Test Summary

Test Results

Expand All Collapse All
All times are UTC
2022-11-28 06:04:29 INFO
TEST-RUNNER
Test instance f6CpQWzGZW3ohvI created
baseUrl
https://www.certification.openid.net/test/a/isv_op_oidc_core_test
variant
{
  "client_auth_type": "private_key_jwt",
  "response_type": "code id_token token",
  "server_metadata": "discovery",
  "client_registration": "dynamic_client",
  "response_mode": "default"
}
alias
isv_op_oidc_core_test
description
isv_op_oidc_core_test_dynamic_client
planId
FUm8YwQkUdbJk
config
{
  "server": {
    "discoveryUrl": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/.well-known/openid-configuration",
    "login_hint": "isvdev@ibm.com"
  },
  "client": {
    "client_name": "Ristretto Core Conformance Test Dynamic Client One"
  },
  "client2": {
    "client_name": "Ristretto Core Conformance Test Dynamic Client Two"
  },
  "consent": {},
  "alias": "isv_op_oidc_core_test",
  "description": "isv_op_oidc_core_test_dynamic_client"
}
testName
oidcc-refresh-token
2022-11-28 06:04:29 SUCCESS
CreateRedirectUri
Created redirect URI
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
2022-11-28 06:04:29
GetDynamicServerConfiguration
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/.well-known/openid-configuration
request_method
GET
request_headers
{
  "accept": "text/plain, application/json, application/*+json, */*",
  "content-length": "0"
}
request_body

                                
2022-11-28 06:04:29 RESPONSE
GetDynamicServerConfiguration
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AKfe291744-e6dd-41b2-853e-a6e0d838fc88",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c28163844f6d3760a151",
  "vary": "Accept-Encoding",
  "date": "Mon, 28 Nov 2022 06:04:29 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:fzVSFsE3YQnE/1RidsEh+1PmU+/p2IL+aS9wdKdaqRs\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:57871319; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d0007736252D3DF5A96D65553E7077215~-1~YAAQEmrcF2zzUoCEAQAA5ELWvAg/9xL6nlsXA9nItF0qJ4nSGJAvZSOvPjBh7SkRcOjWheAxc0whPkhIbtakelQos2jqX1RNgDx83mRCOOLItrpVJm3O/C1sXTml2JiX8MP/mGxdW1k/O/DBXqHs1QxulpBxb/5zrG/q/XcYeDpsIZGZu+L8oj7EI/FYdRiwOuaXbKi8F+QVhdh2pbOe/4HSKIUv+8UB8tRFhdztu46WWGU1RhYx+vGHo8usm1QD3axOCW44R29wYKVmrfQ5QGL6SSwWkLOtwFnQ/KtHLENrKyUqEV0N9hM5Dbs27/JQugn5bG/fLXajgDTJJ6FiZjEfV0v7BPY96Hi2dqNbrOXU4xhuVybgBrcXtnVMwdEVx8eevzI\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 06:04:29 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d89B30003C75C0051897F4FF6AFF06A1C~YAAQEmrcF23zUoCEAQAA5ELWvBGFlKWOeLmsGk+oYiQkULRHTQ2O1+k6caM4HnhpMFZAAfzqa4aq/x6MSuR8CfZQcps2WQLZ8kCsF54JNKLkYIkNe8UJZ9/n3GqTWfw9dUj3qQWsvgI6b96cUtIu65aMPB2U+blb6BkIm7lv6PQw3/Qjdmzo5GXkYZ3tvCXJgZudV/E9krOgR5kgxZcSlJc3hKFypqfL1xDUpbRyR/ZJZQqoqOT2N/Bn5P8AaPwWPPCQxCpvbmpXrNpMp3VuVUCNrCXO0w0BGsFsz3wy0XNDbU+uTb8Qr9g7/61O~4342834~3553602; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 10:04:29 GMT; Max-Age\u003d14400; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d80",
