUi7CevMLmpLs5IdEV0nsfcw5PTBTxgD5VcyTCCpDT2VBa8lNG_poK1c5hZXPeVZDrlUgGEw.M18xNjY5NjE0Mjk2XzE4
2022-11-28 05:44:56
SetScopeInClientConfigurationToOpenId
Set scope in client configuration to "openid"
scope
openid
2022-11-28 05:44:56
SetScopeInClientConfigurationToOpenIdOfflineAccessIfServerSupportsOfflineAccess
scopes supported does not contain 'offline_access' so not adding it to the list of scopes to be requested
scopes_supported
[
  "openid",
  "profile",
  "email",
  "phone",
  "address"
]
2022-11-28 05:44:56 SUCCESS
EnsureServerConfigurationSupportsPrivateKeyJwt
Found supported private_key_jwt method
method
private_key_jwt
2022-11-28 05:44:56 SUCCESS
SetProtectedResourceUrlToUserInfoEndpoint
userinfo_endpoint will be used to test access token. The user info is not a mandatory to implement feature in the OpenID Connect specification, but is mandatory for certification.
protected_resource_url
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/userinfo
2022-11-28 05:44:56
oidcc-refresh-token
Setup Done
Make request to authorization endpoint
2022-11-28 05:44:56 SUCCESS
CreateAuthorizationEndpointRequestFromClientInformation
Created authorization endpoint request
client_id
18ee4145-ac69-4b92-88d0-5f4cb2e9a9b1
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
scope
openid
2022-11-28 05:44:56
CreateRandomStateValue
Created state value
requested_state_length
10
state
KNbAWDeWeE
2022-11-28 05:44:56 SUCCESS
AddStateToAuthorizationEndpointRequest
Added state parameter to request
client_id
18ee4145-ac69-4b92-88d0-5f4cb2e9a9b1
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
scope
openid
state
KNbAWDeWeE
2022-11-28 05:44:56
CreateRandomNonceValue
Created nonce value
requested_nonce_length
10
nonce
KdGubpuGI6
2022-11-28 05:44:56 SUCCESS
AddNonceToAuthorizationEndpointRequest
Added nonce parameter to request
client_id
18ee4145-ac69-4b92-88d0-5f4cb2e9a9b1
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
scope
openid
state
KNbAWDeWeE
nonce
KdGubpuGI6
2022-11-28 05:44:56 SUCCESS
SetAuthorizationEndpointRequestResponseTypeFromEnvironment
Added response_type parameter to request
client_id
18ee4145-ac69-4b92-88d0-5f4cb2e9a9b1
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
scope
openid
state
KNbAWDeWeE
nonce
KdGubpuGI6
response_type
code token
2022-11-28 05:44:56 SUCCESS
AddPromptConsentToAuthorizationEndpointRequestIfScopeContainsOfflineAccess
Not adding prompt=consent as the scope in the configuration does not contain offline_access
2022-11-28 05:44:56 SUCCESS
BuildPlainRedirectToAuthorizationEndpoint
Sending to authorization endpoint
auth_request
{
  "client_id": "18ee4145-ac69-4b92-88d0-5f4cb2e9a9b1",
  "redirect_uri": "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback",
  "scope": "openid",
  "state": "KNbAWDeWeE",
  "nonce": "KdGubpuGI6",
  "response_type": "code token"
}
redirect_to_authorization_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/authorize?client_id=18ee4145-ac69-4b92-88d0-5f4cb2e9a9b1&redirect_uri=https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback&scope=openid&state=KNbAWDeWeE&nonce=KdGubpuGI6&response_type=code%20token
2022-11-28 05:44:56 REDIRECT
oidcc-refresh-token
Redirecting to authorization endpoint
redirect_to
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/authorize?client_id=18ee4145-ac69-4b92-88d0-5f4cb2e9a9b1&redirect_uri=https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback&scope=openid&state=KNbAWDeWeE&nonce=KdGubpuGI6&response_type=code%20token
2022-11-28 05:45:08 INCOMING
oidcc-refresh-token
Incoming HTTP request to /test/a/isv_op_oidc_core_test/callback
incoming_headers
{
  "host": "www.certification.openid.net",
  "cache-control": "max-age\u003d0",
  "upgrade-insecure-requests": "1",
  "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,image/avif,image/webp,image/apng,*/*;q\u003d0.8,application/signed-exchange;v\u003db3;q\u003d0.9",
  "sec-fetch-site": "cross-site",
  "sec-fetch-mode": "navigate",
  "sec-fetch-user": "?1",
  "sec-fetch-dest": "document",
  "sec-ch-ua": "\"Google Chrome\";v\u003d\"107\", \"Chromium\";v\u003d\"107\", \"Not\u003dA?Brand\";v\u003d\"24\"",
  "sec-ch-ua-mobile": "?0",
  "sec-ch-ua-platform": "\"Windows\"",
  "referer": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-US,en;q\u003d0.9,zh-CN;q\u003d0.8,zh;q\u003d0.7",
  "cookie": "__utmc\u003d201319536; __utma\u003d201319536.1094656506.1667372526.1669192421.1669574146.18; __utmz\u003d201319536.1669574146.18.4.utmcsr\u003dgoogle|utmccn\u003d(organic)|utmcmd\u003dorganic|utmctr\u003d(not%20provided); JSESSIONID\u003d3F138883B59A4562B9987C6E0F96FA4F",
  "connection": "close"
}
incoming_path
/test/a/isv_op_oidc_core_test/callback
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cert
incoming_query_string_params
{}
incoming_body
incoming_tls_chain
[
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL"
]
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_body_json
2022-11-28 05:45:08 SUCCESS
CreateRandomImplicitSubmitUrl
Created random implicit submission URL
implicit_submit
{
  "path": "implicit/VZu7CfUNJXGCJOziftMY",
  "fullUrl": "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/implicit/VZu7CfUNJXGCJOziftMY"
}
2022-11-28 05:45:08 OUTGOING
oidcc-refresh-token
Response to HTTP request to test instance Z4ivoFoGs56mpgu
outgoing
ModelAndView [view="implicitCallback"; model={implicitSubmitUrl=https://www.certification.openid.net/test/a/isv_op_oidc_core_test/implicit/VZu7CfUNJXGCJOziftMY, returnUrl=/log-detail.html?log=Z4ivoFoGs56mpgu}]
outgoing_path
callback
2022-11-28 05:45:22 INCOMING
oidcc-refresh-token
Incoming HTTP request to /test/a/isv_op_oidc_core_test/implicit/VZu7CfUNJXGCJOziftMY
incoming_headers
{
  "host": "www.certification.openid.net",
  "sec-ch-ua": "\"Google Chrome\";v\u003d\"107\", \"Chromium\";v\u003d\"107\", \"Not\u003dA?Brand\";v\u003d\"24\"",
  "accept": "*/*",
  "content-type": "text/plain",
  "x-requested-with": "XMLHttpRequest",
  "sec-ch-ua-mobile": "?0",
  "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36",
  "sec-ch-ua-platform": "\"Windows\"",
  "origin": "https://www.certification.openid.net",
  "sec-fetch-site": "same-origin",
  "sec-fetch-mode": "cors",
  "sec-fetch-dest": "empty",
  "referer": "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-US,en;q\u003d0.9,zh-CN;q\u003d0.8,zh;q\u003d0.7",
  "cookie": "__utmc\u003d201319536; __utma\u003d201319536.1094656506.1667372526.1669192421.1669574146.18; __utmz\u003d201319536.1669574146.18.4.utmcsr\u003dgoogle|utmccn\u003d(organic)|utmcmd\u003dorganic|utmctr\u003d(not%20provided); JSESSIONID\u003d3F138883B59A4562B9987C6E0F96FA4F",
  "connection": "close",
  "content-length": "441"
}
incoming_path
/test/a/isv_op_oidc_core_test/implicit/VZu7CfUNJXGCJOziftMY
incoming_body_form_params
incoming_method
POST
incoming_tls_version
TLSv1.2
incoming_tls_cert
incoming_query_string_params
{}
incoming_body
#access_token=fztyEjD6EWnfRvWkcCdrpnpKHbuR4uqSCXx__mv31As.-sFpRoVS_80djtg58kz_8lXBv7MTxw27EYzlCKqU7pW7Y9wem3ZSICJComu_L1bZKrwKaauAfLpQUX-OeyqchQ.M18xNjY5NjE0MzA3XzE4&code=f8_jUiKrydIDSZ7RcyEZoQxLJOizPQrd0jk56l1GwFM.q_DQLXGKdw5jwJ8OMeTqOAskCAlBKLOf3ggUzxlcTF_KYvFuYFqz0m-nq5HtbXER7YVoKE7dVOpD_jZnKB1Vfw&expires_in=7200&iss=https%3A%2F%2Foidc-conformance.rel.verify.ibmcloudsecurity.com%2Foauth2&scope=openid&state=KNbAWDeWeE&token_type=bearer
incoming_tls_chain
[
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL"
]
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_body_json
2022-11-28 05:45:22 OUTGOING
oidcc-refresh-token
Response to HTTP request to test instance Z4ivoFoGs56mpgu
outgoing_status_code
204
outgoing_headers
{}
outgoing_body

                                
outgoing_path
implicit/VZu7CfUNJXGCJOziftMY
2022-11-28 05:45:22
ExtractImplicitHashToCallbackResponse
Extracted response from URL fragment
parameters
[
  {
    "name": "access_token",
    "value": "fztyEjD6EWnfRvWkcCdrpnpKHbuR4uqSCXx__mv31As.-sFpRoVS_80djtg58kz_8lXBv7MTxw27EYzlCKqU7pW7Y9wem3ZSICJComu_L1bZKrwKaauAfLpQUX-OeyqchQ.M18xNjY5NjE0MzA3XzE4"
  },
  {
    "name": "code",
    "value": "f8_jUiKrydIDSZ7RcyEZoQxLJOizPQrd0jk56l1GwFM.q_DQLXGKdw5jwJ8OMeTqOAskCAlBKLOf3ggUzxlcTF_KYvFuYFqz0m-nq5HtbXER7YVoKE7dVOpD_jZnKB1Vfw"
  },
  {
    "name": "expires_in",
    "value": "7200"
  },
  {
    "name": "iss",
    "value": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2"
  },
  {
    "name": "scope",
    "value": "openid"
  },
  {
    "name": "state",
    "value": "KNbAWDeWeE"
  },
  {
    "name": "token_type",
    "value": "bearer"
  }
]
2022-11-28 05:45:22 SUCCESS
ExtractImplicitHashToCallbackResponse
Extracted the hash values
access_token
fztyEjD6EWnfRvWkcCdrpnpKHbuR4uqSCXx__mv31As.-sFpRoVS_80djtg58kz_8lXBv7MTxw27EYzlCKqU7pW7Y9wem3ZSICJComu_L1bZKrwKaauAfLpQUX-OeyqchQ.M18xNjY5NjE0MzA3XzE4
code
f8_jUiKrydIDSZ7RcyEZoQxLJOizPQrd0jk56l1GwFM.q_DQLXGKdw5jwJ8OMeTqOAskCAlBKLOf3ggUzxlcTF_KYvFuYFqz0m-nq5HtbXER7YVoKE7dVOpD_jZnKB1Vfw
expires_in
7200
iss
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2
scope
openid
state
KNbAWDeWeE
token_type
bearer
2022-11-28 05:45:22 REDIRECT-IN
oidcc-refresh-token
Authorization endpoint response captured
url_query
{}
headers
{
  "host": "www.certification.openid.net",
  "cache-control": "max-age\u003d0",
  "upgrade-insecure-requests": "1",
  "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,image/avif,image/webp,image/apng,*/*;q\u003d0.8,application/signed-exchange;v\u003db3;q\u003d0.9",
  "sec-fetch-site": "cross-site",
  "sec-fetch-mode": "navigate",
  "sec-fetch-user": "?1",
  "sec-fetch-dest": "document",
  "sec-ch-ua": "\"Google Chrome\";v\u003d\"107\", \"Chromium\";v\u003d\"107\", \"Not\u003dA?Brand\";v\u003d\"24\"",
  "sec-ch-ua-mobile": "?0",
  "sec-ch-ua-platform": "\"Windows\"",
  "referer": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-US,en;q\u003d0.9,zh-CN;q\u003d0.8,zh;q\u003d0.7",
  "cookie": "__utmc\u003d201319536; __utma\u003d201319536.1094656506.1667372526.1669192421.1669574146.18; __utmz\u003d201319536.1669574146.18.4.utmcsr\u003dgoogle|utmccn\u003d(organic)|utmcmd\u003dorganic|utmctr\u003d(not%20provided); JSESSIONID\u003d3F138883B59A4562B9987C6E0F96FA4F",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "x-forwarded-proto": "https",
  "x-forwarded-port": "443",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
http_method
GET
url_fragment
{
  "access_token": "fztyEjD6EWnfRvWkcCdrpnpKHbuR4uqSCXx__mv31As.-sFpRoVS_80djtg58kz_8lXBv7MTxw27EYzlCKqU7pW7Y9wem3ZSICJComu_L1bZKrwKaauAfLpQUX-OeyqchQ.M18xNjY5NjE0MzA3XzE4",
  "code": "f8_jUiKrydIDSZ7RcyEZoQxLJOizPQrd0jk56l1GwFM.q_DQLXGKdw5jwJ8OMeTqOAskCAlBKLOf3ggUzxlcTF_KYvFuYFqz0m-nq5HtbXER7YVoKE7dVOpD_jZnKB1Vfw",
  "expires_in": "7200",
  "iss": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "scope": "openid",
  "state": "KNbAWDeWeE",
  "token_type": "bearer"
}
post_body
Verify authorization endpoint response
2022-11-28 05:45:22 SUCCESS
RejectAuthCodeInUrlQuery
Authorization code is not present in URL query returned from authorization endpoint
2022-11-28 05:45:22 SUCCESS
RejectErrorInUrlQuery
'error' is not present in URL query returned from authorization endpoint
2022-11-28 05:45:22 SUCCESS
CheckMatchingCallbackParameters
Callback parameters successfully verified
2022-11-28 05:45:22 SUCCESS
ValidateIssInAuthorizationResponse
'iss' parameter in authorization response matches server's issuer value.
2022-11-28 05:45:22 SUCCESS
CheckIfAuthorizationEndpointError
No error from authorization endpoint
2022-11-28 05:45:22 SUCCESS
CheckStateInAuthorizationResponse
State in response correctly returned
state
KNbAWDeWeE
2022-11-28 05:45:22 SUCCESS
ExtractAuthorizationCodeFromAuthorizationResponse
Found authorization code
code
f8_jUiKrydIDSZ7RcyEZoQxLJOizPQrd0jk56l1GwFM.q_DQLXGKdw5jwJ8OMeTqOAskCAlBKLOf3ggUzxlcTF_KYvFuYFqz0m-nq5HtbXER7YVoKE7dVOpD_jZnKB1Vfw
2022-11-28 05:45:22 SUCCESS
ExtractAccessTokenFromAuthorizationResponse
Extracted the access token
value
fztyEjD6EWnfRvWkcCdrpnpKHbuR4uqSCXx__mv31As.-sFpRoVS_80djtg58kz_8lXBv7MTxw27EYzlCKqU7pW7Y9wem3ZSICJComu_L1bZKrwKaauAfLpQUX-OeyqchQ.M18xNjY5NjE0MzA3XzE4
type
bearer
Userinfo endpoint tests
2022-11-28 05:45:22
CallProtectedResource
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/userinfo
request_method
GET
request_headers
{
  "accept": "application/json",
  "authorization": "bearer fztyEjD6EWnfRvWkcCdrpnpKHbuR4uqSCXx__mv31As.-sFpRoVS_80djtg58kz_8lXBv7MTxw27EYzlCKqU7pW7Y9wem3ZSICJComu_L1bZKrwKaauAfLpQUX-OeyqchQ.M18xNjY5NjE0MzA3XzE4",
  "content-length": "0"
}
request_body

                                
2022-11-28 05:45:22 RESPONSE
CallProtectedResource
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK78eb3255-315c-4e94-89c3-de2eeaa78be1",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c28163844af221aea8c5",
  "content-length": "324",
  "date": "Mon, 28 Nov 2022 05:45:22 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:j2iwXB9Bk3Jhqz++WGRS5ljgN1zh2ZAMuYG0Pcl9PlI\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:54725591; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003dB5FEA4C5E4FDECD79C5F068EAF221B69~-1~YAAQBmrcFzeICImEAQAAJMXEvAj57cLj9FUNVYTfgEbaSKEPMJsNqZfw3tleiO1SVB7qur8XR1Uxo5NAVrAqBHEQ9JhXHdw/iTIhsziXhpxgFjREPIpcxSe5wHqYKzUOJ8Se9LzswehT8b+sxi0Xr/0UGILk96zcDe/DbfBqeQCX8x6zK2OYJOb/dT6IDB6SBva/qY+HS5NmrgPiyUg29UNRe90Wmqnb6jPgMsp03bvvVzjSqGk1bNwL00hWJK7T9YQjZhu1rHMbUeLkFmew7+P4k1Vb0M128qhYBFV7WSWteMpwSEvCtcslpR10e+eWmnZ2oppJU+JY5AdvcTwQy/Oc5Z41gpOGdVLCZHcNUzFMsa0GMNXmha6K9V2T6T0plDeeOBM\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 05:45:22 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d48D2535D81481E331ED1DBA30D55B1F8~YAAQBmrcFziICImEAQAAJMXEvBHRc5xQ2QR/j1jho+0mWQ5RukPN4rrkLpuqm5JCtekK5degOgcZKsKIOaxM5wooEWz0knunJSb60vIvl9mY2srbNEy1gFIp10VxSFY8X1HgCCHcOhRaFK8lxuQmOHPaD8R+Q6Rj4uy8FcDmvi0llSV20CKCRGTAW0e+tTBijLvtH77Xe5zOoDPLARXGaEIvblq9kuPVgosV6z/6U7HkVyYENi1q1s61BRVbgJiAGCnNbKVMkt7uDKB26NR546cHRPHfZjvKh2ZisMQudNvSRMEADvWxUZ2WI8q1~4602162~3227973; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 09:45:22 GMT; Max-Age\u003d14400; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d78",
    "origin; dur\u003d215"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"acr":"urn:ibm:security:policy:id:1","amr":["password"],"aud":["18ee4145-ac69-4b92-88d0-5f4cb2e9a9b1"],"auth_time":1669613807,"iss":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2","name":"ISV Dev","preferred_username":"isvdev@ibm.com","rat":1669614304,"realmName":"cloudIdentityRealm","sub":"6160017N67"}
2022-11-28 05:45:22 SUCCESS
CallProtectedResource
Got a response from the resource endpoint
status
200
endpoint_name
resource
headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK78eb3255-315c-4e94-89c3-de2eeaa78be1",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c28163844af221aea8c5",
  "content-length": "324",
  "date": "Mon, 28 Nov 2022 05:45:22 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:j2iwXB9Bk3Jhqz++WGRS5ljgN1zh2ZAMuYG0Pcl9PlI\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:54725591; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003dB5FEA4C5E4FDECD79C5F068EAF221B69~-1~YAAQBmrcFzeICImEAQAAJMXEvAj57cLj9FUNVYTfgEbaSKEPMJsNqZfw3tleiO1SVB7qur8XR1Uxo5NAVrAqBHEQ9JhXHdw/iTIhsziXhpxgFjREPIpcxSe5wHqYKzUOJ8Se9LzswehT8b+sxi0Xr/0UGILk96zcDe/DbfBqeQCX8x6zK2OYJOb/dT6IDB6SBva/qY+HS5NmrgPiyUg29UNRe90Wmqnb6jPgMsp03bvvVzjSqGk1bNwL00hWJK7T9YQjZhu1rHMbUeLkFmew7+P4k1Vb0M128qhYBFV7WSWteMpwSEvCtcslpR10e+eWmnZ2oppJU+JY5AdvcTwQy/Oc5Z41gpOGdVLCZHcNUzFMsa0GMNXmha6K9V2T6T0plDeeOBM\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 05:45:22 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d48D2535D81481E331ED1DBA30D55B1F8~YAAQBmrcFziICImEAQAAJMXEvBHRc5xQ2QR/j1jho+0mWQ5RukPN4rrkLpuqm5JCtekK5degOgcZKsKIOaxM5wooEWz0knunJSb60vIvl9mY2srbNEy1gFIp10VxSFY8X1HgCCHcOhRaFK8lxuQmOHPaD8R+Q6Rj4uy8FcDmvi0llSV20CKCRGTAW0e+tTBijLvtH77Xe5zOoDPLARXGaEIvblq9kuPVgosV6z/6U7HkVyYENi1q1s61BRVbgJiAGCnNbKVMkt7uDKB26NR546cHRPHfZjvKh2ZisMQudNvSRMEADvWxUZ2WI8q1~4602162~3227973; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 09:45:22 GMT; Max-Age\u003d14400; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d78",
    "origin; dur\u003d215"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
body
{"acr":"urn:ibm:security:policy:id:1","amr":["password"],"aud":["18ee4145-ac69-4b92-88d0-5f4cb2e9a9b1"],"auth_time":1669613807,"iss":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2","name":"ISV Dev","preferred_username":"isvdev@ibm.com","rat":1669614304,"realmName":"cloudIdentityRealm","sub":"6160017N67"}
2022-11-28 05:45:22 SUCCESS
EnsureHttpStatusCodeIs200
resource endpoint returned the expected http status
expected_status
200
http_status
200
2022-11-28 05:45:22 SUCCESS
CreateTokenEndpointRequestForAuthorizationCodeGrant
Created token endpoint request
grant_type
authorization_code
code
f8_jUiKrydIDSZ7RcyEZoQxLJOizPQrd0jk56l1GwFM.q_DQLXGKdw5jwJ8OMeTqOAskCAlBKLOf3ggUzxlcTF_KYvFuYFqz0m-nq5HtbXER7YVoKE7dVOpD_jZnKB1Vfw
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
2022-11-28 05:45:22 SUCCESS
CreateClientAuthenticationAssertionClaims
Created client assertion claims
iss
18ee4145-ac69-4b92-88d0-5f4cb2e9a9b1
sub
18ee4145-ac69-4b92-88d0-5f4cb2e9a9b1
aud
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/token
jti
DkOHwUUOwa7jprsSSoNB
iat
1669614322
exp
1669614382
2022-11-28 05:45:22 SUCCESS
SignClientAuthenticationAssertion
Signed the client assertion
client_assertion
eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiIxOGVlNDE0NS1hYzY5LTRiOTItODhkMC01ZjRjYjJlOWE5YjEiLCJhdWQiOiJodHRwczpcL1wvb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tXC9vYXV0aDJcL3Rva2VuIiwiaXNzIjoiMThlZTQxNDUtYWM2OS00YjkyLTg4ZDAtNWY0Y2IyZTlhOWIxIiwiZXhwIjoxNjY5NjE0MzgyLCJpYXQiOjE2Njk2MTQzMjIsImp0aSI6IkRrT0h3VVVPd2E3anByc1NTb05CIn0.b47XomQa4AaZMF0XrdaxRhD_SCLcFIllsyYw66D6azubRl4KRFt6NTF2xB9h8a7Lml3oYV-gXkH5lSKD7bT-ojxnlmjK21tH1taSXB3FmCwSTmd_2BUktBSZsnwJOrAKHqUR8_n4hV4UCtT4DqA_r3G5ZjNWAJP0KnBala1iu1KbdAGH3VsZM3mCJn_cyxRxFfjYdUtFjELy7pw-yuHbxBc0ew9Hve9r-1_jyoiBCNTJ7qxwZww8Cmd3dafV-6ggOhzheedn7A5rMM-VlCilaV211aLqgfua9CAcZCrls7asylNQo1oPS8-ieyaB-I9zF5tFrfx8EI_XOrZfmZcEoQ
2022-11-28 05:45:22
AddClientAssertionToTokenEndpointRequest
Added client assertion
grant_type
authorization_code
code
f8_jUiKrydIDSZ7RcyEZoQxLJOizPQrd0jk56l1GwFM.q_DQLXGKdw5jwJ8OMeTqOAskCAlBKLOf3ggUzxlcTF_KYvFuYFqz0m-nq5HtbXER7YVoKE7dVOpD_jZnKB1Vfw
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
client_assertion
eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiIxOGVlNDE0NS1hYzY5LTRiOTItODhkMC01ZjRjYjJlOWE5YjEiLCJhdWQiOiJodHRwczpcL1wvb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tXC9vYXV0aDJcL3Rva2VuIiwiaXNzIjoiMThlZTQxNDUtYWM2OS00YjkyLTg4ZDAtNWY0Y2IyZTlhOWIxIiwiZXhwIjoxNjY5NjE0MzgyLCJpYXQiOjE2Njk2MTQzMjIsImp0aSI6IkRrT0h3VVVPd2E3anByc1NTb05CIn0.b47XomQa4AaZMF0XrdaxRhD_SCLcFIllsyYw66D6azubRl4KRFt6NTF2xB9h8a7Lml3oYV-gXkH5lSKD7bT-ojxnlmjK21tH1taSXB3FmCwSTmd_2BUktBSZsnwJOrAKHqUR8_n4hV4UCtT4DqA_r3G5ZjNWAJP0KnBala1iu1KbdAGH3VsZM3mCJn_cyxRxFfjYdUtFjELy7pw-yuHbxBc0ew9Hve9r-1_jyoiBCNTJ7qxwZww8Cmd3dafV-6ggOhzheedn7A5rMM-VlCilaV211aLqgfua9CAcZCrls7asylNQo1oPS8-ieyaB-I9zF5tFrfx8EI_XOrZfmZcEoQ
client_assertion_type
urn:ietf:params:oauth:client-assertion-type:jwt-bearer
2022-11-28 05:45:22
CallTokenEndpoint
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/token
request_method
POST
request_headers
{
  "accept": "application/json",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "1051"
}
request_body
grant_type=authorization_code&code=f8_jUiKrydIDSZ7RcyEZoQxLJOizPQrd0jk56l1GwFM.q_DQLXGKdw5jwJ8OMeTqOAskCAlBKLOf3ggUzxlcTF_KYvFuYFqz0m-nq5HtbXER7YVoKE7dVOpD_jZnKB1Vfw&redirect_uri=https%3A%2F%2Fwww.certification.openid.net%2Ftest%2Fa%2Fisv_op_oidc_core_test%2Fcallback&client_assertion=eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiIxOGVlNDE0NS1hYzY5LTRiOTItODhkMC01ZjRjYjJlOWE5YjEiLCJhdWQiOiJodHRwczpcL1wvb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tXC9vYXV0aDJcL3Rva2VuIiwiaXNzIjoiMThlZTQxNDUtYWM2OS00YjkyLTg4ZDAtNWY0Y2IyZTlhOWIxIiwiZXhwIjoxNjY5NjE0MzgyLCJpYXQiOjE2Njk2MTQzMjIsImp0aSI6IkRrT0h3VVVPd2E3anByc1NTb05CIn0.b47XomQa4AaZMF0XrdaxRhD_SCLcFIllsyYw66D6azubRl4KRFt6NTF2xB9h8a7Lml3oYV-gXkH5lSKD7bT-ojxnlmjK21tH1taSXB3FmCwSTmd_2BUktBSZsnwJOrAKHqUR8_n4hV4UCtT4DqA_r3G5ZjNWAJP0KnBala1iu1KbdAGH3VsZM3mCJn_cyxRxFfjYdUtFjELy7pw-yuHbxBc0ew9Hve9r-1_jyoiBCNTJ7qxwZww8Cmd3dafV-6ggOhzheedn7A5rMM-VlCilaV211aLqgfua9CAcZCrls7asylNQo1oPS8-ieyaB-I9zF5tFrfx8EI_XOrZfmZcEoQ&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer
2022-11-28 05:45:23 RESPONSE
CallTokenEndpoint
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK773ac7ff-4480-4f34-bf9b-c0f0795e71f9",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c28163844af307ee60c3",
  "content-length": "1498",
  "date": "Mon, 28 Nov 2022 05:45:23 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:VLNcjXprsUj4LO22H0alvir3ZTMPGAlrOw7m4Zn1nhU\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:54725591; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d022EC06719FE452893D0CB5872B3D4C2~-1~YAAQBmrcF0CICImEAQAA88bEvAiJAy176GsLvwApC2Te/h6G3oPbcfuxh9hcojXbCzA+7EDyGb8GkiAs/IdRypSTOOq/IXLHK6F2cv7fXHmjc0JY172JMT1aWoX8yS60kxnIUtVtTwJisULpZtfMkZee7HmMwR99Mx9TD6Np1CHoTetQhWEp3DlFm8pbw/LrgbhDu4jLdbU7cPiX7V0Wfwq0HzPX0JCX0rJk7GT4NPsKWp/2M6x7cr7GeGTXYY2OHpaeGa49dOmAk6KTAuqZqQf04jov8W7wthj0soCiP7SDno7vYTfEr1i9pC6qEXmGADB0t8/BOGLaw2ZxTx2J6HosImacOOEmtsXAy90suGpLqwLXeAlsZ6xDwWEnsSJTw6t30EM\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 05:45:23 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d4495788360AA907BC10382B0502B108A~YAAQBmrcF0GICImEAQAA9MbEvBESrqo1mgVtvzTvm+8QRu+3WWDGy3VrhFbuRFaBCN0aXiGHS82b32MCY3sAa3tzCu1HuFmMLaHqp7wKr9MboINRHvi/dm/lSUgSDCxADQ0Feb3KEfts1QFSphxAfB4EsGXtvQjM/gV31Cu6l+yNFXPJQqDmHq9YxnFSjHTWiaP6lkl+vu/b4ykj3JVDFp8rp41XejD81iTuoUUhtTW9NO4ZlqcTr+hgrkOR247pgnuC8pdDIx0JFn9nJSb9hTVej1X3xp53g2BJBu6r1o745Nq2OwIJ1kr6oSFh~3683393~3160130; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 09:45:23 GMT; Max-Age\u003d14400; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d83",
    "origin; dur\u003d277"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"access_token":"O2XqtZ2bUlMvmoMLVq4SsOxURkwQuR91Y3eupSEr52k.ZlbD8Kcrj9ErnXu8czt8pkFt2sK0uesWEIAJV4XSUKNXgVW0IR-6HCkR9wgbRUK-Ky92VPFXBw4LjwkyJQhJrQ.M18xNjY5NjE0MzIzXzE4","expires_in":7199,"id_token":"eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJ6Z1IyRXVpdlBEUWRRODdJQW1sdjVnIiwiYXVkIjpbIjE4ZWU0MTQ1LWFjNjktNGI5Mi04OGQwLTVmNGNiMmU5YTliMSJdLCJhdXRoX3RpbWUiOjE2Njk2MTM4MDcsImV4cCI6MTY2OTYyMTUyMywiaWF0IjoxNjY5NjE0MzIzLCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiI3YWEzNDFhMy0xMjFlLTRmZWUtYTk2Mi1hZGNiYjkzZjJkOTciLCJuYW1lIjoiSVNWIERldiIsIm5vbmNlIjoiS2RHdWJwdUdJNiIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NjE0MzA0LCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoiTEttcmZQeTJjUFBhLTRXaS1IcXYzQSIsInNfaGFzaCI6Ind1aUhMbGhNaUxCZXR2RDJjWGVaWWciLCJzdWIiOiI2MTYwMDE3TjY3In0.h2X1XVSwWSLG01N-oIlROKHyTL2RpXgkoEXPhpl4RECX04qPWDnoalFh8K7RG1wOIzFxZS_GTR_cPnUobs8zyhOeNu2gy2IJFvA_KcD3WIcn7U_pe7lg7S_HRCXCUWFTk1awWOwqT95AmYWr0Yl5QXTCpudfNK_u9QvOK_v1C_9TfcbLPtHRkpF7TiiOX9LMEzM-4tjJfvYonO7J5zhd-HZQSBy3uIHsW0AIip6RQPWjrd4Z5LjWiVK52JYNnojEGVivuQFkpTPwcm_47ekj7xsPQvifh3aFkj_4VQ-fGTIAzGBqf1fiRJ2n2FOQD3VOKMymhe51QaIEb6XPqRF7oA","refresh_token":"vVmjF0mAzirR2Hy3oRsgfch6cSWzuxHla640N8FIu2c.9BH5kIHbLbZ31QRK2KBY4M0FQVyzf2WMmJg6gqPKoECIFaGpIzfrs_M8tUEVloZ74pi2Ey6uG-Xf6CCuyUYTwQ.M18xNjY5NjE0MzIzXzE4","scope":"openid","token_type":"bearer"}
2022-11-28 05:45:23 SUCCESS
CallTokenEndpoint
Parsed token endpoint response
access_token
O2XqtZ2bUlMvmoMLVq4SsOxURkwQuR91Y3eupSEr52k.ZlbD8Kcrj9ErnXu8czt8pkFt2sK0uesWEIAJV4XSUKNXgVW0IR-6HCkR9wgbRUK-Ky92VPFXBw4LjwkyJQhJrQ.M18xNjY5NjE0MzIzXzE4
expires_in
7199
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJ6Z1IyRXVpdlBEUWRRODdJQW1sdjVnIiwiYXVkIjpbIjE4ZWU0MTQ1LWFjNjktNGI5Mi04OGQwLTVmNGNiMmU5YTliMSJdLCJhdXRoX3RpbWUiOjE2Njk2MTM4MDcsImV4cCI6MTY2OTYyMTUyMywiaWF0IjoxNjY5NjE0MzIzLCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiI3YWEzNDFhMy0xMjFlLTRmZWUtYTk2Mi1hZGNiYjkzZjJkOTciLCJuYW1lIjoiSVNWIERldiIsIm5vbmNlIjoiS2RHdWJwdUdJNiIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NjE0MzA0LCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoiTEttcmZQeTJjUFBhLTRXaS1IcXYzQSIsInNfaGFzaCI6Ind1aUhMbGhNaUxCZXR2RDJjWGVaWWciLCJzdWIiOiI2MTYwMDE3TjY3In0.h2X1XVSwWSLG01N-oIlROKHyTL2RpXgkoEXPhpl4RECX04qPWDnoalFh8K7RG1wOIzFxZS_GTR_cPnUobs8zyhOeNu2gy2IJFvA_KcD3WIcn7U_pe7lg7S_HRCXCUWFTk1awWOwqT95AmYWr0Yl5QXTCpudfNK_u9QvOK_v1C_9TfcbLPtHRkpF7TiiOX9LMEzM-4tjJfvYonO7J5zhd-HZQSBy3uIHsW0AIip6RQPWjrd4Z5LjWiVK52JYNnojEGVivuQFkpTPwcm_47ekj7xsPQvifh3aFkj_4VQ-fGTIAzGBqf1fiRJ2n2FOQD3VOKMymhe51QaIEb6XPqRF7oA
refresh_token
vVmjF0mAzirR2Hy3oRsgfch6cSWzuxHla640N8FIu2c.9BH5kIHbLbZ31QRK2KBY4M0FQVyzf2WMmJg6gqPKoECIFaGpIzfrs_M8tUEVloZ74pi2Ey6uG-Xf6CCuyUYTwQ.M18xNjY5NjE0MzIzXzE4
scope
openid
token_type
bearer
2022-11-28 05:45:23 SUCCESS
CheckIfTokenEndpointResponseError
No error from token endpoint
2022-11-28 05:45:23 SUCCESS
CheckForAccessTokenValue
Found an access token
access_token
O2XqtZ2bUlMvmoMLVq4SsOxURkwQuR91Y3eupSEr52k.ZlbD8Kcrj9ErnXu8czt8pkFt2sK0uesWEIAJV4XSUKNXgVW0IR-6HCkR9wgbRUK-Ky92VPFXBw4LjwkyJQhJrQ.M18xNjY5NjE0MzIzXzE4
2022-11-28 05:45:23 SUCCESS
ExtractAccessTokenFromTokenResponse
Extracted the access token
value
O2XqtZ2bUlMvmoMLVq4SsOxURkwQuR91Y3eupSEr52k.ZlbD8Kcrj9ErnXu8czt8pkFt2sK0uesWEIAJV4XSUKNXgVW0IR-6HCkR9wgbRUK-Ky92VPFXBw4LjwkyJQhJrQ.M18xNjY5NjE0MzIzXzE4
type
bearer
2022-11-28 05:45:23 SUCCESS
ExtractExpiresInFromTokenEndpointResponse
Extracted 'expires_in'
expires_in
7199
2022-11-28 05:45:23 SUCCESS
ValidateExpiresIn
expires_in passed all validation checks
expires_in
7199
2022-11-28 05:45:23 SUCCESS
CheckForRefreshTokenValue
Found a refresh token
refresh_token
vVmjF0mAzirR2Hy3oRsgfch6cSWzuxHla640N8FIu2c.9BH5kIHbLbZ31QRK2KBY4M0FQVyzf2WMmJg6gqPKoECIFaGpIzfrs_M8tUEVloZ74pi2Ey6uG-Xf6CCuyUYTwQ.M18xNjY5NjE0MzIzXzE4
2022-11-28 05:45:23 SUCCESS
ExtractIdTokenFromTokenResponse
Found and parsed the id_token from token_endpoint_response
value
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJ6Z1IyRXVpdlBEUWRRODdJQW1sdjVnIiwiYXVkIjpbIjE4ZWU0MTQ1LWFjNjktNGI5Mi04OGQwLTVmNGNiMmU5YTliMSJdLCJhdXRoX3RpbWUiOjE2Njk2MTM4MDcsImV4cCI6MTY2OTYyMTUyMywiaWF0IjoxNjY5NjE0MzIzLCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiI3YWEzNDFhMy0xMjFlLTRmZWUtYTk2Mi1hZGNiYjkzZjJkOTciLCJuYW1lIjoiSVNWIERldiIsIm5vbmNlIjoiS2RHdWJwdUdJNiIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NjE0MzA0LCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoiTEttcmZQeTJjUFBhLTRXaS1IcXYzQSIsInNfaGFzaCI6Ind1aUhMbGhNaUxCZXR2RDJjWGVaWWciLCJzdWIiOiI2MTYwMDE3TjY3In0.h2X1XVSwWSLG01N-oIlROKHyTL2RpXgkoEXPhpl4RECX04qPWDnoalFh8K7RG1wOIzFxZS_GTR_cPnUobs8zyhOeNu2gy2IJFvA_KcD3WIcn7U_pe7lg7S_HRCXCUWFTk1awWOwqT95AmYWr0Yl5QXTCpudfNK_u9QvOK_v1C_9TfcbLPtHRkpF7TiiOX9LMEzM-4tjJfvYonO7J5zhd-HZQSBy3uIHsW0AIip6RQPWjrd4Z5LjWiVK52JYNnojEGVivuQFkpTPwcm_47ekj7xsPQvifh3aFkj_4VQ-fGTIAzGBqf1fiRJ2n2FOQD3VOKMymhe51QaIEb6XPqRF7oA
header
{