    "origin; dur\u003d101"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"issuer":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2","authorization_endpoint":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/authorize","token_endpoint":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/token","introspection_endpoint":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/introspect","userinfo_endpoint":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/userinfo","revocation_endpoint":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/revoke","pushed_authorization_request_endpoint":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/par","registration_endpoint":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register","jwks_uri":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/jwks","response_types_supported":["none","code","token","id_token","code token","code id_token","token id_token","code token id_token"],"response_modes_supported":["query","fragment","form_post","jwt","query.jwt","fragment.jwt","form_post.jwt"],"grant_types_supported":["authorization_code","implicit","password","refresh_token","client_credentials"],"token_endpoint_auth_methods_supported":["client_secret_basic","client_secret_post","private_key_jwt","tls_client_auth"],"authorization_signing_alg_values_supported":["RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512"],"authorization_encryption_alg_values_supported":["none","RSA-OAEP","RSA-OAEP-256"],"authorization_encryption_enc_values_supported":["none","A128GCM","A192GCM","A256GCM"],"id_token_signing_alg_values_supported":["RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512"],"id_token_encryption_alg_values_supported":["none","RSA-OAEP","RSA-OAEP-256"],"id_token_encryption_enc_values_supported":["none","A128GCM","A192GCM","A256GCM"],"userinfo_signing_alg_values_supported":["RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512"],"userinfo_encryption_alg_values_supported":["none","RSA-OAEP","RSA-OAEP-256"],"userinfo_encryption_enc_values_supported":["none","A128GCM","A192GCM","A256GCM"],"token_endpoint_auth_signing_alg_values_supported":["RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512"],"request_object_signing_alg_values_supported":["RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512"],"request_object_encryption_alg_values_supported":["none","RSA-OAEP","RSA-OAEP-256"],"request_object_encryption_enc_values_supported":["none","A128GCM","A192GCM","A256GCM"],"subject_types_supported":["public"],"scopes_supported":["openid","profile","email","phone","address"],"claims_supported":["job_title","realmName","groupIds","family_name","uid","email","name","employee_id","mobile_number","department","upn","preferred_username","given_name","tenantId","iss","acr"],"claim_types_supported":["normal"],"claims_parameter_supported":true,"request_parameter_supported":true,"request_uri_parameter_supported":true,"require_request_uri_registration":true,"tls_client_certificate_bound_access_tokens":true,"mtls_endpoint_aliases":{"introspection_endpoint":"https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/introspect","pushed_authorization_request_endpoint":"https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/par","revocation_endpoint":"https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/revoke","token_endpoint":"https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/token"},"dpop_signing_alg_values_supported":["RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512"]}
2022-11-28 06:04:29 SUCCESS
GetDynamicServerConfiguration
Successfully parsed server configuration
issuer
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2
authorization_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/authorize
token_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/token
introspection_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/introspect
userinfo_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/userinfo
revocation_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/revoke
pushed_authorization_request_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/par
registration_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register
jwks_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/jwks
response_types_supported
[
  "none",
  "code",
  "token",
  "id_token",
  "code token",
  "code id_token",
  "token id_token",
  "code token id_token"
]
response_modes_supported
[
  "query",
  "fragment",
  "form_post",
  "jwt",
  "query.jwt",
  "fragment.jwt",
  "form_post.jwt"
]
grant_types_supported
[
  "authorization_code",
  "implicit",
  "password",
  "refresh_token",
  "client_credentials"
]
token_endpoint_auth_methods_supported
[
  "client_secret_basic",
  "client_secret_post",
  "private_key_jwt",
  "tls_client_auth"
]
authorization_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "PS256",
  "PS384",
  "PS512",
  "ES256",
  "ES384",
  "ES512"
]
authorization_encryption_alg_values_supported
[
  "none",
  "RSA-OAEP",
  "RSA-OAEP-256"
]
authorization_encryption_enc_values_supported
[
  "none",
  "A128GCM",
  "A192GCM",
  "A256GCM"
]
id_token_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "PS256",
  "PS384",
  "PS512",
  "ES256",
  "ES384",
  "ES512"
]
id_token_encryption_alg_values_supported
[
  "none",
  "RSA-OAEP",
  "RSA-OAEP-256"
]
id_token_encryption_enc_values_supported
[
  "none",
  "A128GCM",
  "A192GCM",
  "A256GCM"
]
userinfo_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "PS256",
  "PS384",
  "PS512",
  "ES256",
  "ES384",
  "ES512"
]
userinfo_encryption_alg_values_supported
[
  "none",
  "RSA-OAEP",
  "RSA-OAEP-256"
]
userinfo_encryption_enc_values_supported
[
  "none",
  "A128GCM",
  "A192GCM",
  "A256GCM"
]
token_endpoint_auth_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "PS256",
  "PS384",
  "PS512",
  "ES256",
  "ES384",
  "ES512"
]
request_object_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "PS256",
  "PS384",
  "PS512",
  "ES256",
  "ES384",
  "ES512"
]
request_object_encryption_alg_values_supported
[
  "none",
  "RSA-OAEP",
  "RSA-OAEP-256"
]
request_object_encryption_enc_values_supported
[
  "none",
  "A128GCM",
  "A192GCM",
  "A256GCM"
]
subject_types_supported
[
  "public"
]
scopes_supported
[
  "openid",
  "profile",
  "email",
  "phone",
  "address"
]
claims_supported
[
  "job_title",
  "realmName",
  "groupIds",
  "family_name",
  "uid",
  "email",
  "name",
  "employee_id",
  "mobile_number",
  "department",
  "upn",
  "preferred_username",
  "given_name",
  "tenantId",
  "iss",
  "acr"
]
claim_types_supported
[
  "normal"
]
claims_parameter_supported
true
request_parameter_supported
true
request_uri_parameter_supported
true
require_request_uri_registration
true
tls_client_certificate_bound_access_tokens
true
mtls_endpoint_aliases
{
  "introspection_endpoint": "https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/introspect",
  "pushed_authorization_request_endpoint": "https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/par",
  "revocation_endpoint": "https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/revoke",
  "token_endpoint": "https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/token"
}
dpop_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "PS256",