  "kid": "server",
  "alg": "RS256"
}
claims
{
  "at_hash": "zgR2EuivPDQdQ87IAmlv5g",
  "sub": "6160017N67",
  "rat": 1669614304,
  "realmName": "cloudIdentityRealm",
  "amr": [
    "password"
  ],
  "iss": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "preferred_username": "isvdev@ibm.com",
  "nonce": "KdGubpuGI6",
  "rt_hash": "LKmrfPy2cPPa-4Wi-Hqv3A",
  "acr": "urn:ibm:security:policy:id:1",
  "aud": "18ee4145-ac69-4b92-88d0-5f4cb2e9a9b1",
  "s_hash": "wuiHLlhMiLBetvD2cXeZYg",
  "auth_time": 1669613807,
  "name": "ISV Dev",
  "exp": 1669621523,
  "iat": 1669614323,
  "jti": "7aa341a3-121e-4fee-a962-adcbb93f2d97"
}
2022-11-28 05:45:23 SUCCESS
ValidateIdToken
ID token iss, aud, exp, iat, auth_time, acr & nbf claims passed validation checks
2022-11-28 05:45:23
ValidateIdTokenStandardClaims
sub is a string with content
2022-11-28 05:45:23
ValidateIdTokenStandardClaims
Skipping unknown claim: rat
2022-11-28 05:45:23
ValidateIdTokenStandardClaims
Skipping unknown claim: realmName
2022-11-28 05:45:23
ValidateIdTokenStandardClaims
preferred_username is a string with content
2022-11-28 05:45:23
ValidateIdTokenStandardClaims
Skipping unknown claim: rt_hash
2022-11-28 05:45:23
ValidateIdTokenStandardClaims
name is a string with content
2022-11-28 05:45:23 SUCCESS
ValidateIdTokenStandardClaims
id_token claims are valid
2022-11-28 05:45:23 SUCCESS
ValidateIdTokenNonce
Nonce values match
nonce
KdGubpuGI6
2022-11-28 05:45:23 SUCCESS
ValidateIdTokenACRClaimAgainstRequest
Nothing to check; the conformance suite did not request an acr claim in request object
2022-11-28 05:45:23 SUCCESS
ValidateIdTokenSignature
id_token signature validated
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJ6Z1IyRXVpdlBEUWRRODdJQW1sdjVnIiwiYXVkIjpbIjE4ZWU0MTQ1LWFjNjktNGI5Mi04OGQwLTVmNGNiMmU5YTliMSJdLCJhdXRoX3RpbWUiOjE2Njk2MTM4MDcsImV4cCI6MTY2OTYyMTUyMywiaWF0IjoxNjY5NjE0MzIzLCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiI3YWEzNDFhMy0xMjFlLTRmZWUtYTk2Mi1hZGNiYjkzZjJkOTciLCJuYW1lIjoiSVNWIERldiIsIm5vbmNlIjoiS2RHdWJwdUdJNiIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NjE0MzA0LCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoiTEttcmZQeTJjUFBhLTRXaS1IcXYzQSIsInNfaGFzaCI6Ind1aUhMbGhNaUxCZXR2RDJjWGVaWWciLCJzdWIiOiI2MTYwMDE3TjY3In0.h2X1XVSwWSLG01N-oIlROKHyTL2RpXgkoEXPhpl4RECX04qPWDnoalFh8K7RG1wOIzFxZS_GTR_cPnUobs8zyhOeNu2gy2IJFvA_KcD3WIcn7U_pe7lg7S_HRCXCUWFTk1awWOwqT95AmYWr0Yl5QXTCpudfNK_u9QvOK_v1C_9TfcbLPtHRkpF7TiiOX9LMEzM-4tjJfvYonO7J5zhd-HZQSBy3uIHsW0AIip6RQPWjrd4Z5LjWiVK52JYNnojEGVivuQFkpTPwcm_47ekj7xsPQvifh3aFkj_4VQ-fGTIAzGBqf1fiRJ2n2FOQD3VOKMymhe51QaIEb6XPqRF7oA
2022-11-28 05:45:23 SUCCESS
ValidateIdTokenSignatureUsingKid
id_token signature validated
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJ6Z1IyRXVpdlBEUWRRODdJQW1sdjVnIiwiYXVkIjpbIjE4ZWU0MTQ1LWFjNjktNGI5Mi04OGQwLTVmNGNiMmU5YTliMSJdLCJhdXRoX3RpbWUiOjE2Njk2MTM4MDcsImV4cCI6MTY2OTYyMTUyMywiaWF0IjoxNjY5NjE0MzIzLCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiI3YWEzNDFhMy0xMjFlLTRmZWUtYTk2Mi1hZGNiYjkzZjJkOTciLCJuYW1lIjoiSVNWIERldiIsIm5vbmNlIjoiS2RHdWJwdUdJNiIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NjE0MzA0LCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoiTEttcmZQeTJjUFBhLTRXaS1IcXYzQSIsInNfaGFzaCI6Ind1aUhMbGhNaUxCZXR2RDJjWGVaWWciLCJzdWIiOiI2MTYwMDE3TjY3In0.h2X1XVSwWSLG01N-oIlROKHyTL2RpXgkoEXPhpl4RECX04qPWDnoalFh8K7RG1wOIzFxZS_GTR_cPnUobs8zyhOeNu2gy2IJFvA_KcD3WIcn7U_pe7lg7S_HRCXCUWFTk1awWOwqT95AmYWr0Yl5QXTCpudfNK_u9QvOK_v1C_9TfcbLPtHRkpF7TiiOX9LMEzM-4tjJfvYonO7J5zhd-HZQSBy3uIHsW0AIip6RQPWjrd4Z5LjWiVK52JYNnojEGVivuQFkpTPwcm_47ekj7xsPQvifh3aFkj_4VQ-fGTIAzGBqf1fiRJ2n2FOQD3VOKMymhe51QaIEb6XPqRF7oA
2022-11-28 05:45:23 SUCCESS
CheckForSubjectInIdToken
Found 'sub' in id_token
sub
6160017N67
2022-11-28 05:45:23
EnsureIdTokenUpdatedAtValid
id_token response does not contain 'updated_at'
2022-11-28 05:45:23 INFO
ValidateEncryptedIdTokenHasKid
Skipped evaluation due to missing required element: id_token jwe_header
path
jwe_header
mapped
object
id_token
2022-11-28 05:45:23 SUCCESS
ExtractRefreshTokenFromTokenResponse
Extracted refresh token from response
refresh_token
vVmjF0mAzirR2Hy3oRsgfch6cSWzuxHla640N8FIu2c.9BH5kIHbLbZ31QRK2KBY4M0FQVyzf2WMmJg6gqPKoECIFaGpIzfrs_M8tUEVloZ74pi2Ey6uG-Xf6CCuyUYTwQ.M18xNjY5NjE0MzIzXzE4
2022-11-28 05:45:23 SUCCESS
EnsureServerConfigurationSupportsRefreshToken
The server configuration indicates support for refresh tokens
supported_grant_types
[
  "authorization_code",
  "implicit",
  "password",
  "refresh_token",
  "client_credentials"
]
2022-11-28 05:45:23 SUCCESS
EnsureRefreshTokenContainsAllowedCharactersOnly
Refresh token does not contain any illegal characters
Refresh Token Request
2022-11-28 05:45:23 SUCCESS
CreateRefreshTokenRequest
Created token endpoint request parameters
grant_type
refresh_token
refresh_token
vVmjF0mAzirR2Hy3oRsgfch6cSWzuxHla640N8FIu2c.9BH5kIHbLbZ31QRK2KBY4M0FQVyzf2WMmJg6gqPKoECIFaGpIzfrs_M8tUEVloZ74pi2Ey6uG-Xf6CCuyUYTwQ.M18xNjY5NjE0MzIzXzE4
2022-11-28 05:45:23 SUCCESS
AddScopeToTokenEndpointRequest
Added scope of 'openid' to token endpoint request
grant_type
refresh_token
refresh_token
vVmjF0mAzirR2Hy3oRsgfch6cSWzuxHla640N8FIu2c.9BH5kIHbLbZ31QRK2KBY4M0FQVyzf2WMmJg6gqPKoECIFaGpIzfrs_M8tUEVloZ74pi2Ey6uG-Xf6CCuyUYTwQ.M18xNjY5NjE0MzIzXzE4
scope
openid
2022-11-28 05:45:23 SUCCESS
CreateClientAuthenticationAssertionClaims
Created client assertion claims
iss
18ee4145-ac69-4b92-88d0-5f4cb2e9a9b1
sub
18ee4145-ac69-4b92-88d0-5f4cb2e9a9b1
aud
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/token
jti
AfLduh5wnRDZHmXd4VzX
iat
1669614323
exp
1669614383
2022-11-28 05:45:23 SUCCESS
SignClientAuthenticationAssertion
Signed the client assertion
client_assertion
eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiIxOGVlNDE0NS1hYzY5LTRiOTItODhkMC01ZjRjYjJlOWE5YjEiLCJhdWQiOiJodHRwczpcL1wvb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tXC9vYXV0aDJcL3Rva2VuIiwiaXNzIjoiMThlZTQxNDUtYWM2OS00YjkyLTg4ZDAtNWY0Y2IyZTlhOWIxIiwiZXhwIjoxNjY5NjE0MzgzLCJpYXQiOjE2Njk2MTQzMjMsImp0aSI6IkFmTGR1aDV3blJEWkhtWGQ0VnpYIn0.uKVRHA1zvzw3ubdf-q2pjk7ixqno3TeHxbF9AZxQXGr7uCxUeoseHrUG5Q4aGuea10QqoLunW3H26CmfNDVkF99fZx7z9HmhvnkEFQKq6nJbmNI3GnyMbPLHSi6KusBLXZUZccOWDWBXeMjCe5vTKSoqONOB4lqS9Gv8w4nnlYQ4NSKLaycABnL8BERlQLwXspzkOTSKO_aVBK33wjYI3wrp-fNvJSrh18Jdy0SZ8S8xeNHYJYFrzGwETb2Yjy1_ImPZOQ60NL9W_kU0sHRav0mWmwUvP-l6zUK39XXk91Lc6ut1nUV4Gdp3DHv8AB1nASM8mq3o_8vXbj5DdK-x-w
2022-11-28 05:45:23
AddClientAssertionToTokenEndpointRequest
Added client assertion
grant_type
refresh_token
refresh_token
vVmjF0mAzirR2Hy3oRsgfch6cSWzuxHla640N8FIu2c.9BH5kIHbLbZ31QRK2KBY4M0FQVyzf2WMmJg6gqPKoECIFaGpIzfrs_M8tUEVloZ74pi2Ey6uG-Xf6CCuyUYTwQ.M18xNjY5NjE0MzIzXzE4
scope
openid
client_assertion
eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiIxOGVlNDE0NS1hYzY5LTRiOTItODhkMC01ZjRjYjJlOWE5YjEiLCJhdWQiOiJodHRwczpcL1wvb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tXC9vYXV0aDJcL3Rva2VuIiwiaXNzIjoiMThlZTQxNDUtYWM2OS00YjkyLTg4ZDAtNWY0Y2IyZTlhOWIxIiwiZXhwIjoxNjY5NjE0MzgzLCJpYXQiOjE2Njk2MTQzMjMsImp0aSI6IkFmTGR1aDV3blJEWkhtWGQ0VnpYIn0.uKVRHA1zvzw3ubdf-q2pjk7ixqno3TeHxbF9AZxQXGr7uCxUeoseHrUG5Q4aGuea10QqoLunW3H26CmfNDVkF99fZx7z9HmhvnkEFQKq6nJbmNI3GnyMbPLHSi6KusBLXZUZccOWDWBXeMjCe5vTKSoqONOB4lqS9Gv8w4nnlYQ4NSKLaycABnL8BERlQLwXspzkOTSKO_aVBK33wjYI3wrp-fNvJSrh18Jdy0SZ8S8xeNHYJYFrzGwETb2Yjy1_ImPZOQ60NL9W_kU0sHRav0mWmwUvP-l6zUK39XXk91Lc6ut1nUV4Gdp3DHv8AB1nASM8mq3o_8vXbj5DdK-x-w
client_assertion_type
urn:ietf:params:oauth:client-assertion-type:jwt-bearer
2022-11-28 05:45:23 SUCCESS
WaitForOneSecond
Pausing for 1 seconds
2022-11-28 05:45:24 SUCCESS
WaitForOneSecond
Woke up after 1 seconds sleep
2022-11-28 05:45:24
CallTokenEndpointAndReturnFullResponse
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/token
request_method
POST
request_headers
{
  "accept": "application/json",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "987"
}
request_body
grant_type=refresh_token&refresh_token=vVmjF0mAzirR2Hy3oRsgfch6cSWzuxHla640N8FIu2c.9BH5kIHbLbZ31QRK2KBY4M0FQVyzf2WMmJg6gqPKoECIFaGpIzfrs_M8tUEVloZ74pi2Ey6uG-Xf6CCuyUYTwQ.M18xNjY5NjE0MzIzXzE4&scope=openid&client_assertion=eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiIxOGVlNDE0NS1hYzY5LTRiOTItODhkMC01ZjRjYjJlOWE5YjEiLCJhdWQiOiJodHRwczpcL1wvb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tXC9vYXV0aDJcL3Rva2VuIiwiaXNzIjoiMThlZTQxNDUtYWM2OS00YjkyLTg4ZDAtNWY0Y2IyZTlhOWIxIiwiZXhwIjoxNjY5NjE0MzgzLCJpYXQiOjE2Njk2MTQzMjMsImp0aSI6IkFmTGR1aDV3blJEWkhtWGQ0VnpYIn0.uKVRHA1zvzw3ubdf-q2pjk7ixqno3TeHxbF9AZxQXGr7uCxUeoseHrUG5Q4aGuea10QqoLunW3H26CmfNDVkF99fZx7z9HmhvnkEFQKq6nJbmNI3GnyMbPLHSi6KusBLXZUZccOWDWBXeMjCe5vTKSoqONOB4lqS9Gv8w4nnlYQ4NSKLaycABnL8BERlQLwXspzkOTSKO_aVBK33wjYI3wrp-fNvJSrh18Jdy0SZ8S8xeNHYJYFrzGwETb2Yjy1_ImPZOQ60NL9W_kU0sHRav0mWmwUvP-l6zUK39XXk91Lc6ut1nUV4Gdp3DHv8AB1nASM8mq3o_8vXbj5DdK-x-w&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer
2022-11-28 05:45:25 RESPONSE
CallTokenEndpointAndReturnFullResponse
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK804737f8-86c2-4432-b055-4bf660c4309e",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c28163844af4374fe981",
  "content-length": "1425",
  "date": "Mon, 28 Nov 2022 05:45:25 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:dKJitB3Sn+DQCkMUwlNhtrmwmKimy0QDH/ap6v22n/Y\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:54725591; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d7EC129AC9CB3AFDC3AF1DCD9FF6F1D7C~-1~YAAQBmrcF2eICImEAQAA183EvAgb9NE9wXxxSkO51c5sRkUM4YZZHG6bsm9rqZkxp3P3ZUNIHcfHIets+/2hY05+w9xfnRgCibzyyiSKXk85K8H7lum70tUTH2glcPz0nyaJ3eAa/QOi/jqxb/xwXt/vQxFPO3CzCOFKrUgdFkCalKKzdrVVrHco9zql0aZV0+IXp211Dqw1sZNzIPvRTOsZrVMaAzkerOzNy89IO2wpGq3FD7W7Vwy0loKwO6WiPHo7WaQQr32ArF+0CRDN2jnSH/UKf8DuIzJQXBKIwGO/NTzsbIYdXJ/6QtLNN2M6HBYPjAGvO9DHbz4Scv1U5a30rL5po+NlAzyvDHxhu/uroVLxfJ219Auwaw9tXFneqeorRrM\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 05:45:25 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d28E1A8E3447CD7A3C79464BC65A271E5~YAAQBmrcF2iICImEAQAA183EvBH2om5ggVNywVepuIbpkblNP4Tc9ZvqYP3f+ML8ajAkOB/oUNN7MmqZkL2cNL4P5iXwScM9cYylB9/OVeJXsWftV51+2M4aKE2tBOGsRYd6L0zkWNuZVofQCXxSvK1sR/e+r/nHYB5oLPQW+/pUtm98b3pOqygUwJ/rL1iY3ql3EvHeixgjrU3VODjL8w4XTrFHouDSfC5PZFsPQVZol+sreGmTRcyZmyH8/yFicMvt+m6tmMnSdNPjwsbR6/ANQu/t4mVeG7Et3jJYRE2pf1BXgBsToIckkr+0~3487542~3555909; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 09:45:24 GMT; Max-Age\u003d14399; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d84",
    "origin; dur\u003d565"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"access_token":"7EiPHr8LJzbSu_DD4N-McSLBOYF4H7oG8q19MKwOjXE.hvEJhJbu-Qve9-mwmyA-kU6ouHnF9h_RaYKkMgbzB6U1X8ldkybkK46DrLUqejePS59KDafrgCZWR7PGRqnreQ.M18xNjY5NjE0MzI0XzE4","expires_in":7199,"id_token":"eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJKYjhKbW5lZERYTm5QZU8za2I5NEVRIiwiYXVkIjpbIjE4ZWU0MTQ1LWFjNjktNGI5Mi04OGQwLTVmNGNiMmU5YTliMSJdLCJhdXRoX3RpbWUiOjE2Njk2MTM4MDcsImV4cCI6MTY2OTYyMTUyNSwiaWF0IjoxNjY5NjE0MzI1LCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiI3Nzk1MDU1MC1hMTE4LTRkYmEtYTk1Yi03NjJlNTZlOTU0NDAiLCJuYW1lIjoiSVNWIERldiIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NjE0MzA0LCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoidmp4WlFhVHo0cC1ITXV1NnZUcDEzdyIsInN1YiI6IjYxNjAwMTdONjcifQ.gMR0v-e4Qrr5DRFn-VcBMgsVlGVFCVKxTz60dRKoecVJEDWIFNDuZ55NZXRtc7v7ZqEphfu0k98Nrx_xRjJ7RlXpmEIFBzs-Wf76nec-Uz7zJiK-9bbl_2QmrCdRzYlW6Iclh_4q26IewG8EYHqmTOJ26a0P5Wf26FPqz4SKet3bi9a1PNxxNPm1CU_-69wMicZzlYIg2HbaoTqfOFv4p1E-wG3g0zC-_LejAV_TVCGcjUdPwxKa6qe9PrKjQSxZKqMfne_WF-MoeXKJ1hKVL8HA4R6FnblDQj_GKQE1Z_mHVrWrP8hfzCjsZ-RNrwkJTz2FXYnRy0W31MgudQGeLg","refresh_token":"i2iGW9G73XtWli_T1LOPEkmWHDV-4wSigGTqkqIkNDM.j4nEJKWfntpxK4-FHAKjxsmf2lGjVE8BEjy7i64Tryg1-nvlO4ORsLAWOWdy1oPbvUgVBlx9px6TSWIhzsnThQ.M18xNjY5NjE0MzI0XzE4","scope":"openid","token_type":"bearer"}
2022-11-28 05:45:25 SUCCESS
CallTokenEndpointAndReturnFullResponse
Parsed token endpoint response
access_token
7EiPHr8LJzbSu_DD4N-McSLBOYF4H7oG8q19MKwOjXE.hvEJhJbu-Qve9-mwmyA-kU6ouHnF9h_RaYKkMgbzB6U1X8ldkybkK46DrLUqejePS59KDafrgCZWR7PGRqnreQ.M18xNjY5NjE0MzI0XzE4
expires_in
7199
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJKYjhKbW5lZERYTm5QZU8za2I5NEVRIiwiYXVkIjpbIjE4ZWU0MTQ1LWFjNjktNGI5Mi04OGQwLTVmNGNiMmU5YTliMSJdLCJhdXRoX3RpbWUiOjE2Njk2MTM4MDcsImV4cCI6MTY2OTYyMTUyNSwiaWF0IjoxNjY5NjE0MzI1LCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiI3Nzk1MDU1MC1hMTE4LTRkYmEtYTk1Yi03NjJlNTZlOTU0NDAiLCJuYW1lIjoiSVNWIERldiIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NjE0MzA0LCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoidmp4WlFhVHo0cC1ITXV1NnZUcDEzdyIsInN1YiI6IjYxNjAwMTdONjcifQ.gMR0v-e4Qrr5DRFn-VcBMgsVlGVFCVKxTz60dRKoecVJEDWIFNDuZ55NZXRtc7v7ZqEphfu0k98Nrx_xRjJ7RlXpmEIFBzs-Wf76nec-Uz7zJiK-9bbl_2QmrCdRzYlW6Iclh_4q26IewG8EYHqmTOJ26a0P5Wf26FPqz4SKet3bi9a1PNxxNPm1CU_-69wMicZzlYIg2HbaoTqfOFv4p1E-wG3g0zC-_LejAV_TVCGcjUdPwxKa6qe9PrKjQSxZKqMfne_WF-MoeXKJ1hKVL8HA4R6FnblDQj_GKQE1Z_mHVrWrP8hfzCjsZ-RNrwkJTz2FXYnRy0W31MgudQGeLg
refresh_token
i2iGW9G73XtWli_T1LOPEkmWHDV-4wSigGTqkqIkNDM.j4nEJKWfntpxK4-FHAKjxsmf2lGjVE8BEjy7i64Tryg1-nvlO4ORsLAWOWdy1oPbvUgVBlx9px6TSWIhzsnThQ.M18xNjY5NjE0MzI0XzE4
scope
openid
token_type
bearer
2022-11-28 05:45:25 SUCCESS
CheckTokenEndpointHttpStatus200
Token endpoint http status code was 200
2022-11-28 05:45:25 SUCCESS
CheckTokenEndpointReturnedJsonContentType
token_endpoint_response_headers Content-Type: header is application/json
2022-11-28 05:45:25 SUCCESS
CheckTokenEndpointCacheHeaders
'cache-control' header in token endpoint response contains expected value.