  "PS384",
  "PS512",
  "ES256",
  "ES384",
  "ES512"
]
2022-11-28 06:04:29 SUCCESS
CheckServerConfiguration
Found required server configuration keys
required
[
  "authorization_endpoint",
  "token_endpoint",
  "issuer"
]
2022-11-28 06:04:29 SUCCESS
ExtractTLSTestValuesFromServerConfiguration
Extracted TLS information from authorization server configuration
registration_endpoint
{
  "testHost": "oidc-conformance.rel.verify.ibmcloudsecurity.com",
  "testPort": 443
}
authorization_endpoint
{
  "testHost": "oidc-conformance.rel.verify.ibmcloudsecurity.com",
  "testPort": 443
}
token_endpoint
{
  "testHost": "oidc-conformance.rel.verify.ibmcloudsecurity.com",
  "testPort": 443
}
userinfo_endpoint
{
  "testHost": "oidc-conformance.rel.verify.ibmcloudsecurity.com",
  "testPort": 443
}
2022-11-28 06:04:29
FetchServerKeys
Fetching server key
jwks_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/jwks
2022-11-28 06:04:29
FetchServerKeys
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/jwks
request_method
GET
request_headers
{
  "accept": "text/plain, application/json, application/*+json, */*",
  "content-length": "0"
}
request_body

                                
2022-11-28 06:04:29 RESPONSE
FetchServerKeys
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AKd27b369d-989d-4b27-9994-1a853e7d4ee2",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c28163844f6d21baa2e5",
  "vary": "Accept-Encoding",
  "date": "Mon, 28 Nov 2022 06:04:29 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:GKJCKInSEKbjBVepgH5p6zyM4EMxaKLr6g3DvOpRRVA\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:57871319; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d78AAAB02C68A9A64F4D8D7FD594FDA88~-1~YAAQEmrcF3LzUoCEAQAARUTWvAgnDda3Uy6J1C+w1GZtbwySiEC/bF0swB/yPSn3FL0TwQdCYhYKNUqPLqU5VG3c6GZRCZP+xi87g7GvvB4DRoYaABA1N1mmrjdx/cjKgHSfg7IOeJ6UijNw6Yo5ppdmmsaPG1o/RgB9qJAJSe/35ckvgCQx0OoSJkggENU9WPKqb9L2CQkye51yvdgAn4S61laWYVn2Gtf0k1Mo3SAanY0sPTz8BeECwCaQVUo3KXrTLO3e7ZzKOQNL+5nN9wpoqZQVHdQgkGUdnTLhc5SNXxWjMMBxVHfQhBsQcScjTjb1NOEDn5JjGaVCDnhpzAJEbFeFX5eqAXHC3rjg7bx3OrwpRuBNSVDUxjd869zx9UfcAIE\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 06:04:29 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d7B75313F97CA5ECBC0F20A1843A63E16~YAAQEmrcF3PzUoCEAQAARUTWvBEs4OcPi0yDJiVOiJi+SU5zPrZnPsU2lG/Qk1GGDZs01JEdJ7T916EmD/3LKfXxNceSlYx3zfXjb6+IQEPpS2YF+bsvwK1QliYR5fNbdsLLRG94wwVztJ/Ef68I1VmF6zPKT56TAVPW83NDW4MiCoe7ECwsThiFZHT6sML4E8B6D9Xy6Oi32yAJzngTq5RfYhzL+O02CUYIwasPY7b6wGLy5sV4jZjqmNtc6v5a8UpWfPOudtS5wt8nps2nGXZcqpqJSUurGCLZpEzgX9oPmga2yCy7N/u+50n6~4342834~3553602; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 10:04:29 GMT; Max-Age\u003d14400; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d125",
    "origin; dur\u003d99"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"keys":[{"kid":"server","kty":"RSA","use":"sig","x5c":["MIIDYDCCAkigAwIBAgIEIFW8uDANBgkqhkiG9w0BAQsFADByMQkwBwYDVQQGEwAxCTAHBgNVBAgTADEJMAcGA1UEBxMAMQkwBwYDVQQKEwAxCTAHBgNVBAsTADE5MDcGA1UEAxMwb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tMB4XDTIyMTExNDA0NDI0MFoXDTMyMTExMTA0NDI0MFowcjEJMAcGA1UEBhMAMQkwBwYDVQQIEwAxCTAHBgNVBAcTADEJMAcGA1UEChMAMQkwBwYDVQQLEwAxOTA3BgNVBAMTMG9pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALBtmxl55OH/ceueSG0bRucWkdCLybhWwz+x9J6IOb8Q89d4lcd7xhdkN+9nYEjqQMDrUEFDj2ajikKlxrJk7tZSkbu5skFuxHUETDhjHBqnNQb1jwhAdYzBPFTyQ9Ii7lm0uYTthnBJKvpvjKPoz7H9Vuu15RNDujq7RF6sDGSIJUTaxbx7EM2Xv37iqfSAjaMCvfLelacNHUfCAoyGeJYXCIOnlg2/KdfoN4QHKw9Dwq12Br2vau/TcvbD8Na4b+Mm/NEf00wFjt+MtbMCDyUFMQbsAuAk2eFS3eABb1VOQ9ZZOOcsXwB4nRewWIVVhJyMEixDXxm73G9oJBUpI6sCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAhvvrczfcb1xsYJeEiVtctWlLfHXyKkfyJpIU1nTGdKpd18tPv4OeLMyuJsOFenhJD95UauFwz3AT1zdHShp04JHWTtkb7aezFN4C9fpb97BUR0BheoYzkC6pgZ7M4QkkKE/AKYZfWLahqcbZ6ICmUfXyDJ2mWpXLpLm+l6jh32NF74ho8h4b65cMpDk5mFEp9vf1WgnmaWGtFjVuhAgaS8IrYcDy3DzVrZX/0kCPa0EXng7Xx1IkhUaKz0ajx3ZCmC6HmNa6U+oDKboGq7w1ZfscjOr8nB9M0f5BUAQN1m0nGAR1Ac96BMjfwwS/05lpPLF3Dv5CzOGLuIi0Cws7xA=="],"x5t#S256":"PVCDmVgwC-YE7Q8Bfe_9jJ8izpYjwStjUEYZEe-58Y4","n":"sG2bGXnk4f9x655IbRtG5xaR0IvJuFbDP7H0nog5vxDz13iVx3vGF2Q372dgSOpAwOtQQUOPZqOKQqXGsmTu1lKRu7myQW7EdQRMOGMcGqc1BvWPCEB1jME8VPJD0iLuWbS5hO2GcEkq-m-Mo-jPsf1W67XlE0O6OrtEXqwMZIglRNrFvHsQzZe_fuKp9ICNowK98t6Vpw0dR8ICjIZ4lhcIg6eWDb8p1-g3hAcrD0PCrXYGva9q79Ny9sPw1rhv4yb80R_TTAWO34y1swIPJQUxBuwC4CTZ4VLd4AFvVU5D1lk45yxfAHidF7BYhVWEnIwSLENfGbvcb2gkFSkjqw","e":"AQAB"}]}
2022-11-28 06:04:29
FetchServerKeys
Found JWK set string
jwk_string
{"keys":[{"kid":"server","kty":"RSA","use":"sig","x5c":["MIIDYDCCAkigAwIBAgIEIFW8uDANBgkqhkiG9w0BAQsFADByMQkwBwYDVQQGEwAxCTAHBgNVBAgTADEJMAcGA1UEBxMAMQkwBwYDVQQKEwAxCTAHBgNVBAsTADE5MDcGA1UEAxMwb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tMB4XDTIyMTExNDA0NDI0MFoXDTMyMTExMTA0NDI0MFowcjEJMAcGA1UEBhMAMQkwBwYDVQQIEwAxCTAHBgNVBAcTADEJMAcGA1UEChMAMQkwBwYDVQQLEwAxOTA3BgNVBAMTMG9pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALBtmxl55OH/ceueSG0bRucWkdCLybhWwz+x9J6IOb8Q89d4lcd7xhdkN+9nYEjqQMDrUEFDj2ajikKlxrJk7tZSkbu5skFuxHUETDhjHBqnNQb1jwhAdYzBPFTyQ9Ii7lm0uYTthnBJKvpvjKPoz7H9Vuu15RNDujq7RF6sDGSIJUTaxbx7EM2Xv37iqfSAjaMCvfLelacNHUfCAoyGeJYXCIOnlg2/KdfoN4QHKw9Dwq12Br2vau/TcvbD8Na4b+Mm/NEf00wFjt+MtbMCDyUFMQbsAuAk2eFS3eABb1VOQ9ZZOOcsXwB4nRewWIVVhJyMEixDXxm73G9oJBUpI6sCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAhvvrczfcb1xsYJeEiVtctWlLfHXyKkfyJpIU1nTGdKpd18tPv4OeLMyuJsOFenhJD95UauFwz3AT1zdHShp04JHWTtkb7aezFN4C9fpb97BUR0BheoYzkC6pgZ7M4QkkKE/AKYZfWLahqcbZ6ICmUfXyDJ2mWpXLpLm+l6jh32NF74ho8h4b65cMpDk5mFEp9vf1WgnmaWGtFjVuhAgaS8IrYcDy3DzVrZX/0kCPa0EXng7Xx1IkhUaKz0ajx3ZCmC6HmNa6U+oDKboGq7w1ZfscjOr8nB9M0f5BUAQN1m0nGAR1Ac96BMjfwwS/05lpPLF3Dv5CzOGLuIi0Cws7xA=="],"x5t#S256":"PVCDmVgwC-YE7Q8Bfe_9jJ8izpYjwStjUEYZEe-58Y4","n":"sG2bGXnk4f9x655IbRtG5xaR0IvJuFbDP7H0nog5vxDz13iVx3vGF2Q372dgSOpAwOtQQUOPZqOKQqXGsmTu1lKRu7myQW7EdQRMOGMcGqc1BvWPCEB1jME8VPJD0iLuWbS5hO2GcEkq-m-Mo-jPsf1W67XlE0O6OrtEXqwMZIglRNrFvHsQzZe_fuKp9ICNowK98t6Vpw0dR8ICjIZ4lhcIg6eWDb8p1-g3hAcrD0PCrXYGva9q79Ny9sPw1rhv4yb80R_TTAWO34y1swIPJQUxBuwC4CTZ4VLd4AFvVU5D1lk45yxfAHidF7BYhVWEnIwSLENfGbvcb2gkFSkjqw","e":"AQAB"}]}
2022-11-28 06:04:29 SUCCESS
FetchServerKeys
Found server JWK set
server_jwks
{
  "keys": [
    {
      "kid": "server",
      "kty": "RSA",
      "use": "sig",
      "x5c": [
        "MIIDYDCCAkigAwIBAgIEIFW8uDANBgkqhkiG9w0BAQsFADByMQkwBwYDVQQGEwAxCTAHBgNVBAgTADEJMAcGA1UEBxMAMQkwBwYDVQQKEwAxCTAHBgNVBAsTADE5MDcGA1UEAxMwb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tMB4XDTIyMTExNDA0NDI0MFoXDTMyMTExMTA0NDI0MFowcjEJMAcGA1UEBhMAMQkwBwYDVQQIEwAxCTAHBgNVBAcTADEJMAcGA1UEChMAMQkwBwYDVQQLEwAxOTA3BgNVBAMTMG9pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALBtmxl55OH/ceueSG0bRucWkdCLybhWwz+x9J6IOb8Q89d4lcd7xhdkN+9nYEjqQMDrUEFDj2ajikKlxrJk7tZSkbu5skFuxHUETDhjHBqnNQb1jwhAdYzBPFTyQ9Ii7lm0uYTthnBJKvpvjKPoz7H9Vuu15RNDujq7RF6sDGSIJUTaxbx7EM2Xv37iqfSAjaMCvfLelacNHUfCAoyGeJYXCIOnlg2/KdfoN4QHKw9Dwq12Br2vau/TcvbD8Na4b+Mm/NEf00wFjt+MtbMCDyUFMQbsAuAk2eFS3eABb1VOQ9ZZOOcsXwB4nRewWIVVhJyMEixDXxm73G9oJBUpI6sCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAhvvrczfcb1xsYJeEiVtctWlLfHXyKkfyJpIU1nTGdKpd18tPv4OeLMyuJsOFenhJD95UauFwz3AT1zdHShp04JHWTtkb7aezFN4C9fpb97BUR0BheoYzkC6pgZ7M4QkkKE/AKYZfWLahqcbZ6ICmUfXyDJ2mWpXLpLm+l6jh32NF74ho8h4b65cMpDk5mFEp9vf1WgnmaWGtFjVuhAgaS8IrYcDy3DzVrZX/0kCPa0EXng7Xx1IkhUaKz0ajx3ZCmC6HmNa6U+oDKboGq7w1ZfscjOr8nB9M0f5BUAQN1m0nGAR1Ac96BMjfwwS/05lpPLF3Dv5CzOGLuIi0Cws7xA\u003d\u003d"
      ],
      "x5t#S256": "PVCDmVgwC-YE7Q8Bfe_9jJ8izpYjwStjUEYZEe-58Y4",
      "n": "sG2bGXnk4f9x655IbRtG5xaR0IvJuFbDP7H0nog5vxDz13iVx3vGF2Q372dgSOpAwOtQQUOPZqOKQqXGsmTu1lKRu7myQW7EdQRMOGMcGqc1BvWPCEB1jME8VPJD0iLuWbS5hO2GcEkq-m-Mo-jPsf1W67XlE0O6OrtEXqwMZIglRNrFvHsQzZe_fuKp9ICNowK98t6Vpw0dR8ICjIZ4lhcIg6eWDb8p1-g3hAcrD0PCrXYGva9q79Ny9sPw1rhv4yb80R_TTAWO34y1swIPJQUxBuwC4CTZ4VLd4AFvVU5D1lk45yxfAHidF7BYhVWEnIwSLENfGbvcb2gkFSkjqw",
      "e": "AQAB"
    }
  ]
}
2022-11-28 06:04:29 SUCCESS
CheckServerKeysIsValid
Server JWKs is valid
server_jwks
{
  "keys": [
    {
      "kid": "server",
      "kty": "RSA",
      "use": "sig",
      "x5c": [
        "MIIDYDCCAkigAwIBAgIEIFW8uDANBgkqhkiG9w0BAQsFADByMQkwBwYDVQQGEwAxCTAHBgNVBAgTADEJMAcGA1UEBxMAMQkwBwYDVQQKEwAxCTAHBgNVBAsTADE5MDcGA1UEAxMwb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tMB4XDTIyMTExNDA0NDI0MFoXDTMyMTExMTA0NDI0MFowcjEJMAcGA1UEBhMAMQkwBwYDVQQIEwAxCTAHBgNVBAcTADEJMAcGA1UEChMAMQkwBwYDVQQLEwAxOTA3BgNVBAMTMG9pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALBtmxl55OH/ceueSG0bRucWkdCLybhWwz+x9J6IOb8Q89d4lcd7xhdkN+9nYEjqQMDrUEFDj2ajikKlxrJk7tZSkbu5skFuxHUETDhjHBqnNQb1jwhAdYzBPFTyQ9Ii7lm0uYTthnBJKvpvjKPoz7H9Vuu15RNDujq7RF6sDGSIJUTaxbx7EM2Xv37iqfSAjaMCvfLelacNHUfCAoyGeJYXCIOnlg2/KdfoN4QHKw9Dwq12Br2vau/TcvbD8Na4b+Mm/NEf00wFjt+MtbMCDyUFMQbsAuAk2eFS3eABb1VOQ9ZZOOcsXwB4nRewWIVVhJyMEixDXxm73G9oJBUpI6sCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAhvvrczfcb1xsYJeEiVtctWlLfHXyKkfyJpIU1nTGdKpd18tPv4OeLMyuJsOFenhJD95UauFwz3AT1zdHShp04JHWTtkb7aezFN4C9fpb97BUR0BheoYzkC6pgZ7M4QkkKE/AKYZfWLahqcbZ6ICmUfXyDJ2mWpXLpLm+l6jh32NF74ho8h4b65cMpDk5mFEp9vf1WgnmaWGtFjVuhAgaS8IrYcDy3DzVrZX/0kCPa0EXng7Xx1IkhUaKz0ajx3ZCmC6HmNa6U+oDKboGq7w1ZfscjOr8nB9M0f5BUAQN1m0nGAR1Ac96BMjfwwS/05lpPLF3Dv5CzOGLuIi0Cws7xA\u003d\u003d"
      ],
      "x5t#S256": "PVCDmVgwC-YE7Q8Bfe_9jJ8izpYjwStjUEYZEe-58Y4",
      "n": "sG2bGXnk4f9x655IbRtG5xaR0IvJuFbDP7H0nog5vxDz13iVx3vGF2Q372dgSOpAwOtQQUOPZqOKQqXGsmTu1lKRu7myQW7EdQRMOGMcGqc1BvWPCEB1jME8VPJD0iLuWbS5hO2GcEkq-m-Mo-jPsf1W67XlE0O6OrtEXqwMZIglRNrFvHsQzZe_fuKp9ICNowK98t6Vpw0dR8ICjIZ4lhcIg6eWDb8p1-g3hAcrD0PCrXYGva9q79Ny9sPw1rhv4yb80R_TTAWO34y1swIPJQUxBuwC4CTZ4VLd4AFvVU5D1lk45yxfAHidF7BYhVWEnIwSLENfGbvcb2gkFSkjqw",
      "e": "AQAB"
    }
  ]
}
2022-11-28 06:04:29 SUCCESS
ValidateServerJWKs
Valid server JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2022-11-28 06:04:29 SUCCESS
CheckForKeyIdInServerJWKs
All keys contain kids
2022-11-28 06:04:29 SUCCESS
CheckDistinctKeyIdValueInServerJWKs
Distinct 'kid' value in all keys of server_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2022-11-28 06:04:29 SUCCESS
EnsureServerJwksDoesNotContainPrivateOrSymmetricKeys
Jwks does not contain any private or symmetric keys
2022-11-28 06:04:29
StoreOriginalClientConfiguration
Created original_client_config object from the client configuration.