cache_control_header
no-store
2022-11-28 05:45:25 SUCCESS
CheckIfTokenEndpointResponseError
No error from token endpoint
2022-11-28 05:45:25 SUCCESS
ExtractAccessTokenFromTokenResponse
Extracted the access token
value
7EiPHr8LJzbSu_DD4N-McSLBOYF4H7oG8q19MKwOjXE.hvEJhJbu-Qve9-mwmyA-kU6ouHnF9h_RaYKkMgbzB6U1X8ldkybkK46DrLUqejePS59KDafrgCZWR7PGRqnreQ.M18xNjY5NjE0MzI0XzE4
type
bearer
2022-11-28 05:45:25 SUCCESS
CheckTokenTypeIsBearer
Token type is bearer
2022-11-28 05:45:25 SUCCESS
EnsureMinimumAccessTokenEntropy
Calculated shannon entropy seems sufficient
actual
863.7016346545976
expected
96.0
value
7EiPHr8LJzbSu_DD4N-McSLBOYF4H7oG8q19MKwOjXE.hvEJhJbu-Qve9-mwmyA-kU6ouHnF9h_RaYKkMgbzB6U1X8ldkybkK46DrLUqejePS59KDafrgCZWR7PGRqnreQ.M18xNjY5NjE0MzI0XzE4
2022-11-28 05:45:25 SUCCESS
EnsureAccessTokenContainsAllowedCharactersOnly
Access token does not contain any illegal characters
2022-11-28 05:45:25 SUCCESS
ExtractExpiresInFromTokenEndpointResponse
Extracted 'expires_in'
expires_in
7199
2022-11-28 05:45:25 SUCCESS
ValidateExpiresIn
expires_in passed all validation checks
expires_in
7199
2022-11-28 05:45:25 SUCCESS
EnsureAccessTokenValuesAreDifferent
Access token values are not the same
first_access_token
O2XqtZ2bUlMvmoMLVq4SsOxURkwQuR91Y3eupSEr52k.ZlbD8Kcrj9ErnXu8czt8pkFt2sK0uesWEIAJV4XSUKNXgVW0IR-6HCkR9wgbRUK-Ky92VPFXBw4LjwkyJQhJrQ.M18xNjY5NjE0MzIzXzE4
second_access_token
7EiPHr8LJzbSu_DD4N-McSLBOYF4H7oG8q19MKwOjXE.hvEJhJbu-Qve9-mwmyA-kU6ouHnF9h_RaYKkMgbzB6U1X8ldkybkK46DrLUqejePS59KDafrgCZWR7PGRqnreQ.M18xNjY5NjE0MzI0XzE4
2022-11-28 05:45:25 SUCCESS
ExtractIdTokenFromTokenResponse
Found and parsed the id_token from token_endpoint_response
value
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJKYjhKbW5lZERYTm5QZU8za2I5NEVRIiwiYXVkIjpbIjE4ZWU0MTQ1LWFjNjktNGI5Mi04OGQwLTVmNGNiMmU5YTliMSJdLCJhdXRoX3RpbWUiOjE2Njk2MTM4MDcsImV4cCI6MTY2OTYyMTUyNSwiaWF0IjoxNjY5NjE0MzI1LCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiI3Nzk1MDU1MC1hMTE4LTRkYmEtYTk1Yi03NjJlNTZlOTU0NDAiLCJuYW1lIjoiSVNWIERldiIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NjE0MzA0LCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoidmp4WlFhVHo0cC1ITXV1NnZUcDEzdyIsInN1YiI6IjYxNjAwMTdONjcifQ.gMR0v-e4Qrr5DRFn-VcBMgsVlGVFCVKxTz60dRKoecVJEDWIFNDuZ55NZXRtc7v7ZqEphfu0k98Nrx_xRjJ7RlXpmEIFBzs-Wf76nec-Uz7zJiK-9bbl_2QmrCdRzYlW6Iclh_4q26IewG8EYHqmTOJ26a0P5Wf26FPqz4SKet3bi9a1PNxxNPm1CU_-69wMicZzlYIg2HbaoTqfOFv4p1E-wG3g0zC-_LejAV_TVCGcjUdPwxKa6qe9PrKjQSxZKqMfne_WF-MoeXKJ1hKVL8HA4R6FnblDQj_GKQE1Z_mHVrWrP8hfzCjsZ-RNrwkJTz2FXYnRy0W31MgudQGeLg
header
{
  "kid": "server",
  "alg": "RS256"
}
claims
{
  "at_hash": "Jb8JmnedDXNnPeO3kb94EQ",
  "sub": "6160017N67",
  "rat": 1669614304,
  "realmName": "cloudIdentityRealm",
  "amr": [
    "password"
  ],
  "iss": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "preferred_username": "isvdev@ibm.com",
  "rt_hash": "vjxZQaTz4p-HMuu6vTp13w",
  "acr": "urn:ibm:security:policy:id:1",
  "aud": "18ee4145-ac69-4b92-88d0-5f4cb2e9a9b1",
  "auth_time": 1669613807,
  "name": "ISV Dev",
  "exp": 1669621525,
  "iat": 1669614325,
  "jti": "77950550-a118-4dba-a95b-762e56e95440"
}
2022-11-28 05:45:25 SUCCESS
ExtractRefreshTokenFromTokenResponse
Extracted refresh token from response
refresh_token
i2iGW9G73XtWli_T1LOPEkmWHDV-4wSigGTqkqIkNDM.j4nEJKWfntpxK4-FHAKjxsmf2lGjVE8BEjy7i64Tryg1-nvlO4ORsLAWOWdy1oPbvUgVBlx9px6TSWIhzsnThQ.M18xNjY5NjE0MzI0XzE4
2022-11-28 05:45:25 SUCCESS
EnsureMinimumRefreshTokenLength
Refresh token is of sufficient length
actual
1208
required
128
2022-11-28 05:45:25 SUCCESS
EnsureMinimumRefreshTokenEntropy
Calculated shannon entropy seems sufficient
actual
855.6856222235942
expected
96.0
value
i2iGW9G73XtWli_T1LOPEkmWHDV-4wSigGTqkqIkNDM.j4nEJKWfntpxK4-FHAKjxsmf2lGjVE8BEjy7i64Tryg1-nvlO4ORsLAWOWdy1oPbvUgVBlx9px6TSWIhzsnThQ.M18xNjY5NjE0MzI0XzE4
2022-11-28 05:45:25 SUCCESS
CompareIdTokenClaims
Validated id token claims successfully
iss
{
  "first": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "second": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "note": "Values are expected to be equal"
}
sub
{
  "first": "6160017N67",
  "second": "6160017N67",
  "note": "Values are expected to be equal"
}
iat
{
  "first": 1669614323,
  "second": 1669614325,
  "note": "Values are expected to be different"
}
aud
{
  "first": "18ee4145-ac69-4b92-88d0-5f4cb2e9a9b1",
  "second": "18ee4145-ac69-4b92-88d0-5f4cb2e9a9b1",
  "note": "Values are expected to be equal"
}
auth_time
{
  "first": 1669613807,
  "second": 1669613807,
  "note": "Values are expected to be equal"
}
azp
Id tokens do not contain azp claims
Userinfo endpoint tests
2022-11-28 05:45:25
CallProtectedResource
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/userinfo
request_method
GET
request_headers
{
  "accept": "application/json",
  "authorization": "bearer 7EiPHr8LJzbSu_DD4N-McSLBOYF4H7oG8q19MKwOjXE.hvEJhJbu-Qve9-mwmyA-kU6ouHnF9h_RaYKkMgbzB6U1X8ldkybkK46DrLUqejePS59KDafrgCZWR7PGRqnreQ.M18xNjY5NjE0MzI0XzE4",
  "content-length": "0"
}
request_body

                                
2022-11-28 05:45:26 RESPONSE
CallProtectedResource
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK33226151-4783-409c-b0c0-8469963fc8d3",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c28163844af5374fed91",
  "content-length": "324",
  "date": "Mon, 28 Nov 2022 05:45:26 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:C6eJLShJxweUAjpSelwGjErPdAsbf8OtTHXhZOtAJQw\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:57871319; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d56E18EE2B4A54BD15E54DB85B96FC20E~-1~YAAQBmrcF3eICImEAQAAGtHEvAhWbrm+P5F5Sd0mEZ21rCKfh4CO14gzgLxpTi64lS2O9vy/Sqj4zbktZZxawW6PY1h0xZAETdGJZ6EsbFQ56Jzj3JA7zcEPApLddXMeN+kzsdOF9wTAEgj6lekcdoqRE1lvxQibEja8E6szRA++JIo6DQat5RgUM3RE5pn1/jY/3Kkbvua+hiYd58Sr8rvbZ/ZDIdk7xf8rRy7VB1ZT4EKCeMx+bdewe5leBNDYgdGmaSgTC2f74JzSNdS8mszFpcNyP6oyE4q8c/yqlr0akn5jMUAngFmmvf0DlMgoCrUlPx7kpuRFxrcAWXdaUKSz3PyjSgFf5ulZH6JmCoC9QsJQUfpvmZuGyvDo8iJQQjtpehw\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 05:45:26 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d9000099D466C2B3333B243DA31F40F01~YAAQBmrcF3iICImEAQAAGtHEvBFeW5R3rpVQFy+rWGWVUIyFAYnbaTbHAwFKWB0+4Nzx+Hun1I7HLTF/SpfRizL4td4TvwIrm4gMXTAxt98vd073cvXdGrAiyrv/bfQfVmInS/8gLuR/hjItLfnGHrlfLKkt2DxTAjGvJUHMU6kONM02LUBLRLWzrn+DZ25mej+BTNSzH2MLLG+zemc9xgHKY9OOaEQnogUHWpASipaCtgQCCxV0+eFU2ot7ISy8bqFlEVyaHgEhMazInf4gkcaex9C8Ce3icbz96Nu73Ice6xtasZcC7XUp4zKf~3224386~4338226; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 09:45:25 GMT; Max-Age\u003d14399; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d280",
    "origin; dur\u003d448"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"acr":"urn:ibm:security:policy:id:1","amr":["password"],"aud":["18ee4145-ac69-4b92-88d0-5f4cb2e9a9b1"],"auth_time":1669613807,"iss":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2","name":"ISV Dev","preferred_username":"isvdev@ibm.com","rat":1669614304,"realmName":"cloudIdentityRealm","sub":"6160017N67"}
2022-11-28 05:45:26 SUCCESS
CallProtectedResource
Got a response from the resource endpoint
status
200
endpoint_name
resource
headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK33226151-4783-409c-b0c0-8469963fc8d3",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c28163844af5374fed91",
  "content-length": "324",
  "date": "Mon, 28 Nov 2022 05:45:26 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:C6eJLShJxweUAjpSelwGjErPdAsbf8OtTHXhZOtAJQw\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:57871319; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d56E18EE2B4A54BD15E54DB85B96FC20E~-1~YAAQBmrcF3eICImEAQAAGtHEvAhWbrm+P5F5Sd0mEZ21rCKfh4CO14gzgLxpTi64lS2O9vy/Sqj4zbktZZxawW6PY1h0xZAETdGJZ6EsbFQ56Jzj3JA7zcEPApLddXMeN+kzsdOF9wTAEgj6lekcdoqRE1lvxQibEja8E6szRA++JIo6DQat5RgUM3RE5pn1/jY/3Kkbvua+hiYd58Sr8rvbZ/ZDIdk7xf8rRy7VB1ZT4EKCeMx+bdewe5leBNDYgdGmaSgTC2f74JzSNdS8mszFpcNyP6oyE4q8c/yqlr0akn5jMUAngFmmvf0DlMgoCrUlPx7kpuRFxrcAWXdaUKSz3PyjSgFf5ulZH6JmCoC9QsJQUfpvmZuGyvDo8iJQQjtpehw\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 05:45:26 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d9000099D466C2B3333B243DA31F40F01~YAAQBmrcF3iICImEAQAAGtHEvBFeW5R3rpVQFy+rWGWVUIyFAYnbaTbHAwFKWB0+4Nzx+Hun1I7HLTF/SpfRizL4td4TvwIrm4gMXTAxt98vd073cvXdGrAiyrv/bfQfVmInS/8gLuR/hjItLfnGHrlfLKkt2DxTAjGvJUHMU6kONM02LUBLRLWzrn+DZ25mej+BTNSzH2MLLG+zemc9xgHKY9OOaEQnogUHWpASipaCtgQCCxV0+eFU2ot7ISy8bqFlEVyaHgEhMazInf4gkcaex9C8Ce3icbz96Nu73Ice6xtasZcC7XUp4zKf~3224386~4338226; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 09:45:25 GMT; Max-Age\u003d14399; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d280",
    "origin; dur\u003d448"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
body
{"acr":"urn:ibm:security:policy:id:1","amr":["password"],"aud":["18ee4145-ac69-4b92-88d0-5f4cb2e9a9b1"],"auth_time":1669613807,"iss":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2","name":"ISV Dev","preferred_username":"isvdev@ibm.com","rat":1669614304,"realmName":"cloudIdentityRealm","sub":"6160017N67"}
2022-11-28 05:45:26 SUCCESS
EnsureHttpStatusCodeIs200
resource endpoint returned the expected http status
expected_status
200
http_status
200
Second client: Make request to authorization endpoint
2022-11-28 05:45:26 SUCCESS
CreateAuthorizationEndpointRequestFromClientInformation
Created authorization endpoint request
client_id
2c654440-2106-442c-972b-01b364e58331
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
scope
openid
2022-11-28 05:45:26
CreateRandomStateValue
Created state value
requested_state_length
10
state
P2iXPmAmIW
2022-11-28 05:45:26 SUCCESS
AddStateToAuthorizationEndpointRequest
Added state parameter to request
client_id
2c654440-2106-442c-972b-01b364e58331
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
scope
openid
state
P2iXPmAmIW
2022-11-28 05:45:26
CreateRandomNonceValue
Created nonce value
requested_nonce_length
10
nonce
d44nmZUVdJ
2022-11-28 05:45:26 SUCCESS
AddNonceToAuthorizationEndpointRequest
Added nonce parameter to request
client_id
2c654440-2106-442c-972b-01b364e58331
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
scope
openid
state
P2iXPmAmIW
nonce
d44nmZUVdJ
2022-11-28 05:45:26 SUCCESS
SetAuthorizationEndpointRequestResponseTypeFromEnvironment
Added response_type parameter to request
client_id
2c654440-2106-442c-972b-01b364e58331
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
scope
openid
state
P2iXPmAmIW
nonce
d44nmZUVdJ
response_type
code token
2022-11-28 05:45:26 SUCCESS
AddPromptConsentToAuthorizationEndpointRequestIfScopeContainsOfflineAccess
Not adding prompt=consent as the scope in the configuration does not contain offline_access
2022-11-28 05:45:26 SUCCESS
BuildPlainRedirectToAuthorizationEndpoint
Sending to authorization endpoint
auth_request
{
  "client_id": "2c654440-2106-442c-972b-01b364e58331",
  "redirect_uri": "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback",
  "scope": "openid",
  "state": "P2iXPmAmIW",
  "nonce": "d44nmZUVdJ",
  "response_type": "code token"
}
redirect_to_authorization_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/authorize?client_id=2c654440-2106-442c-972b-01b364e58331&redirect_uri=https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback&scope=openid&state=P2iXPmAmIW&nonce=d44nmZUVdJ&response_type=code%20token
2022-11-28 05:45:26 REDIRECT
oidcc-refresh-token
Redirecting to authorization endpoint
redirect_to
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/authorize?client_id=2c654440-2106-442c-972b-01b364e58331&redirect_uri=https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback&scope=openid&state=P2iXPmAmIW&nonce=d44nmZUVdJ&response_type=code%20token
2022-11-28 05:45:30 INCOMING
oidcc-refresh-token
Incoming HTTP request to /test/a/isv_op_oidc_core_test/callback
incoming_headers
{
  "host": "www.certification.openid.net",
  "cache-control": "max-age\u003d0",
  "upgrade-insecure-requests": "1",
  "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,image/avif,image/webp,image/apng,*/*;q\u003d0.8,application/signed-exchange;v\u003db3;q\u003d0.9",
  "sec-fetch-site": "cross-site",
  "sec-fetch-mode": "navigate",
  "sec-fetch-user": "?1",
  "sec-fetch-dest": "document",
  "sec-ch-ua": "\"Google Chrome\";v\u003d\"107\", \"Chromium\";v\u003d\"107\", \"Not\u003dA?Brand\";v\u003d\"24\"",
  "sec-ch-ua-mobile": "?0",
  "sec-ch-ua-platform": "\"Windows\"",
  "referer": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-US,en;q\u003d0.9,zh-CN;q\u003d0.8,zh;q\u003d0.7",
  "cookie": "__utmc\u003d201319536; __utma\u003d201319536.1094656506.1667372526.1669192421.1669574146.18; __utmz\u003d201319536.1669574146.18.4.utmcsr\u003dgoogle|utmccn\u003d(organic)|utmcmd\u003dorganic|utmctr\u003d(not%20provided); JSESSIONID\u003d3F138883B59A4562B9987C6E0F96FA4F",
  "connection": "close"
}
incoming_path
/test/a/isv_op_oidc_core_test/callback
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cert
incoming_query_string_params
{}
incoming_body
incoming_tls_chain
[
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL"
]
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_body_json
2022-11-28 05:45:30 SUCCESS
CreateRandomImplicitSubmitUrl
Created random implicit submission URL
implicit_submit
{
  "path": "implicit/w7YrIxUqDPfF6f74Ybf7",
  "fullUrl": "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/implicit/w7YrIxUqDPfF6f74Ybf7"
}
2022-11-28 05:45:30 OUTGOING
oidcc-refresh-token
Response to HTTP request to test instance Z4ivoFoGs56mpgu
outgoing
ModelAndView [view="implicitCallback"; model={implicitSubmitUrl=https://www.certification.openid.net/test/a/isv_op_oidc_core_test/implicit/w7YrIxUqDPfF6f74Ybf7, returnUrl=/log-detail.html?log=Z4ivoFoGs56mpgu}]
outgoing_path
callback
2022-11-28 05:45:31 INCOMING
oidcc-refresh-token
Incoming HTTP request to /test/a/isv_op_oidc_core_test/implicit/w7YrIxUqDPfF6f74Ybf7
incoming_headers
{
  "host": "www.certification.openid.net",
  "sec-ch-ua": "\"Google Chrome\";v\u003d\"107\", \"Chromium\";v\u003d\"107\", \"Not\u003dA?Brand\";v\u003d\"24\"",
  "accept": "*/*",
  "content-type": "text/plain",
  "x-requested-with": "XMLHttpRequest",
  "sec-ch-ua-mobile": "?0",
  "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36",
  "sec-ch-ua-platform": "\"Windows\"",
  "origin": "https://www.certification.openid.net",
  "sec-fetch-site": "same-origin",
  "sec-fetch-mode": "cors",
  "sec-fetch-dest": "empty",
  "referer": "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-US,en;q\u003d0.9,zh-CN;q\u003d0.8,zh;q\u003d0.7",
  "cookie": "__utmc\u003d201319536; __utma\u003d201319536.1094656506.1667372526.1669192421.1669574146.18; __utmz\u003d201319536.1669574146.18.4.utmcsr\u003dgoogle|utmccn\u003d(organic)|utmcmd\u003dorganic|utmctr\u003d(not%20provided); JSESSIONID\u003d3F138883B59A4562B9987C6E0F96FA4F",
  "connection": "close",
  "content-length": "441"
}
incoming_path
/test/a/isv_op_oidc_core_test/implicit/w7YrIxUqDPfF6f74Ybf7
incoming_body_form_params
incoming_method
POST
incoming_tls_version
TLSv1.2
incoming_tls_cert
incoming_query_string_params
{}
incoming_body
#access_token=Q4ymbZdgbvMGD1OjiCkE-ydkSp596R67YRVrWBULXCw.Q6vg7nm2IV9CvsIHw42HHBsHW8HaTLBTNK9GnLsffMFwyGo9JtHB0mNwn1Trp1mEYdZyjwkCsS-DxH9xfIXLlQ.M18xNjY5NjE0MzMwXzE4&code=mNdZPNSTQhientqHEu2EfDWicI0p0DvHr1z_oRkrIkc.OHSEF1PXki6-F7exWLnvpUQ63ZK00XVghh8jopd71fdotznC_0oYM678BkL5iHDMuHgLNu2lyNECl62A4_CZfg&expires_in=7199&iss=https%3A%2F%2Foidc-conformance.rel.verify.ibmcloudsecurity.com%2Foauth2&scope=openid&state=P2iXPmAmIW&token_type=bearer
incoming_tls_chain
[
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL"
]
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_body_json
2022-11-28 05:45:31 OUTGOING
oidcc-refresh-token
Response to HTTP request to test instance Z4ivoFoGs56mpgu
outgoing_status_code
204
outgoing_headers
{}
outgoing_body

                                
outgoing_path
implicit/w7YrIxUqDPfF6f74Ybf7
2022-11-28 05:45:31
ExtractImplicitHashToCallbackResponse
Extracted response from URL fragment
parameters
[
  {
    "name": "access_token",
    "value": "Q4ymbZdgbvMGD1OjiCkE-ydkSp596R67YRVrWBULXCw.Q6vg7nm2IV9CvsIHw42HHBsHW8HaTLBTNK9GnLsffMFwyGo9JtHB0mNwn1Trp1mEYdZyjwkCsS-DxH9xfIXLlQ.M18xNjY5NjE0MzMwXzE4"
  },
  {
    "name": "code",
    "value": "mNdZPNSTQhientqHEu2EfDWicI0p0DvHr1z_oRkrIkc.OHSEF1PXki6-F7exWLnvpUQ63ZK00XVghh8jopd71fdotznC_0oYM678BkL5iHDMuHgLNu2lyNECl62A4_CZfg"
  },
  {
    "name": "expires_in",
    "value": "7199"
  },
  {
    "name": "iss",
    "value": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2"
  },
  {
    "name": "scope",
    "value": "openid"
  },
  {
    "name": "state",
    "value": "P2iXPmAmIW"
  },
  {
    "name": "token_type",
    "value": "bearer"
  }
]
2022-11-28 05:45:31 SUCCESS
ExtractImplicitHashToCallbackResponse
Extracted the hash values
access_token
Q4ymbZdgbvMGD1OjiCkE-ydkSp596R67YRVrWBULXCw.Q6vg7nm2IV9CvsIHw42HHBsHW8HaTLBTNK9GnLsffMFwyGo9JtHB0mNwn1Trp1mEYdZyjwkCsS-DxH9xfIXLlQ.M18xNjY5NjE0MzMwXzE4
code
mNdZPNSTQhientqHEu2EfDWicI0p0DvHr1z_oRkrIkc.OHSEF1PXki6-F7exWLnvpUQ63ZK00XVghh8jopd71fdotznC_0oYM678BkL5iHDMuHgLNu2lyNECl62A4_CZfg
expires_in
7199
iss
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2
scope
openid
state
P2iXPmAmIW
token_type
bearer
2022-11-28 05:45:31 REDIRECT-IN
oidcc-refresh-token
Authorization endpoint response captured
url_query
{}
headers
{
  "host": "www.certification.openid.net",
  "cache-control": "max-age\u003d0",
  "upgrade-insecure-requests": "1",
  "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,image/avif,image/webp,image/apng,*/*;q\u003d0.8,application/signed-exchange;v\u003db3;q\u003d0.9",
  "sec-fetch-site": "cross-site",
  "sec-fetch-mode": "navigate",
  "sec-fetch-user": "?1",
  "sec-fetch-dest": "document",
  "sec-ch-ua": "\"Google Chrome\";v\u003d\"107\", \"Chromium\";v\u003d\"107\", \"Not\u003dA?Brand\";v\u003d\"24\"",
  "sec-ch-ua-mobile": "?0",
  "sec-ch-ua-platform": "\"Windows\"",
  "referer": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-US,en;q\u003d0.9,zh-CN;q\u003d0.8,zh;q\u003d0.7",
  "cookie": "__utmc\u003d201319536; __utma\u003d201319536.1094656506.1667372526.1669192421.1669574146.18; __utmz\u003d201319536.1669574146.18.4.utmcsr\u003dgoogle|utmccn\u003d(organic)|utmcmd\u003dorganic|utmctr\u003d(not%20provided); JSESSIONID\u003d3F138883B59A4562B9987C6E0F96FA4F",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "x-forwarded-proto": "https",
  "x-forwarded-port": "443",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
http_method
GET
url_fragment
{
  "access_token": "Q4ymbZdgbvMGD1OjiCkE-ydkSp596R67YRVrWBULXCw.Q6vg7nm2IV9CvsIHw42HHBsHW8HaTLBTNK9GnLsffMFwyGo9JtHB0mNwn1Trp1mEYdZyjwkCsS-DxH9xfIXLlQ.M18xNjY5NjE0MzMwXzE4",
  "code": "mNdZPNSTQhientqHEu2EfDWicI0p0DvHr1z_oRkrIkc.OHSEF1PXki6-F7exWLnvpUQ63ZK00XVghh8jopd71fdotznC_0oYM678BkL5iHDMuHgLNu2lyNECl62A4_CZfg",
  "expires_in": "7199",
  "iss": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "scope": "openid",
  "state": "P2iXPmAmIW",
  "token_type": "bearer"
}
post_body
Second client: Verify authorization endpoint response
2022-11-28 05:45:31 SUCCESS
RejectAuthCodeInUrlQuery
Authorization code is not present in URL query returned from authorization endpoint
2022-11-28 05:45:31 SUCCESS
RejectErrorInUrlQuery
'error' is not present in URL query returned from authorization endpoint
2022-11-28 05:45:31 SUCCESS
CheckMatchingCallbackParameters
Callback parameters successfully verified
2022-11-28 05:45:31 SUCCESS
ValidateIssInAuthorizationResponse
'iss' parameter in authorization response matches server's issuer value.
2022-11-28 05:45:31 SUCCESS
CheckIfAuthorizationEndpointError
No error from authorization endpoint
2022-11-28 05:45:31 SUCCESS
CheckStateInAuthorizationResponse
State in response correctly returned
state
P2iXPmAmIW
2022-11-28 05:45:31 SUCCESS
ExtractAuthorizationCodeFromAuthorizationResponse
Found authorization code
code
mNdZPNSTQhientqHEu2EfDWicI0p0DvHr1z_oRkrIkc.OHSEF1PXki6-F7exWLnvpUQ63ZK00XVghh8jopd71fdotznC_0oYM678BkL5iHDMuHgLNu2lyNECl62A4_CZfg
2022-11-28 05:45:31 SUCCESS
ExtractAccessTokenFromAuthorizationResponse
Extracted the access token
value
Q4ymbZdgbvMGD1OjiCkE-ydkSp596R67YRVrWBULXCw.Q6vg7nm2IV9CvsIHw42HHBsHW8HaTLBTNK9GnLsffMFwyGo9JtHB0mNwn1Trp1mEYdZyjwkCsS-DxH9xfIXLlQ.M18xNjY5NjE0MzMwXzE4
type
bearer
Second client: Userinfo endpoint tests
2022-11-28 05:45:31
CallProtectedResource
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/userinfo
request_method
GET
request_headers
{
  "accept": "application/json",
  "authorization": "bearer Q4ymbZdgbvMGD1OjiCkE-ydkSp596R67YRVrWBULXCw.Q6vg7nm2IV9CvsIHw42HHBsHW8HaTLBTNK9GnLsffMFwyGo9JtHB0mNwn1Trp1mEYdZyjwkCsS-DxH9xfIXLlQ.M18xNjY5NjE0MzMwXzE4",
  "content-length": "0"
}
request_body

                                
2022-11-28 05:45:31 RESPONSE
CallProtectedResource
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK24e5287e-a741-4a8c-ad45-1325d7f8eb1b",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c28163844afb374fff41",
  "content-length": "324",
  "date": "Mon, 28 Nov 2022 05:45:31 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:pm133Cimg0zbQv3Y8v0teY1gBx6AsHt6VmISh9EGjTg\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:61017047; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d0ACE4032D0061A15FB42449AE11FBE26~-1~YAAQBmrcFxWJCImEAQAAsOfEvAgkhSzGSOfNKlKJlt9hy0/CH/1Os4mQGM7GmgjENpbCc/jRlNLD7GFhH8tC6Fll9JZWx5Si/Q6fRS1/0AylV1aS5/N8AzRGd0SgJKwdzp0klxnbqKDi0faLkn1dvcD80r3qZAz3McdirPVzLAHRWcSqYojzJiseyB4cxZyLXD9rImKxaBa7sCp7PsEgNwqgz/bOxVz8lAUClRq3OXFz76TN2Blh0ZqcMfEfv1AXiMh3eu4Nb3PO6+cM4BC0Lj/OMNd7sCfDXpbwJtgpQRcxKo+KebRc4PVUMYBmWRlgIscAkooSLaK4c6prO1Fjou5yjqPQtCVvSUm8JNNkEqPhRHWoUnfbaE/VqkP/157eS5XoxeM\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 05:45:31 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d966CEA1C984B9DC5C479AD9F6991E0E7~YAAQBmrcFxaJCImEAQAAsOfEvBEtOOawY/5yPVUIL014fj2pfNcKMFx0Xzdwapi0+aZOweCUbWrwJ2C+5oVpkkLkDn+rvOfo+vE5MI0Pxtx0czJdspc22E3dY29U6zECkoMxPj7iypgirHnsR32v8xBB+ANPXGhKdSqnNSRMsn+edNPu3TgIdVniRCcZCHUa8taMFwxtanClXTNT9Jetm9Ul5uS+vaK+WAoIQqmRpNxAq1OigDVTJRQxmU0Gb684pJPhwQ3BaEkn8z/9Y2hs0qAopMTNEnHPZTFhZmKjEYfA5oBfxW3Src34gcLo~4340018~4539718; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 09:45:31 GMT; Max-Age\u003d14400; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d80",
    "origin; dur\u003d134"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"acr":"urn:ibm:security:policy:id:1","amr":["password"],"aud":["2c654440-2106-442c-972b-01b364e58331"],"auth_time":1669613807,"iss":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2","name":"ISV Dev","preferred_username":"isvdev@ibm.com","rat":1669614327,"realmName":"cloudIdentityRealm","sub":"6160017N67"}
2022-11-28 05:45:31 SUCCESS
CallProtectedResource
Got a response from the resource endpoint
status
200
endpoint_name
resource
headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK24e5287e-a741-4a8c-ad45-1325d7f8eb1b",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c28163844afb374fff41",
  "content-length": "324",
  "date": "Mon, 28 Nov 2022 05:45:31 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:pm133Cimg0zbQv3Y8v0teY1gBx6AsHt6VmISh9EGjTg\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:61017047; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d0ACE4032D0061A15FB42449AE11FBE26~-1~YAAQBmrcFxWJCImEAQAAsOfEvAgkhSzGSOfNKlKJlt9hy0/CH/1Os4mQGM7GmgjENpbCc/jRlNLD7GFhH8tC6Fll9JZWx5Si/Q6fRS1/0AylV1aS5/N8AzRGd0SgJKwdzp0klxnbqKDi0faLkn1dvcD80r3qZAz3McdirPVzLAHRWcSqYojzJiseyB4cxZyLXD9rImKxaBa7sCp7PsEgNwqgz/bOxVz8lAUClRq3OXFz76TN2Blh0ZqcMfEfv1AXiMh3eu4Nb3PO6+cM4BC0Lj/OMNd7sCfDXpbwJtgpQRcxKo+KebRc4PVUMYBmWRlgIscAkooSLaK4c6prO1Fjou5yjqPQtCVvSUm8JNNkEqPhRHWoUnfbaE/VqkP/157eS5XoxeM\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 05:45:31 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d966CEA1C984B9DC5C479AD9F6991E0E7~YAAQBmrcFxaJCImEAQAAsOfEvBEtOOawY/5yPVUIL014fj2pfNcKMFx0Xzdwapi0+aZOweCUbWrwJ2C+5oVpkkLkDn+rvOfo+vE5MI0Pxtx0czJdspc22E3dY29U6zECkoMxPj7iypgirHnsR32v8xBB+ANPXGhKdSqnNSRMsn+edNPu3TgIdVniRCcZCHUa8taMFwxtanClXTNT9Jetm9Ul5uS+vaK+WAoIQqmRpNxAq1OigDVTJRQxmU0Gb684pJPhwQ3BaEkn8z/9Y2hs0qAopMTNEnHPZTFhZmKjEYfA5oBfxW3Src34gcLo~4340018~4539718; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 09:45:31 GMT; Max-Age\u003d14400; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d80",
    "origin; dur\u003d134"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
body
{"acr":"urn:ibm:security:policy:id:1","amr":["password"],"aud":["2c654440-2106-442c-972b-01b364e58331"],"auth_time":1669613807,"iss":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2","name":"ISV Dev","preferred_username":"isvdev@ibm.com","rat":1669614327,"realmName":"cloudIdentityRealm","sub":"6160017N67"}
2022-11-28 05:45:31 SUCCESS
EnsureHttpStatusCodeIs200
resource endpoint returned the expected http status
expected_status
200
http_status
200
2022-11-28 05:45:31 SUCCESS
CreateTokenEndpointRequestForAuthorizationCodeGrant
Created token endpoint request
grant_type
authorization_code
code
mNdZPNSTQhientqHEu2EfDWicI0p0DvHr1z_oRkrIkc.OHSEF1PXki6-F7exWLnvpUQ63ZK00XVghh8jopd71fdotznC_0oYM678BkL5iHDMuHgLNu2lyNECl62A4_CZfg
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
2022-11-28 05:45:31 SUCCESS
CreateClientAuthenticationAssertionClaims
Created client assertion claims
iss
2c654440-2106-442c-972b-01b364e58331
sub
2c654440-2106-442c-972b-01b364e58331
aud
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/token
jti
mGWgAAwkZwu3I0TyDMe3
iat
1669614331
exp
1669614391
2022-11-28 05:45:31 SUCCESS
SignClientAuthenticationAssertion
Signed the client assertion
client_assertion
eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiIyYzY1NDQ0MC0yMTA2LTQ0MmMtOTcyYi0wMWIzNjRlNTgzMzEiLCJhdWQiOiJodHRwczpcL1wvb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tXC9vYXV0aDJcL3Rva2VuIiwiaXNzIjoiMmM2NTQ0NDAtMjEwNi00NDJjLTk3MmItMDFiMzY0ZTU4MzMxIiwiZXhwIjoxNjY5NjE0MzkxLCJpYXQiOjE2Njk2MTQzMzEsImp0aSI6Im1HV2dBQXdrWnd1M0kwVHlETWUzIn0.KpDtyayiuHtiNKixcTI800xLIYm5LAjMFTJL36cJe585YSr1Ekf_gTJ9RcTBwqfIsgRZbLCLshAfEzIq1kep3xgXf6tBAgfrkDU73TNl9wgMjDA-UGnRbZ7yYunP_D4ncz97TLz12aEiPDg_YKc01OrQM77m-kEh-By-wEYKpgJhK4aocvSqXYLDS1uV7qEcfStnpGyM_TvgJ8WQ69MjDENAuF7wudi4Lh8SMVeoTFW2LEv2aePCKIzrhiI54q8sVWH3CQoMFserJ7aHZtiAOJ_Ydpnec27--fvfYUphIybbiWUQ2rq4t3mys29t9vwTf5IaBWtsvF-pKcij2ZuLCQ
2022-11-28 05:45:31
AddClientAssertionToTokenEndpointRequest
Added client assertion
grant_type
authorization_code
code
mNdZPNSTQhientqHEu2EfDWicI0p0DvHr1z_oRkrIkc.OHSEF1PXki6-F7exWLnvpUQ63ZK00XVghh8jopd71fdotznC_0oYM678BkL5iHDMuHgLNu2lyNECl62A4_CZfg
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
client_assertion
eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiIyYzY1NDQ0MC0yMTA2LTQ0MmMtOTcyYi0wMWIzNjRlNTgzMzEiLCJhdWQiOiJodHRwczpcL1wvb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tXC9vYXV0aDJcL3Rva2VuIiwiaXNzIjoiMmM2NTQ0NDAtMjEwNi00NDJjLTk3MmItMDFiMzY0ZTU4MzMxIiwiZXhwIjoxNjY5NjE0MzkxLCJpYXQiOjE2Njk2MTQzMzEsImp0aSI6Im1HV2dBQXdrWnd1M0kwVHlETWUzIn0.KpDtyayiuHtiNKixcTI800xLIYm5LAjMFTJL36cJe585YSr1Ekf_gTJ9RcTBwqfIsgRZbLCLshAfEzIq1kep3xgXf6tBAgfrkDU73TNl9wgMjDA-UGnRbZ7yYunP_D4ncz97TLz12aEiPDg_YKc01OrQM77m-kEh-By-wEYKpgJhK4aocvSqXYLDS1uV7qEcfStnpGyM_TvgJ8WQ69MjDENAuF7wudi4Lh8SMVeoTFW2LEv2aePCKIzrhiI54q8sVWH3CQoMFserJ7aHZtiAOJ_Ydpnec27--fvfYUphIybbiWUQ2rq4t3mys29t9vwTf5IaBWtsvF-pKcij2ZuLCQ
client_assertion_type
urn:ietf:params:oauth:client-assertion-type:jwt-bearer
2022-11-28 05:45:31
CallTokenEndpoint
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/token
request_method
POST
request_headers
{
  "accept": "application/json",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "1051"
}
request_body
grant_type=authorization_code&code=mNdZPNSTQhientqHEu2EfDWicI0p0DvHr1z_oRkrIkc.OHSEF1PXki6-F7exWLnvpUQ63ZK00XVghh8jopd71fdotznC_0oYM678BkL5iHDMuHgLNu2lyNECl62A4_CZfg&redirect_uri=https%3A%2F%2Fwww.certification.openid.net%2Ftest%2Fa%2Fisv_op_oidc_core_test%2Fcallback&client_assertion=eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiIyYzY1NDQ0MC0yMTA2LTQ0MmMtOTcyYi0wMWIzNjRlNTgzMzEiLCJhdWQiOiJodHRwczpcL1wvb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tXC9vYXV0aDJcL3Rva2VuIiwiaXNzIjoiMmM2NTQ0NDAtMjEwNi00NDJjLTk3MmItMDFiMzY0ZTU4MzMxIiwiZXhwIjoxNjY5NjE0MzkxLCJpYXQiOjE2Njk2MTQzMzEsImp0aSI6Im1HV2dBQXdrWnd1M0kwVHlETWUzIn0.KpDtyayiuHtiNKixcTI800xLIYm5LAjMFTJL36cJe585YSr1Ekf_gTJ9RcTBwqfIsgRZbLCLshAfEzIq1kep3xgXf6tBAgfrkDU73TNl9wgMjDA-UGnRbZ7yYunP_D4ncz97TLz12aEiPDg_YKc01OrQM77m-kEh-By-wEYKpgJhK4aocvSqXYLDS1uV7qEcfStnpGyM_TvgJ8WQ69MjDENAuF7wudi4Lh8SMVeoTFW2LEv2aePCKIzrhiI54q8sVWH3CQoMFserJ7aHZtiAOJ_Ydpnec27--fvfYUphIybbiWUQ2rq4t3mys29t9vwTf5IaBWtsvF-pKcij2ZuLCQ&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer
2022-11-28 05:45:32 RESPONSE
CallTokenEndpoint
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK36f1baf8-ce48-4a78-b732-232af3e277d9",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c28163844afc37500101",
  "content-length": "1498",
  "date": "Mon, 28 Nov 2022 05:45:32 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:atDpuQMEOOnPPOTl+AGakghrVgyyy+142/HiC2FaZxE\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:54725591; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003dB450A8625333837B9AEC069E6CF01A26~-1~YAAQBmrcFxmJCImEAQAADOnEvAjZu50no1iuJDDpKMgCRZ+cTqXwDqJeAdWn8G6IBHo98hGFEZHxlMTrwSXl3DLiYD9YNB93E1eulPxdFMubHjj9MS48VCAmzA1hUBzeLsyZAAbNkpexx900RhIbW8XQI8t5zx+FO8kKe35GOYTI2vSzx5Ye+XCPfaojkKUupzW5ciSwGSPSCIP1vUcjQOSIsafxwQ3Sov9Px4F/pCHarzjeXtD7rceUSIxfc8MwZuMuY+keib64wEIV0YFaY2cAqWh2XbkMg6AjmV8sOI+dgbXkdG00IiYMiYcXrk5w0qGbODTah3OojVP2FqsigRsWwptFn9W0BnSGFKCNi29p3MM9o24nhWW16twLBgdPjKtvh40\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 05:45:32 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d739DDB7DFFFCAF75361AD315214F7648~YAAQBmrcFxqJCImEAQAADOnEvBECL/AbHR5OMvFS3lDGFFCooWmNPFPmFmxKg/5dCEyPPIpvIbttqIqgKuOoCUFXEU3lMChvll/ty43n6ne6DbYmumbNUP78mrMaFypwkFGJ76ROCmAmp3xPq0l1ALPzxh3TjGky3/Dt7uu5swQr+9QHmP9mbSax5csxM3WO5bLpH03+QTo+FwX0SnOrGHRKur/lAqzQr2wUQsXW96LOC10zON0pECnK7Qc+rId/Xq0+ctmCPKP4LL3he7+RsAx9H69VAL7mdwJy8K2C7Jx50149jHQhOI0qY9YJ~4340018~4539718; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 09:45:31 GMT; Max-Age\u003d14399; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d92",
    "origin; dur\u003d150"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"access_token":"Sm07XgJPLWjGk6dl6-tUE9Fp92qwfvIYPmqpNsP4eZw.4RP0RRNF5LXg-Yc21MaFSml1SyljYFtQsQ33vlCK_EwmTqmXzqJLEECqC0uOijm6iKJfIOi6guPiAzxorbL4EA.M18xNjY5NjE0MzMyXzE4","expires_in":7199,"id_token":"eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJmYTlBMXJrc1piTncwUGp6NkVzcHVnIiwiYXVkIjpbIjJjNjU0NDQwLTIxMDYtNDQyYy05NzJiLTAxYjM2NGU1ODMzMSJdLCJhdXRoX3RpbWUiOjE2Njk2MTM4MDcsImV4cCI6MTY2OTYyMTUzMiwiaWF0IjoxNjY5NjE0MzMyLCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiJmZmRkZDg5Yi0xYTE5LTQ1YmEtOGFjMS1mNDcwOWQ3YmZhNTEiLCJuYW1lIjoiSVNWIERldiIsIm5vbmNlIjoiZDQ0bm1aVVZkSiIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NjE0MzI3LCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoia1lsdldEZWV3bUZ2bmNFWHppZkFVUSIsInNfaGFzaCI6InZzd3VtSUFNZUdubi1MMHpBWEZJc0EiLCJzdWIiOiI2MTYwMDE3TjY3In0.dthILUADnabgTJFmm1E655_EjNRjvHFuCM3Iu3NtlKAm2RYShR7tzEFKagX3tgxpZHZeyjpliIlbb7cmimVjqFn_1rUX1kaFTYlujTuKJNAxsc7YE-KFOQbTvI485oCG9WVq2nfI5rAlmJxwMhVI-OMCmFFBJ9dR3wbp8kazDkt15nnUp_FOQzIKEXjs-Aj-8Ou0vIba85kYQPlJp9DsarJI2VIbbs3NzH5fRO_aXuQ2Xl_y9P4nMIyQVT7FxnjoO0rp-RfvOrfgqcpijdc4rBG_hZspInTLAyAt3Z5Hkg49cJOjm3KlTbR8k7YDnp-ECBOodQtTvXMvC7iG1uM2Lw","refresh_token":"BigqyHvdRYM7aQvI2CiBGfD9dY4VWxl0smbhI2RBbAc.WoP8zW4vxg05jXJz7RYOiu3aZxBG6xKO7GvAnVQ3TgqlqFGitKcZFeUt1zHYExtsscONqKITt7A6z2pa9msvsQ.M18xNjY5NjE0MzMyXzE4","scope":"openid","token_type":"bearer"}
2022-11-28 05:45:32 SUCCESS
CallTokenEndpoint
Parsed token endpoint response
access_token
Sm07XgJPLWjGk6dl6-tUE9Fp92qwfvIYPmqpNsP4eZw.4RP0RRNF5LXg-Yc21MaFSml1SyljYFtQsQ33vlCK_EwmTqmXzqJLEECqC0uOijm6iKJfIOi6guPiAzxorbL4EA.M18xNjY5NjE0MzMyXzE4
expires_in
7199