client_name
Ristretto Core Conformance Test Dynamic Client One
2022-11-28 06:04:29
ExtractClientNameFromStoredConfig
Extracted client_name from stored client configuration.
client_name
Ristretto Core Conformance Test Dynamic Client One
2022-11-28 06:04:29 SUCCESS
GenerateRS256ClientJWKs
Generated client JWKs
client_jwks
{
  "keys": [
    {
      "p": "2i3McPghe8ToHutZSX4M9clW5m-Yzf4UGpOT8ueM17bExsS44jBp4qcbnZQxMlBJEQBIiZz6vXP76qJ9r2t1uaPuec3eyGAplVBGS_GmOPw8iXiME_-VWZjKniX8O6bgExkdUP1iOUH-aBvC1Nbyqo9odl2Y0nn6mBWLBc0JbiU",
      "kty": "RSA",
      "q": "0MhFkV_Qpi8Onb_xrOCCX_8uinZwE7h0o_G5BHZjEisaTMHqJ7QVYd6MxKt2xIc0aLOgnmFLuw4X45IYn3MMIvjf4UZPjO9sdIiHZ9S2qwWteo9gYmrqTDhI6qcy2LbjSI6tB2bfhg_JZxV8fCgqHY3gjIpgm5w0ih4ZQBdtuEE",
      "d": "DwqccPWUqvSfgwxXUMRxdC9D8IAYr7sB92zx_Exe7WMsTbIs1m8_Dk-W1N7Cnj0j0wi_TtLJJX78__tQqB2rOc1hCgK4XJ50qBxOai6zpfH49TEcj-keVERzFBDx2RcC02tpKcFFQAi0ri3ED4j035sCnDeygnXVBJ1Cn8jUyPZfGUzwxJ0l9119IEO_YCXMGsBUx46zNsLVBafgqV0fBYVvxxx0MuEGrP73m3WIDcmcymiks-l_EwYXXm2U-OCz61RH_96j4rpVSwSADZj9vB0FABbm9u_4Cyd7S2q91xp5vjdWLhAsu4YLcNLXRoyh7360hpj4Ie9wRqmIBONEAQ",
      "e": "AQAB",
      "use": "sig",
      "qi": "urSFXABOLD9y2X944oEgSbinjHWf_ChBrsHZahWSpxTqD0b--aQ6OvlYoiQUPxXnAhS0N4vUJp1lh6QWR2GFRbvuozGIQbP960_9DCDagIW0TU_s2Vhtrq9Syyx1jGLStgA9Ldt-7ilgOG2nxL8k3zIMIcRq7sQjO-GIkwC2BOI",
      "dp": "w1P3UThEOduaeHv5bttj3PRJUXqdkeYjt3tiHDiDFmixmMZsQ0xWr60uAxC2TrYkBA19433f2Zcp9PFOlqsdNXr3OKNADaJR-DRrCvin-SKRS_3ZYtoRqqoo1BdrzzfiKhb08Ro4Qsy7aBdagVSC4oILYtT-yYic-mVnFmVvSOU",
      "alg": "RS256",
      "dq": "sIr40JG9xBh8eoYJHQ8HD5efSjQWV4adEtheg9h7s6xA4_EBSCtt_UELtW3r0wklFvf1dJd_SyACsUsjiQjmlVfvL_WdZOY7xlqAbRsgj4MQi1dbwDz5_BOIDOvvAfO8QulqhJzHm_wTaRhxGCd6XV1QKGcGg-7VOoly_pARFkE",
      "n": "se_lLb-RH0wVDmkY0ceK143GsIWB7svE9uSGP-C6Bx7yLWZVDa6ONkeVvVjiGjxaNXHIh2XYFo5wtAvb7i2f3CtiHttTs2wwXHaY-cRhzxfLGQx3FSYuFq23kUiLdiagjSJoHg5fERhuezcAD2N2Ix0fM60iS230SI_EtyYaVHA0GHOy72qUwsWXyFpJipr903JhjUnjQl2qxACM9Td2qnD5HpWDfB7atCC9q6djIAYBMI66x6o8db9CrVR6a25OSgIUSwPPLppKauh184LvtAo6m_lbg8WncJG07UFAcV7Yc-aky1H1F96ubIAy7qhbQD_FOwkVIRHYu8QBD1CPZQ"
    }
  ]
}
public_client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "alg": "RS256",