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJmYTlBMXJrc1piTncwUGp6NkVzcHVnIiwiYXVkIjpbIjJjNjU0NDQwLTIxMDYtNDQyYy05NzJiLTAxYjM2NGU1ODMzMSJdLCJhdXRoX3RpbWUiOjE2Njk2MTM4MDcsImV4cCI6MTY2OTYyMTUzMiwiaWF0IjoxNjY5NjE0MzMyLCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiJmZmRkZDg5Yi0xYTE5LTQ1YmEtOGFjMS1mNDcwOWQ3YmZhNTEiLCJuYW1lIjoiSVNWIERldiIsIm5vbmNlIjoiZDQ0bm1aVVZkSiIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NjE0MzI3LCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoia1lsdldEZWV3bUZ2bmNFWHppZkFVUSIsInNfaGFzaCI6InZzd3VtSUFNZUdubi1MMHpBWEZJc0EiLCJzdWIiOiI2MTYwMDE3TjY3In0.dthILUADnabgTJFmm1E655_EjNRjvHFuCM3Iu3NtlKAm2RYShR7tzEFKagX3tgxpZHZeyjpliIlbb7cmimVjqFn_1rUX1kaFTYlujTuKJNAxsc7YE-KFOQbTvI485oCG9WVq2nfI5rAlmJxwMhVI-OMCmFFBJ9dR3wbp8kazDkt15nnUp_FOQzIKEXjs-Aj-8Ou0vIba85kYQPlJp9DsarJI2VIbbs3NzH5fRO_aXuQ2Xl_y9P4nMIyQVT7FxnjoO0rp-RfvOrfgqcpijdc4rBG_hZspInTLAyAt3Z5Hkg49cJOjm3KlTbR8k7YDnp-ECBOodQtTvXMvC7iG1uM2Lw
refresh_token
BigqyHvdRYM7aQvI2CiBGfD9dY4VWxl0smbhI2RBbAc.WoP8zW4vxg05jXJz7RYOiu3aZxBG6xKO7GvAnVQ3TgqlqFGitKcZFeUt1zHYExtsscONqKITt7A6z2pa9msvsQ.M18xNjY5NjE0MzMyXzE4
scope
openid
token_type
bearer
2022-11-28 05:45:32 SUCCESS
CheckIfTokenEndpointResponseError
No error from token endpoint
2022-11-28 05:45:32 SUCCESS
CheckForAccessTokenValue
Found an access token
access_token
Sm07XgJPLWjGk6dl6-tUE9Fp92qwfvIYPmqpNsP4eZw.4RP0RRNF5LXg-Yc21MaFSml1SyljYFtQsQ33vlCK_EwmTqmXzqJLEECqC0uOijm6iKJfIOi6guPiAzxorbL4EA.M18xNjY5NjE0MzMyXzE4
2022-11-28 05:45:32 SUCCESS
ExtractAccessTokenFromTokenResponse
Extracted the access token
value
Sm07XgJPLWjGk6dl6-tUE9Fp92qwfvIYPmqpNsP4eZw.4RP0RRNF5LXg-Yc21MaFSml1SyljYFtQsQ33vlCK_EwmTqmXzqJLEECqC0uOijm6iKJfIOi6guPiAzxorbL4EA.M18xNjY5NjE0MzMyXzE4
type
bearer
2022-11-28 05:45:32 SUCCESS
ExtractExpiresInFromTokenEndpointResponse
Extracted 'expires_in'
expires_in
7199
2022-11-28 05:45:32 SUCCESS
ValidateExpiresIn
expires_in passed all validation checks
expires_in
7199
2022-11-28 05:45:32 SUCCESS
CheckForRefreshTokenValue
Found a refresh token
refresh_token
BigqyHvdRYM7aQvI2CiBGfD9dY4VWxl0smbhI2RBbAc.WoP8zW4vxg05jXJz7RYOiu3aZxBG6xKO7GvAnVQ3TgqlqFGitKcZFeUt1zHYExtsscONqKITt7A6z2pa9msvsQ.M18xNjY5NjE0MzMyXzE4
2022-11-28 05:45:32 SUCCESS
ExtractIdTokenFromTokenResponse
Found and parsed the id_token from token_endpoint_response
value
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJmYTlBMXJrc1piTncwUGp6NkVzcHVnIiwiYXVkIjpbIjJjNjU0NDQwLTIxMDYtNDQyYy05NzJiLTAxYjM2NGU1ODMzMSJdLCJhdXRoX3RpbWUiOjE2Njk2MTM4MDcsImV4cCI6MTY2OTYyMTUzMiwiaWF0IjoxNjY5NjE0MzMyLCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiJmZmRkZDg5Yi0xYTE5LTQ1YmEtOGFjMS1mNDcwOWQ3YmZhNTEiLCJuYW1lIjoiSVNWIERldiIsIm5vbmNlIjoiZDQ0bm1aVVZkSiIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NjE0MzI3LCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoia1lsdldEZWV3bUZ2bmNFWHppZkFVUSIsInNfaGFzaCI6InZzd3VtSUFNZUdubi1MMHpBWEZJc0EiLCJzdWIiOiI2MTYwMDE3TjY3In0.dthILUADnabgTJFmm1E655_EjNRjvHFuCM3Iu3NtlKAm2RYShR7tzEFKagX3tgxpZHZeyjpliIlbb7cmimVjqFn_1rUX1kaFTYlujTuKJNAxsc7YE-KFOQbTvI485oCG9WVq2nfI5rAlmJxwMhVI-OMCmFFBJ9dR3wbp8kazDkt15nnUp_FOQzIKEXjs-Aj-8Ou0vIba85kYQPlJp9DsarJI2VIbbs3NzH5fRO_aXuQ2Xl_y9P4nMIyQVT7FxnjoO0rp-RfvOrfgqcpijdc4rBG_hZspInTLAyAt3Z5Hkg49cJOjm3KlTbR8k7YDnp-ECBOodQtTvXMvC7iG1uM2Lw
header
{
  "kid": "server",
  "alg": "RS256"
}
claims
{
  "at_hash": "fa9A1rksZbNw0Pjz6Espug",
  "sub": "6160017N67",
  "rat": 1669614327,
  "realmName": "cloudIdentityRealm",
  "amr": [
    "password"
  ],
  "iss": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "preferred_username": "isvdev@ibm.com",
  "nonce": "d44nmZUVdJ",
  "rt_hash": "kYlvWDeewmFvncEXzifAUQ",
  "acr": "urn:ibm:security:policy:id:1",
  "aud": "2c654440-2106-442c-972b-01b364e58331",
  "s_hash": "vswumIAMeGnn-L0zAXFIsA",
  "auth_time": 1669613807,
  "name": "ISV Dev",
  "exp": 1669621532,
  "iat": 1669614332,
  "jti": "ffddd89b-1a19-45ba-8ac1-f4709d7bfa51"
}
2022-11-28 05:45:32 SUCCESS
ValidateIdToken
ID token iss, aud, exp, iat, auth_time, acr & nbf claims passed validation checks
2022-11-28 05:45:32
ValidateIdTokenStandardClaims
sub is a string with content
2022-11-28 05:45:32
ValidateIdTokenStandardClaims
Skipping unknown claim: rat
2022-11-28 05:45:32
ValidateIdTokenStandardClaims
Skipping unknown claim: realmName
2022-11-28 05:45:32
ValidateIdTokenStandardClaims
preferred_username is a string with content
2022-11-28 05:45:32
ValidateIdTokenStandardClaims
Skipping unknown claim: rt_hash
2022-11-28 05:45:32
ValidateIdTokenStandardClaims
name is a string with content
2022-11-28 05:45:32 SUCCESS
ValidateIdTokenStandardClaims
id_token claims are valid
2022-11-28 05:45:32 SUCCESS
ValidateIdTokenNonce
Nonce values match
nonce
d44nmZUVdJ
2022-11-28 05:45:32 SUCCESS
ValidateIdTokenACRClaimAgainstRequest
Nothing to check; the conformance suite did not request an acr claim in request object
2022-11-28 05:45:32 SUCCESS
ValidateIdTokenSignature
id_token signature validated
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJmYTlBMXJrc1piTncwUGp6NkVzcHVnIiwiYXVkIjpbIjJjNjU0NDQwLTIxMDYtNDQyYy05NzJiLTAxYjM2NGU1ODMzMSJdLCJhdXRoX3RpbWUiOjE2Njk2MTM4MDcsImV4cCI6MTY2OTYyMTUzMiwiaWF0IjoxNjY5NjE0MzMyLCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiJmZmRkZDg5Yi0xYTE5LTQ1YmEtOGFjMS1mNDcwOWQ3YmZhNTEiLCJuYW1lIjoiSVNWIERldiIsIm5vbmNlIjoiZDQ0bm1aVVZkSiIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NjE0MzI3LCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoia1lsdldEZWV3bUZ2bmNFWHppZkFVUSIsInNfaGFzaCI6InZzd3VtSUFNZUdubi1MMHpBWEZJc0EiLCJzdWIiOiI2MTYwMDE3TjY3In0.dthILUADnabgTJFmm1E655_EjNRjvHFuCM3Iu3NtlKAm2RYShR7tzEFKagX3tgxpZHZeyjpliIlbb7cmimVjqFn_1rUX1kaFTYlujTuKJNAxsc7YE-KFOQbTvI485oCG9WVq2nfI5rAlmJxwMhVI-OMCmFFBJ9dR3wbp8kazDkt15nnUp_FOQzIKEXjs-Aj-8Ou0vIba85kYQPlJp9DsarJI2VIbbs3NzH5fRO_aXuQ2Xl_y9P4nMIyQVT7FxnjoO0rp-RfvOrfgqcpijdc4rBG_hZspInTLAyAt3Z5Hkg49cJOjm3KlTbR8k7YDnp-ECBOodQtTvXMvC7iG1uM2Lw
2022-11-28 05:45:32 SUCCESS
ValidateIdTokenSignatureUsingKid
id_token signature validated
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJmYTlBMXJrc1piTncwUGp6NkVzcHVnIiwiYXVkIjpbIjJjNjU0NDQwLTIxMDYtNDQyYy05NzJiLTAxYjM2NGU1ODMzMSJdLCJhdXRoX3RpbWUiOjE2Njk2MTM4MDcsImV4cCI6MTY2OTYyMTUzMiwiaWF0IjoxNjY5NjE0MzMyLCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiJmZmRkZDg5Yi0xYTE5LTQ1YmEtOGFjMS1mNDcwOWQ3YmZhNTEiLCJuYW1lIjoiSVNWIERldiIsIm5vbmNlIjoiZDQ0bm1aVVZkSiIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NjE0MzI3LCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoia1lsdldEZWV3bUZ2bmNFWHppZkFVUSIsInNfaGFzaCI6InZzd3VtSUFNZUdubi1MMHpBWEZJc0EiLCJzdWIiOiI2MTYwMDE3TjY3In0.dthILUADnabgTJFmm1E655_EjNRjvHFuCM3Iu3NtlKAm2RYShR7tzEFKagX3tgxpZHZeyjpliIlbb7cmimVjqFn_1rUX1kaFTYlujTuKJNAxsc7YE-KFOQbTvI485oCG9WVq2nfI5rAlmJxwMhVI-OMCmFFBJ9dR3wbp8kazDkt15nnUp_FOQzIKEXjs-Aj-8Ou0vIba85kYQPlJp9DsarJI2VIbbs3NzH5fRO_aXuQ2Xl_y9P4nMIyQVT7FxnjoO0rp-RfvOrfgqcpijdc4rBG_hZspInTLAyAt3Z5Hkg49cJOjm3KlTbR8k7YDnp-ECBOodQtTvXMvC7iG1uM2Lw
2022-11-28 05:45:32 SUCCESS
CheckForSubjectInIdToken
Found 'sub' in id_token
sub
6160017N67
2022-11-28 05:45:32
EnsureIdTokenUpdatedAtValid
id_token response does not contain 'updated_at'
2022-11-28 05:45:32 INFO
ValidateEncryptedIdTokenHasKid
Skipped evaluation due to missing required element: id_token jwe_header
path
jwe_header
mapped
object
id_token
2022-11-28 05:45:32 SUCCESS
ExtractRefreshTokenFromTokenResponse
Extracted refresh token from response
refresh_token
BigqyHvdRYM7aQvI2CiBGfD9dY4VWxl0smbhI2RBbAc.WoP8zW4vxg05jXJz7RYOiu3aZxBG6xKO7GvAnVQ3TgqlqFGitKcZFeUt1zHYExtsscONqKITt7A6z2pa9msvsQ.M18xNjY5NjE0MzMyXzE4
2022-11-28 05:45:32 SUCCESS
EnsureServerConfigurationSupportsRefreshToken
The server configuration indicates support for refresh tokens
supported_grant_types
[
  "authorization_code",
  "implicit",
  "password",
  "refresh_token",
  "client_credentials"
]
2022-11-28 05:45:32 SUCCESS
EnsureRefreshTokenContainsAllowedCharactersOnly
Refresh token does not contain any illegal characters
Second client: Refresh Token Request
2022-11-28 05:45:32 SUCCESS
CreateRefreshTokenRequest
Created token endpoint request parameters
grant_type
refresh_token
refresh_token
BigqyHvdRYM7aQvI2CiBGfD9dY4VWxl0smbhI2RBbAc.WoP8zW4vxg05jXJz7RYOiu3aZxBG6xKO7GvAnVQ3TgqlqFGitKcZFeUt1zHYExtsscONqKITt7A6z2pa9msvsQ.M18xNjY5NjE0MzMyXzE4
2022-11-28 05:45:32 SUCCESS
CreateClientAuthenticationAssertionClaims
Created client assertion claims
iss
2c654440-2106-442c-972b-01b364e58331
sub
2c654440-2106-442c-972b-01b364e58331
aud
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/token
jti
uaxbqmTGxcKnuje4voUf
iat
1669614332
exp
1669614392
2022-11-28 05:45:32 SUCCESS
SignClientAuthenticationAssertion
Signed the client assertion
client_assertion
eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiIyYzY1NDQ0MC0yMTA2LTQ0MmMtOTcyYi0wMWIzNjRlNTgzMzEiLCJhdWQiOiJodHRwczpcL1wvb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tXC9vYXV0aDJcL3Rva2VuIiwiaXNzIjoiMmM2NTQ0NDAtMjEwNi00NDJjLTk3MmItMDFiMzY0ZTU4MzMxIiwiZXhwIjoxNjY5NjE0MzkyLCJpYXQiOjE2Njk2MTQzMzIsImp0aSI6InVheGJxbVRHeGNLbnVqZTR2b1VmIn0.cc7J0GzQFUhjgkemhkAnyG7UNCdyO0mMRascOk_5JL9H6XztOAgwOzsepkjwNIyY21eCnkenn5dNDAHQBKHu1xMjS4kbqfJDVSbngrtY18UeQwzPb0ORrKHHfrl69tiIvTorZ15Mg67rKW-AWuJ0XCyMaIjxAfI07FUWVbCAeAmLoNQgUehJHMtUJvjEM7ysi_m4juuj4GIcIMr-P-RmiLhvAgMJs-5nI-GZmnxdsgxpBvSBYBfnetMpJdbgSv0Ay0QZ1mMxUPRGQwoFRi-_kredWQxmAP_DChyHNF9a1ImYiFNdizlfHPAHh2pfyLGj4yT8KkoN_BNQFo_dZeT2RA
2022-11-28 05:45:32
AddClientAssertionToTokenEndpointRequest
Added client assertion
grant_type
refresh_token
refresh_token
BigqyHvdRYM7aQvI2CiBGfD9dY4VWxl0smbhI2RBbAc.WoP8zW4vxg05jXJz7RYOiu3aZxBG6xKO7GvAnVQ3TgqlqFGitKcZFeUt1zHYExtsscONqKITt7A6z2pa9msvsQ.M18xNjY5NjE0MzMyXzE4
client_assertion
eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiIyYzY1NDQ0MC0yMTA2LTQ0MmMtOTcyYi0wMWIzNjRlNTgzMzEiLCJhdWQiOiJodHRwczpcL1wvb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tXC9vYXV0aDJcL3Rva2VuIiwiaXNzIjoiMmM2NTQ0NDAtMjEwNi00NDJjLTk3MmItMDFiMzY0ZTU4MzMxIiwiZXhwIjoxNjY5NjE0MzkyLCJpYXQiOjE2Njk2MTQzMzIsImp0aSI6InVheGJxbVRHeGNLbnVqZTR2b1VmIn0.cc7J0GzQFUhjgkemhkAnyG7UNCdyO0mMRascOk_5JL9H6XztOAgwOzsepkjwNIyY21eCnkenn5dNDAHQBKHu1xMjS4kbqfJDVSbngrtY18UeQwzPb0ORrKHHfrl69tiIvTorZ15Mg67rKW-AWuJ0XCyMaIjxAfI07FUWVbCAeAmLoNQgUehJHMtUJvjEM7ysi_m4juuj4GIcIMr-P-RmiLhvAgMJs-5nI-GZmnxdsgxpBvSBYBfnetMpJdbgSv0Ay0QZ1mMxUPRGQwoFRi-_kredWQxmAP_DChyHNF9a1ImYiFNdizlfHPAHh2pfyLGj4yT8KkoN_BNQFo_dZeT2RA
client_assertion_type
urn:ietf:params:oauth:client-assertion-type:jwt-bearer
2022-11-28 05:45:32 SUCCESS
WaitForOneSecond
Pausing for 1 seconds
2022-11-28 05:45:33 SUCCESS
WaitForOneSecond
Woke up after 1 seconds sleep
2022-11-28 05:45:33
CallTokenEndpointAndReturnFullResponse
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/token
request_method
POST
request_headers
{
  "accept": "application/json",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "974"
}
request_body
grant_type=refresh_token&refresh_token=BigqyHvdRYM7aQvI2CiBGfD9dY4VWxl0smbhI2RBbAc.WoP8zW4vxg05jXJz7RYOiu3aZxBG6xKO7GvAnVQ3TgqlqFGitKcZFeUt1zHYExtsscONqKITt7A6z2pa9msvsQ.M18xNjY5NjE0MzMyXzE4&client_assertion=eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiIyYzY1NDQ0MC0yMTA2LTQ0MmMtOTcyYi0wMWIzNjRlNTgzMzEiLCJhdWQiOiJodHRwczpcL1wvb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tXC9vYXV0aDJcL3Rva2VuIiwiaXNzIjoiMmM2NTQ0NDAtMjEwNi00NDJjLTk3MmItMDFiMzY0ZTU4MzMxIiwiZXhwIjoxNjY5NjE0MzkyLCJpYXQiOjE2Njk2MTQzMzIsImp0aSI6InVheGJxbVRHeGNLbnVqZTR2b1VmIn0.cc7J0GzQFUhjgkemhkAnyG7UNCdyO0mMRascOk_5JL9H6XztOAgwOzsepkjwNIyY21eCnkenn5dNDAHQBKHu1xMjS4kbqfJDVSbngrtY18UeQwzPb0ORrKHHfrl69tiIvTorZ15Mg67rKW-AWuJ0XCyMaIjxAfI07FUWVbCAeAmLoNQgUehJHMtUJvjEM7ysi_m4juuj4GIcIMr-P-RmiLhvAgMJs-5nI-GZmnxdsgxpBvSBYBfnetMpJdbgSv0Ay0QZ1mMxUPRGQwoFRi-_kredWQxmAP_DChyHNF9a1ImYiFNdizlfHPAHh2pfyLGj4yT8KkoN_BNQFo_dZeT2RA&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer
2022-11-28 05:45:33 RESPONSE
CallTokenEndpointAndReturnFullResponse
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AKd0f015ed-e2f2-4d2d-8025-fe74496d9ad9",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c28163844afd11a9a6c9",
  "content-length": "1425",
  "date": "Mon, 28 Nov 2022 05:45:33 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:ZAwgl4vxACS7FhXSw5pAY0gaA0u9iOZS4WXhabK3qBY\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:54725591; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d02434709882075591C584F64F95C1645~-1~YAAQBmrcFyuJCImEAQAAZ+7EvAjNHP3Z2M6gAf4kE3Paf9EdRzBRM8u3GzsLtm7zGcvuBpO7UZxRd6Hb2gegjEiC1mujC/gAERNVjkRIEVcQsWB7+UWVVwaiYX6w2RU7muDFC2EhVJW/KrUuNxZfzYtMH5w2+3ctkoEysEIw0O6/EQmR71hP6cbVvdLJyZbcg6IdT6lfpHqOKadnxuoom9Ezr5eYGrrm2xzub2+Zo2zaPEQor1v+aAtrfDWaRVdHAoYEMTXWUKgv5YzRP9VOWKyJdPxdny+M7YqgDkMSVL8/sbidqR+pJnnbBuz1oHeM3zeYwX/zcmybZ+kZLGLZQF9pmNo7SM90xNWn7Titz1euh1gF64v5+u5Oh+EN87I7nIuN7TY\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 05:45:33 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d9B21CF5C7507D02F47E7714565686D56~YAAQBmrcFyyJCImEAQAAZ+7EvBHVeIe7EKrW3EZNpDROButlRatOX8bD5wYNThGJVjE83IAu0PvGzfvI4ST82zBcUkN/1SY22xitL1rN2Jv7XHsuEkWZCCJsZG2tS+vlEMAEtGmb05hgsJQ7e9K1PPublfVw3LfxT0ynAFIdN3Rm/85ib4/7+UUXN3PqCEmunq1cX8PPbOFAn3c9BycKwPvov1fxY23lZ5zVIZiK4Xvmtkf/xBDDOFBvIoB26glTQQHa93WbdH6V6OxEwBC2SqptCRkgiOVmbKpEfgap5awzhACgmmsp1+GI4Pdp~3359539~4601138; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 09:45:33 GMT; Max-Age\u003d14400; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d98",
    "origin; dur\u003d153"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"access_token":"aIMBPRDGrUhejRXj-HIG6pqExmmwtUK8YGF2mzebofE.n6qgr5EUVqntLl3Zhz8p_AdBQ5wy_luCJOL0AhUnovFZnH1Rn1WZHPjtWuqdQ2J1OkwfoUUXzZlHmrzKv-pbCg.M18xNjY5NjE0MzMzXzE4","expires_in":7199,"id_token":"eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiI0cHotbnRFQVljNGc2QkZEZmpNVVNBIiwiYXVkIjpbIjJjNjU0NDQwLTIxMDYtNDQyYy05NzJiLTAxYjM2NGU1ODMzMSJdLCJhdXRoX3RpbWUiOjE2Njk2MTM4MDcsImV4cCI6MTY2OTYyMTUzMywiaWF0IjoxNjY5NjE0MzMzLCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiJiZWFhYWU0My1iY2U1LTQxY2MtYmNhZS0xZjg5ZGMzYzFkZWEiLCJuYW1lIjoiSVNWIERldiIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NjE0MzI3LCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoiMllGeVJsVGtKVnAxSEhObjdNSmhJZyIsInN1YiI6IjYxNjAwMTdONjcifQ.MFsa5RCaeDj9YbmqXD3T3LYNjX_1Xy25kPyq5ziu9hNG4jDT9H98NlLjGYnfzwZOEGvD1DGHZ0MNACjGnBirHdxcZWB9dYsDxaLVW62S4t1Rs9myAhJYxz8vk9ivHsDOnezxhoOTPUFibRxlPF9Zt15lbqxAiOrrUD7xY6WUmd5vkx83n5zxMXgrp7Aj3Al6JSg9gvKIauyc4vZumCVTYZDaFLJNMIjsbEchZpK73slHN9EuXUrCgGHrjvwx_WqSM5mEn_7eXXb924zrcLgYItPXURu2VoU3NDx0_OklW-wBTEXYpWVpQKWcoihf9FYlPfoC3eTpDaFkKaH1MoLM3A","refresh_token":"Bs8TML01zEPo48TH8UvJ2P3ZFM3uAv-zfCOnbu02BnQ.0rRNcCQN0rqh70M-u6hTAoRQwuhOC2yl81PQv4OM7NugUZkO2Rmib2UR5sXpc6bukYrIMuwMEeTuFEZFMCJQnw.M18xNjY5NjE0MzMzXzE4","scope":"openid","token_type":"bearer"}
2022-11-28 05:45:33 SUCCESS
CallTokenEndpointAndReturnFullResponse
Parsed token endpoint response
access_token
aIMBPRDGrUhejRXj-HIG6pqExmmwtUK8YGF2mzebofE.n6qgr5EUVqntLl3Zhz8p_AdBQ5wy_luCJOL0AhUnovFZnH1Rn1WZHPjtWuqdQ2J1OkwfoUUXzZlHmrzKv-pbCg.M18xNjY5NjE0MzMzXzE4
expires_in
7199
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiI0cHotbnRFQVljNGc2QkZEZmpNVVNBIiwiYXVkIjpbIjJjNjU0NDQwLTIxMDYtNDQyYy05NzJiLTAxYjM2NGU1ODMzMSJdLCJhdXRoX3RpbWUiOjE2Njk2MTM4MDcsImV4cCI6MTY2OTYyMTUzMywiaWF0IjoxNjY5NjE0MzMzLCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiJiZWFhYWU0My1iY2U1LTQxY2MtYmNhZS0xZjg5ZGMzYzFkZWEiLCJuYW1lIjoiSVNWIERldiIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NjE0MzI3LCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoiMllGeVJsVGtKVnAxSEhObjdNSmhJZyIsInN1YiI6IjYxNjAwMTdONjcifQ.MFsa5RCaeDj9YbmqXD3T3LYNjX_1Xy25kPyq5ziu9hNG4jDT9H98NlLjGYnfzwZOEGvD1DGHZ0MNACjGnBirHdxcZWB9dYsDxaLVW62S4t1Rs9myAhJYxz8vk9ivHsDOnezxhoOTPUFibRxlPF9Zt15lbqxAiOrrUD7xY6WUmd5vkx83n5zxMXgrp7Aj3Al6JSg9gvKIauyc4vZumCVTYZDaFLJNMIjsbEchZpK73slHN9EuXUrCgGHrjvwx_WqSM5mEn_7eXXb924zrcLgYItPXURu2VoU3NDx0_OklW-wBTEXYpWVpQKWcoihf9FYlPfoC3eTpDaFkKaH1MoLM3A
refresh_token
Bs8TML01zEPo48TH8UvJ2P3ZFM3uAv-zfCOnbu02BnQ.0rRNcCQN0rqh70M-u6hTAoRQwuhOC2yl81PQv4OM7NugUZkO2Rmib2UR5sXpc6bukYrIMuwMEeTuFEZFMCJQnw.M18xNjY5NjE0MzMzXzE4
scope
openid
token_type
bearer
2022-11-28 05:45:33 SUCCESS
CheckTokenEndpointHttpStatus200
Token endpoint http status code was 200
2022-11-28 05:45:33 SUCCESS
CheckTokenEndpointReturnedJsonContentType
token_endpoint_response_headers Content-Type: header is application/json
2022-11-28 05:45:33 SUCCESS
CheckTokenEndpointCacheHeaders
'cache-control' header in token endpoint response contains expected value.
cache_control_header
no-store
2022-11-28 05:45:33 SUCCESS
CheckIfTokenEndpointResponseError
No error from token endpoint
2022-11-28 05:45:33 SUCCESS
ExtractAccessTokenFromTokenResponse
Extracted the access token
value
aIMBPRDGrUhejRXj-HIG6pqExmmwtUK8YGF2mzebofE.n6qgr5EUVqntLl3Zhz8p_AdBQ5wy_luCJOL0AhUnovFZnH1Rn1WZHPjtWuqdQ2J1OkwfoUUXzZlHmrzKv-pbCg.M18xNjY5NjE0MzMzXzE4
type
bearer
2022-11-28 05:45:33 SUCCESS
CheckTokenTypeIsBearer
Token type is bearer
2022-11-28 05:45:33 SUCCESS
EnsureMinimumAccessTokenEntropy
Calculated shannon entropy seems sufficient
actual
861.9502847300851
expected
96.0
value
aIMBPRDGrUhejRXj-HIG6pqExmmwtUK8YGF2mzebofE.n6qgr5EUVqntLl3Zhz8p_AdBQ5wy_luCJOL0AhUnovFZnH1Rn1WZHPjtWuqdQ2J1OkwfoUUXzZlHmrzKv-pbCg.M18xNjY5NjE0MzMzXzE4
2022-11-28 05:45:33 SUCCESS
EnsureAccessTokenContainsAllowedCharactersOnly
Access token does not contain any illegal characters
2022-11-28 05:45:33 SUCCESS
ExtractExpiresInFromTokenEndpointResponse
Extracted 'expires_in'
expires_in
7199
2022-11-28 05:45:33 SUCCESS
ValidateExpiresIn
expires_in passed all validation checks
expires_in
7199
2022-11-28 05:45:33 SUCCESS
EnsureAccessTokenValuesAreDifferent
Access token values are not the same
first_access_token
Sm07XgJPLWjGk6dl6-tUE9Fp92qwfvIYPmqpNsP4eZw.4RP0RRNF5LXg-Yc21MaFSml1SyljYFtQsQ33vlCK_EwmTqmXzqJLEECqC0uOijm6iKJfIOi6guPiAzxorbL4EA.M18xNjY5NjE0MzMyXzE4
second_access_token
aIMBPRDGrUhejRXj-HIG6pqExmmwtUK8YGF2mzebofE.n6qgr5EUVqntLl3Zhz8p_AdBQ5wy_luCJOL0AhUnovFZnH1Rn1WZHPjtWuqdQ2J1OkwfoUUXzZlHmrzKv-pbCg.M18xNjY5NjE0MzMzXzE4
2022-11-28 05:45:33 SUCCESS
ExtractIdTokenFromTokenResponse
Found and parsed the id_token from token_endpoint_response
value
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiI0cHotbnRFQVljNGc2QkZEZmpNVVNBIiwiYXVkIjpbIjJjNjU0NDQwLTIxMDYtNDQyYy05NzJiLTAxYjM2NGU1ODMzMSJdLCJhdXRoX3RpbWUiOjE2Njk2MTM4MDcsImV4cCI6MTY2OTYyMTUzMywiaWF0IjoxNjY5NjE0MzMzLCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiJiZWFhYWU0My1iY2U1LTQxY2MtYmNhZS0xZjg5ZGMzYzFkZWEiLCJuYW1lIjoiSVNWIERldiIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NjE0MzI3LCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoiMllGeVJsVGtKVnAxSEhObjdNSmhJZyIsInN1YiI6IjYxNjAwMTdONjcifQ.MFsa5RCaeDj9YbmqXD3T3LYNjX_1Xy25kPyq5ziu9hNG4jDT9H98NlLjGYnfzwZOEGvD1DGHZ0MNACjGnBirHdxcZWB9dYsDxaLVW62S4t1Rs9myAhJYxz8vk9ivHsDOnezxhoOTPUFibRxlPF9Zt15lbqxAiOrrUD7xY6WUmd5vkx83n5zxMXgrp7Aj3Al6JSg9gvKIauyc4vZumCVTYZDaFLJNMIjsbEchZpK73slHN9EuXUrCgGHrjvwx_WqSM5mEn_7eXXb924zrcLgYItPXURu2VoU3NDx0_OklW-wBTEXYpWVpQKWcoihf9FYlPfoC3eTpDaFkKaH1MoLM3A
header
{
  "kid": "server",
  "alg": "RS256"
}
claims
{
  "at_hash": "4pz-ntEAYc4g6BFDfjMUSA",
  "sub": "6160017N67",
  "rat": 1669614327,
  "realmName": "cloudIdentityRealm",
  "amr": [
    "password"
  ],
  "iss": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "preferred_username": "isvdev@ibm.com",
  "rt_hash": "2YFyRlTkJVp1HHNn7MJhIg",
  "acr": "urn:ibm:security:policy:id:1",
  "aud": "2c654440-2106-442c-972b-01b364e58331",
  "auth_time": 1669613807,
  "name": "ISV Dev",
  "exp": 1669621533,
  "iat": 1669614333,
  "jti": "beaaae43-bce5-41cc-bcae-1f89dc3c1dea"
}
2022-11-28 05:45:33 SUCCESS
ExtractRefreshTokenFromTokenResponse
Extracted refresh token from response
refresh_token
Bs8TML01zEPo48TH8UvJ2P3ZFM3uAv-zfCOnbu02BnQ.0rRNcCQN0rqh70M-u6hTAoRQwuhOC2yl81PQv4OM7NugUZkO2Rmib2UR5sXpc6bukYrIMuwMEeTuFEZFMCJQnw.M18xNjY5NjE0MzMzXzE4
2022-11-28 05:45:33 SUCCESS
EnsureMinimumRefreshTokenLength
Refresh token is of sufficient length
actual
1208
required
128
2022-11-28 05:45:33 SUCCESS
EnsureMinimumRefreshTokenEntropy
Calculated shannon entropy seems sufficient
actual
829.5535668123035
expected
96.0
value
Bs8TML01zEPo48TH8UvJ2P3ZFM3uAv-zfCOnbu02BnQ.0rRNcCQN0rqh70M-u6hTAoRQwuhOC2yl81PQv4OM7NugUZkO2Rmib2UR5sXpc6bukYrIMuwMEeTuFEZFMCJQnw.M18xNjY5NjE0MzMzXzE4
2022-11-28 05:45:33 SUCCESS
CompareIdTokenClaims
Validated id token claims successfully
iss
{
  "first": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "second": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "note": "Values are expected to be equal"
}
sub
{
  "first": "6160017N67",
  "second": "6160017N67",
  "note": "Values are expected to be equal"
}
iat
{
  "first": 1669614332,
  "second": 1669614333,
  "note": "Values are expected to be different"
}
aud
{
  "first": "2c654440-2106-442c-972b-01b364e58331",
  "second": "2c654440-2106-442c-972b-01b364e58331",
  "note": "Values are expected to be equal"
}
auth_time
{
  "first": 1669613807,
  "second": 1669613807,
  "note": "Values are expected to be equal"
}
azp
Id tokens do not contain azp claims
Second client: Userinfo endpoint tests
2022-11-28 05:45:33
CallProtectedResource
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/userinfo
request_method
GET
request_headers
{
  "accept": "application/json",
  "authorization": "bearer aIMBPRDGrUhejRXj-HIG6pqExmmwtUK8YGF2mzebofE.n6qgr5EUVqntLl3Zhz8p_AdBQ5wy_luCJOL0AhUnovFZnH1Rn1WZHPjtWuqdQ2J1OkwfoUUXzZlHmrzKv-pbCg.M18xNjY5NjE0MzMzXzE4",
  "content-length": "0"
}
request_body

                                
2022-11-28 05:45:33 RESPONSE
CallProtectedResource
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK7ffacdf3-26b8-4929-b1fe-83b40bae7c2c",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c28163844afd01daebab",
  "content-length": "324",
  "date": "Mon, 28 Nov 2022 05:45:33 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:vH5vIIdA1nW6GHgJyfk48saix3ztgZwbALborozJYDc\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:54725591; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003dD50FC416B0561A8BE03D26AE35B31E85~-1~YAAQBmrcFzaJCImEAQAAiO/EvAg83GjU84cnPFXKzE3bMvp7zEXMN9274NWkJ6uNcwTYpY0ESh32+oCV+UZpc4uh69+qLz8lcUXYvks/bzghu3EPFcoGvbGAS1gjcqngCBXknp98gFZNU2idG3tvdxUB1ApPWJe4LtO31XPYSTkXBkrZCPOe0WvN7sUHZmETC+2I5Z/+O79wdWiZOqKeZKtNklDznjFv6JtMwvqJwBqN3GAK3oQ47kUloLsXqsKkGDluzY0CR6MIRJ4EICaO5z6AoDoD5mND5TRY2I9zrnsqywNBqL7K3ou/bRLRyL+0iwcgkpGnke0NbZUdbRvKYeaKywMf6/tu6lU533sVcXVwO8EKJO4bvh0r2YJsPpPI/cYTgQM\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 05:45:33 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003dA7AB06452E9E72596E3FF8F0B055817C~YAAQBmrcFzeJCImEAQAAiO/EvBFf4xeI+ZfbFfwsJQFy0/PeOGaSUGxlvRWrQ+vYkixYj+sCR4tcJjCOaehzfIvqwpgfOwuX/KCMjxZyjKSTnMqlyp8dHUYtOgrsr3t6NVFRJfgPE0xC2mXo0pLJpZuKd+IReZ6G3owRi1OknVwW1ab6e52MdXDwfqhTsV5BlFGgtO5+pkBOlRG/BS4gNblAlaVxwhkmuzWIT/L43nGxy0rFg6JNlbI1/Ik4aj8GcZDWNYSzi2+nAe2q3JA7vltIYs1FPEiMHyxFnp1IQgS8RHZf8QdxXdFnO6bR~3359539~4601138; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 09:45:33 GMT; Max-Age\u003d14400; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d86",
    "origin; dur\u003d94"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"acr":"urn:ibm:security:policy:id:1","amr":["password"],"aud":["2c654440-2106-442c-972b-01b364e58331"],"auth_time":1669613807,"iss":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2","name":"ISV Dev","preferred_username":"isvdev@ibm.com","rat":1669614327,"realmName":"cloudIdentityRealm","sub":"6160017N67"}
2022-11-28 05:45:33 SUCCESS
CallProtectedResource
Got a response from the resource endpoint
status
200
endpoint_name
resource
headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK7ffacdf3-26b8-4929-b1fe-83b40bae7c2c",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c28163844afd01daebab",
  "content-length": "324",
  "date": "Mon, 28 Nov 2022 05:45:33 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:vH5vIIdA1nW6GHgJyfk48saix3ztgZwbALborozJYDc\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:54725591; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003dD50FC416B0561A8BE03D26AE35B31E85~-1~YAAQBmrcFzaJCImEAQAAiO/EvAg83GjU84cnPFXKzE3bMvp7zEXMN9274NWkJ6uNcwTYpY0ESh32+oCV+UZpc4uh69+qLz8lcUXYvks/bzghu3EPFcoGvbGAS1gjcqngCBXknp98gFZNU2idG3tvdxUB1ApPWJe4LtO31XPYSTkXBkrZCPOe0WvN7sUHZmETC+2I5Z/+O79wdWiZOqKeZKtNklDznjFv6JtMwvqJwBqN3GAK3oQ47kUloLsXqsKkGDluzY0CR6MIRJ4EICaO5z6AoDoD5mND5TRY2I9zrnsqywNBqL7K3ou/bRLRyL+0iwcgkpGnke0NbZUdbRvKYeaKywMf6/tu6lU533sVcXVwO8EKJO4bvh0r2YJsPpPI/cYTgQM\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 05:45:33 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003dA7AB06452E9E72596E3FF8F0B055817C~YAAQBmrcFzeJCImEAQAAiO/EvBFf4xeI+ZfbFfwsJQFy0/PeOGaSUGxlvRWrQ+vYkixYj+sCR4tcJjCOaehzfIvqwpgfOwuX/KCMjxZyjKSTnMqlyp8dHUYtOgrsr3t6NVFRJfgPE0xC2mXo0pLJpZuKd+IReZ6G3owRi1OknVwW1ab6e52MdXDwfqhTsV5BlFGgtO5+pkBOlRG/BS4gNblAlaVxwhkmuzWIT/L43nGxy0rFg6JNlbI1/Ik4aj8GcZDWNYSzi2+nAe2q3JA7vltIYs1FPEiMHyxFnp1IQgS8RHZf8QdxXdFnO6bR~3359539~4601138; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 09:45:33 GMT; Max-Age\u003d14400; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d86",
    "origin; dur\u003d94"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
body
{"acr":"urn:ibm:security:policy:id:1","amr":["password"],"aud":["2c654440-2106-442c-972b-01b364e58331"],"auth_time":1669613807,"iss":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2","name":"ISV Dev","preferred_username":"isvdev@ibm.com","rat":1669614327,"realmName":"cloudIdentityRealm","sub":"6160017N67"}
2022-11-28 05:45:33 SUCCESS
EnsureHttpStatusCodeIs200
resource endpoint returned the expected http status
expected_status
200
http_status
200
Attempting to use refresh_token issued to client 2 with client 1
2022-11-28 05:45:33 SUCCESS
CreateRefreshTokenRequest
Created token endpoint request parameters
grant_type
refresh_token
refresh_token
Bs8TML01zEPo48TH8UvJ2P3ZFM3uAv-zfCOnbu02BnQ.0rRNcCQN0rqh70M-u6hTAoRQwuhOC2yl81PQv4OM7NugUZkO2Rmib2UR5sXpc6bukYrIMuwMEeTuFEZFMCJQnw.M18xNjY5NjE0MzMzXzE4
2022-11-28 05:45:33 SUCCESS
AddScopeToTokenEndpointRequest
Added scope of 'openid' to token endpoint request
grant_type
refresh_token
refresh_token
Bs8TML01zEPo48TH8UvJ2P3ZFM3uAv-zfCOnbu02BnQ.0rRNcCQN0rqh70M-u6hTAoRQwuhOC2yl81PQv4OM7NugUZkO2Rmib2UR5sXpc6bukYrIMuwMEeTuFEZFMCJQnw.M18xNjY5NjE0MzMzXzE4
scope
openid
2022-11-28 05:45:33 SUCCESS
CreateClientAuthenticationAssertionClaims
Created client assertion claims
iss
18ee4145-ac69-4b92-88d0-5f4cb2e9a9b1
sub
18ee4145-ac69-4b92-88d0-5f4cb2e9a9b1
aud
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/token
jti
ZbEzHdXa3AiMgnLbSb3n
iat
1669614333
exp
1669614393
2022-11-28 05:45:33 SUCCESS
SignClientAuthenticationAssertion
Signed the client assertion
client_assertion
eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiIxOGVlNDE0NS1hYzY5LTRiOTItODhkMC01ZjRjYjJlOWE5YjEiLCJhdWQiOiJodHRwczpcL1wvb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tXC9vYXV0aDJcL3Rva2VuIiwiaXNzIjoiMThlZTQxNDUtYWM2OS00YjkyLTg4ZDAtNWY0Y2IyZTlhOWIxIiwiZXhwIjoxNjY5NjE0MzkzLCJpYXQiOjE2Njk2MTQzMzMsImp0aSI6IlpiRXpIZFhhM0FpTWduTGJTYjNuIn0.UlzuL217JhP37t-U2kNb6yOM16cNMpp3gI3Dq60F1jjhLGSO1y4D4WW97cALLc5TLhxLYNiiCeZiBa5EN3Q3bAWQ52UzzS6s5Y-BR-gsrqhD7IHuI-pTBFrVHVBdu4dOOvKyalNA29L1KEshNVSRhaiH86k0ktRb3exbZoKbyqnJJljDWbN9ueqGbmjkC3z1zJgn5o1KT7VyGzXNc-rd0YCk-hvln73zanoIy-lssfbuezezyse-Tl8UwoqvaSa9oeZZWWmkVChErwRhWGh1WFFS0nZ-T8OXWi_G66o9MTxnzSyThHHqvC90I_ESI6p0VjZ-p0Op3rax4DxCZugSVA
2022-11-28 05:45:33
AddClientAssertionToTokenEndpointRequest
Added client assertion
grant_type
refresh_token
refresh_token
Bs8TML01zEPo48TH8UvJ2P3ZFM3uAv-zfCOnbu02BnQ.0rRNcCQN0rqh70M-u6hTAoRQwuhOC2yl81PQv4OM7NugUZkO2Rmib2UR5sXpc6bukYrIMuwMEeTuFEZFMCJQnw.M18xNjY5NjE0MzMzXzE4
scope
openid
client_assertion
eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiIxOGVlNDE0NS1hYzY5LTRiOTItODhkMC01ZjRjYjJlOWE5YjEiLCJhdWQiOiJodHRwczpcL1wvb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tXC9vYXV0aDJcL3Rva2VuIiwiaXNzIjoiMThlZTQxNDUtYWM2OS00YjkyLTg4ZDAtNWY0Y2IyZTlhOWIxIiwiZXhwIjoxNjY5NjE0MzkzLCJpYXQiOjE2Njk2MTQzMzMsImp0aSI6IlpiRXpIZFhhM0FpTWduTGJTYjNuIn0.UlzuL217JhP37t-U2kNb6yOM16cNMpp3gI3Dq60F1jjhLGSO1y4D4WW97cALLc5TLhxLYNiiCeZiBa5EN3Q3bAWQ52UzzS6s5Y-BR-gsrqhD7IHuI-pTBFrVHVBdu4dOOvKyalNA29L1KEshNVSRhaiH86k0ktRb3exbZoKbyqnJJljDWbN9ueqGbmjkC3z1zJgn5o1KT7VyGzXNc-rd0YCk-hvln73zanoIy-lssfbuezezyse-Tl8UwoqvaSa9oeZZWWmkVChErwRhWGh1WFFS0nZ-T8OXWi_G66o9MTxnzSyThHHqvC90I_ESI6p0VjZ-p0Op3rax4DxCZugSVA
client_assertion_type
urn:ietf:params:oauth:client-assertion-type:jwt-bearer
2022-11-28 05:45:33
CallTokenEndpointAndReturnFullResponse
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/token
request_method
POST
request_headers
{
  "accept": "application/json",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "987"
}
request_body
grant_type=refresh_token&refresh_token=Bs8TML01zEPo48TH8UvJ2P3ZFM3uAv-zfCOnbu02BnQ.0rRNcCQN0rqh70M-u6hTAoRQwuhOC2yl81PQv4OM7NugUZkO2Rmib2UR5sXpc6bukYrIMuwMEeTuFEZFMCJQnw.M18xNjY5NjE0MzMzXzE4&scope=openid&client_assertion=eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiIxOGVlNDE0NS1hYzY5LTRiOTItODhkMC01ZjRjYjJlOWE5YjEiLCJhdWQiOiJodHRwczpcL1wvb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tXC9vYXV0aDJcL3Rva2VuIiwiaXNzIjoiMThlZTQxNDUtYWM2OS00YjkyLTg4ZDAtNWY0Y2IyZTlhOWIxIiwiZXhwIjoxNjY5NjE0MzkzLCJpYXQiOjE2Njk2MTQzMzMsImp0aSI6IlpiRXpIZFhhM0FpTWduTGJTYjNuIn0.UlzuL217JhP37t-U2kNb6yOM16cNMpp3gI3Dq60F1jjhLGSO1y4D4WW97cALLc5TLhxLYNiiCeZiBa5EN3Q3bAWQ52UzzS6s5Y-BR-gsrqhD7IHuI-pTBFrVHVBdu4dOOvKyalNA29L1KEshNVSRhaiH86k0ktRb3exbZoKbyqnJJljDWbN9ueqGbmjkC3z1zJgn5o1KT7VyGzXNc-rd0YCk-hvln73zanoIy-lssfbuezezyse-Tl8UwoqvaSa9oeZZWWmkVChErwRhWGh1WFFS0nZ-T8OXWi_G66o9MTxnzSyThHHqvC90I_ESI6p0VjZ-p0Op3rax4DxCZugSVA&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer
2022-11-28 05:45:34 RESPONSE
CallTokenEndpointAndReturnFullResponse
HTTP response
response_status_code
400 BAD_REQUEST
response_status_text
Bad Request
response_headers
{
  "x-backside-transport": "FAIL FAIL",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AKb2efbb22-ccc9-4b27-b28c-4dcc97100d4d",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c28163844afe37500711",
  "content-length": "157",
  "date": "Mon, 28 Nov 2022 05:45:34 GMT",
  "connection": "close",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:jIyqKPOYhZTBfQUDP76MoXh/f12pprT+d8D6PrgNi90\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:57871319; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d885F5D3AE1A58AC64054DFC1EAADB8E4~-1~YAAQBmrcFzqJCImEAQAA1fDEvAh4+VzW7yTlmn/IkdN7/GrRq8UHbiR8tpPJo3PCijDzjRRyekGMST96sX3lo/fsevYMe3/6QB0Ztm1kZ79SlcHw7yKeWIFa0U3yq2tkRN4cUexycSO/PJyT0ugBBAxjraztCbahLzvdMqPJZ9gzShmRUFgJmtLmyQLmsWBouRe0qxl/Z9hQwsF/OPJAQvrxcYtDb1XlACxsVM5h1HbocLctWwkB8n6nLdzkZVrARWISuhWEn0GxITADv530V0TYV4mhZ4iZxmoVCHDMBGDFTzxvcEmkEeSM3FM85BdQ6m+BGq1xyCASwaZTDnadmzODw7s2c3EzvlNEH+lDm5YX4vUPpiS94w/kN6jAV3n88N9v0hs\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 05:45:34 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003dD93130AB22C51315D5E57C0FAB2B25A5~YAAQBmrcFzuJCImEAQAA1fDEvBEEYvE1bydmIUVAQHVgKAgxC+GvGGWi6SnRxIlQ85VxTnxJGT8Gl0mp1+xJ4UFJPRCHyhxUr5MbWRmD2q4kuaTcNJyQEElmuXGoQagqY8uGDIaI4WKw1Ie8ny92Mwbzz2DUs0fdrDV8xUOxYGPFL4qND+4EPzkOchOnGRuwU9PPQp7YbkTQd9/21Vqwe8jJh9s9W+mTm3VxuX7khyAgpCpa+8GGzGukmc1HUuZxjELXL+nB88hjbHK51gEwZQlrzvhAVm9ayMjM3HBEp6e6mQvshewYUuvn8KMk~3359539~4601138; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 09:45:33 GMT; Max-Age\u003d14399; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d82",
    "origin; dur\u003d143"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"error":"invalid_grant","error_description":"CSIAQ5087E The OAuth 2.0 Client ID from this request does not match the ID during the initial token issuance."}
2022-11-28 05:45:34 SUCCESS
CallTokenEndpointAndReturnFullResponse
Parsed token endpoint response
error
invalid_grant
error_description
CSIAQ5087E The OAuth 2.0 Client ID from this request does not match the ID during the initial token issuance.
2022-11-28 05:45:34 SUCCESS
ValidateErrorFromTokenEndpointResponseError
Token endpoint response error returned valid 'error' field
error
invalid_grant
2022-11-28 05:45:34 SUCCESS
CheckTokenEndpointHttpStatus400
Token endpoint http status code was 400
2022-11-28 05:45:34 SUCCESS
CheckTokenEndpointReturnedJsonContentType
token_endpoint_response_headers Content-Type: header is application/json
2022-11-28 05:45:34 SUCCESS
CheckErrorFromTokenEndpointResponseErrorInvalidGrant
Token Endpoint response error returned expected 'error' of 'invalid_grant'
expected
[
  "invalid_grant"
]
2022-11-28 05:45:34 FINISHED
oidcc-refresh-token
Test has run to completion
testmodule_result
PASSED
Unregister dynamically registered client
2022-11-28 05:45:34
UnregisterDynamicallyRegisteredClient
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register/18ee4145-ac69-4b92-88d0-5f4cb2e9a9b1
request_method
DELETE
request_headers
{
  "accept": "application/json",
  "authorization": "Bearer 1D6-1T6NMTtsJFvQrZrNTn2NS0D0gCf647EZbDa2kos.u9SI10-j8DNndgMoE4xIq5YK44NbqF9AgV6jSfj9gaGhrY6szgsA6dV2kkk3n72ETl_lzF-_txWSBW07-kqmWQ.M18xNjY5NjE0Mjk0XzE4",
  "content-length": "0"
}
request_body

                                
2022-11-28 05:45:35 RESPONSE
UnregisterDynamicallyRegisteredClient
HTTP response
response_status_code
204 NO_CONTENT
response_status_text
No Content
response_headers
{
  "x-backside-transport": "OK OK",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK9ac8f4b6-de5b-4dcb-b06d-63c2640ca774",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c28163844afe21aecae5",
  "date": "Mon, 28 Nov 2022 05:45:35 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:x0D2fG/Kjn1ZqLHcq6OqIvD+l+uLGxam302+x3pAPAE\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:61017047; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d30C38EDF65D6CA4DA2202790EE1917E8~-1~YAAQBmrcF3uJCImEAQAAGPfEvAh3TsbzNaaUdbG9sGDHKEQ6YBTtBKo46o5doie6LMGQwljwrpbrX1VvAjtghs7tMCs3sMK72M7ezCRkzqTiG9E2Hkwu8IC1LX5GQYLgVggmlUkzLWbGILEPKvkYmiQq5Y+MDS1xXC1ZJ2omrBFK9i0Wd6o46xnbCf/i0TBnD8mwpbjNDaPpgTVKGikdMR00SsGuWlnqTXX7crVsG0KqKL5QuLJR2s9yt9qt99cuhbPp6OjQZqBjoiLOCTuPKv3bFdmnaPPw6GEaqBoi/+9NNxbZ2fgM5NzpMnBVBsmo8vKy4bhUaLLFCQGHhlQLUiuC9UkbVve5ssjUlyZPYi+Hu/JELLHB5JrGVb0m/SqRXK3ABvg\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 05:45:35 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d3EDFCDB35D8CB197DCC8E155D6C3CA1F~YAAQBmrcF3yJCImEAQAAGPfEvBFyMHcGJACqUdp4MLvYHwswQ87eCfBW8xNgn5K/iCsXiug5Oxy0ttJ4F5dI996X5qEUhPmHQuTeHxs9Z15c40tUb6ppVENyybpdwwzly316Zjxvj+s7mQKOCNSZp/mhNsR2puUH7V39nf5RLp4rDVNGKTmER5vGy95e8vVZodYgnZLJiLb1o2XlDhLXS72a4Jl4Dg33xnuro5x33oEOZ332yq2KLa2OD9coErbLCMPzMzrZ9cpx8VXSmq+i8Kz0fkvaRQzy4OWDMVFsCZWMRRUNToKU7Fp1DLXI~4272177~3683384; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 09:45:34 GMT; Max-Age\u003d14399; Secure"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body

                                
2022-11-28 05:45:35 SUCCESS
UnregisterDynamicallyRegisteredClient
Client successfully unregistered
Second client: Unregister dynamically registered client
2022-11-28 05:45:35
UnregisterDynamicallyRegisteredClient
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register/2c654440-2106-442c-972b-01b364e58331
request_method
DELETE
request_headers
{
  "accept": "application/json",
  "authorization": "Bearer jT2dbP3JvaW8cBR4Njx1P0Yg119GvlUUTsP9FojcVBY.nyn-QtpdPXOJTmsUi7CevMLmpLs5IdEV0nsfcw5PTBTxgD5VcyTCCpDT2VBa8lNG_poK1c5hZXPeVZDrlUgGEw.M18xNjY5NjE0Mjk2XzE4",
  "content-length": "0"
}
request_body

                                
2022-11-28 05:45:37 RESPONSE
UnregisterDynamicallyRegisteredClient
HTTP response
response_status_code
204 NO_CONTENT
response_status_text
No Content
response_headers
{
  "x-backside-transport": "OK OK",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AKf6ab5505-534d-44ea-a1f3-55a6058a277a",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c28163844aff37500d31",
  "date": "Mon, 28 Nov 2022 05:45:37 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:DCnuY3/02XdC7RL/75MLxjpwBy44c++gI7t7/DsCGCw\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:57871319; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d9A7FC561C4053A756123DB69F34AF552~-1~YAAQBmrcF5+JCImEAQAAsv7EvAiO46L/HsNxOIkCuqYamXOmXa/PLeVAMqdm36tm6CsQfSvDu9fb4JiyI4AxFTujZ95K4kZ0nj9Tb6Db86bY+uOIoa6cpaJ6hjcJU72msuFTuY9vjXHyooXc4s6bEwGmG3O4r9ej4riqgo8tiLqDTIDh8HustVB8g1+9GmPc2O++azyY9vvdqv5JcH6sKHYgWL+x6fzHU4pEi76rlQaSkplHauJDGQCsONv6dFxw3RjQWUpK18bO8cNP+BpEvJ4EmgWOp9SWY/4HlLGjKWL9mTu5ts0EOJQ2vLeNHD8jikeAJx4gg5Slm0rYszeu9bVN6dXM19GRlnsnDkiU0fe1ogIjNFgKnX8z1RaPB2/1JioZt2Q\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 05:45:37 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d15F2719EBEE765E5847A0D15C8F9F5D4~YAAQBmrcF6CJCImEAQAAsv7EvBHt59V6MpR7zI1+jiFXHHXA9awa8UAJaCrHCAfn9XErXxMm3vz1mUynb5uORAe1EfT15loV2wjNi3ACUHMAtAb4f141AwaY8nWqlT/V02x5gnRculXKMP/pJZvPOsAhYHkdulXGx1H7dy6YGLJB7bHr7OJ94pXTshxt9qLyZruxp+ukVv+2dI6oggKgnLwisFzGXKnhjHPEathenWZnOIeamctvtLhsfF9TPOj60KQnuPF+ERJjTNCETFpuN9KaXLrRLcACrY9zjeY/lTWL+h8kdSJZOkmswQ4W~4470069~3158579; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 09:45:35 GMT; Max-Age\u003d14398; Secure"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body

                                
2022-11-28 05:45:37 SUCCESS
UnregisterDynamicallyRegisteredClient
Client successfully unregistered
2022-11-28 05:50:30
TEST-RUNNER
Alias has now been claimed by another test
alias
isv_op_oidc_core_test
new_test_id
R6rN4XEPrljbeX5
Test Results