      "n": "se_lLb-RH0wVDmkY0ceK143GsIWB7svE9uSGP-C6Bx7yLWZVDa6ONkeVvVjiGjxaNXHIh2XYFo5wtAvb7i2f3CtiHttTs2wwXHaY-cRhzxfLGQx3FSYuFq23kUiLdiagjSJoHg5fERhuezcAD2N2Ix0fM60iS230SI_EtyYaVHA0GHOy72qUwsWXyFpJipr903JhjUnjQl2qxACM9Td2qnD5HpWDfB7atCC9q6djIAYBMI66x6o8db9CrVR6a25OSgIUSwPPLppKauh184LvtAo6m_lbg8WncJG07UFAcV7Yc-aky1H1F96ubIAy7qhbQD_FOwkVIRHYu8QBD1CPZQ"
    }
  ]
}
2022-11-28 06:04:29 SUCCESS
CheckDistinctKeyIdValueInClientJWKs
Distinct 'kid' value in all keys of client_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2022-11-28 06:04:29
CreateEmptyDynamicRegistrationRequest
Created empty dynamic registration request
2022-11-28 06:04:29
AddClientNameToDynamicRegistrationRequest
Added client_name to registration request
client_name
Ristretto Core Conformance Test Dynamic Client One f6CpQWzGZW3ohvI
2022-11-28 06:04:29
AddAuthorizationCodeGrantTypeToDynamicRegistrationRequest
Added 'authorization_code' to 'grant_types'
grant_types
[
  "authorization_code"
]
2022-11-28 06:04:29
AddImplicitGrantTypeToDynamicRegistrationRequest
Added 'implicit' to 'grant_types'
grant_types
[
  "authorization_code",
  "implicit"
]
2022-11-28 06:04:29
AddPublicJwksToDynamicRegistrationRequest
Added client public JWKS to dynamic registration request
dynamic_registration_request
{
  "client_name": "Ristretto Core Conformance Test Dynamic Client One f6CpQWzGZW3ohvI",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "se_lLb-RH0wVDmkY0ceK143GsIWB7svE9uSGP-C6Bx7yLWZVDa6ONkeVvVjiGjxaNXHIh2XYFo5wtAvb7i2f3CtiHttTs2wwXHaY-cRhzxfLGQx3FSYuFq23kUiLdiagjSJoHg5fERhuezcAD2N2Ix0fM60iS230SI_EtyYaVHA0GHOy72qUwsWXyFpJipr903JhjUnjQl2qxACM9Td2qnD5HpWDfB7atCC9q6djIAYBMI66x6o8db9CrVR6a25OSgIUSwPPLppKauh184LvtAo6m_lbg8WncJG07UFAcV7Yc-aky1H1F96ubIAy7qhbQD_FOwkVIRHYu8QBD1CPZQ"
      }
    ]
  }
}
2022-11-28 06:04:29
AddTokenEndpointAuthMethodToDynamicRegistrationRequestFromEnvironment
Added token endpoint auth method to dynamic registration request
dynamic_registration_request
{
  "client_name": "Ristretto Core Conformance Test Dynamic Client One f6CpQWzGZW3ohvI",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "se_lLb-RH0wVDmkY0ceK143GsIWB7svE9uSGP-C6Bx7yLWZVDa6ONkeVvVjiGjxaNXHIh2XYFo5wtAvb7i2f3CtiHttTs2wwXHaY-cRhzxfLGQx3FSYuFq23kUiLdiagjSJoHg5fERhuezcAD2N2Ix0fM60iS230SI_EtyYaVHA0GHOy72qUwsWXyFpJipr903JhjUnjQl2qxACM9Td2qnD5HpWDfB7atCC9q6djIAYBMI66x6o8db9CrVR6a25OSgIUSwPPLppKauh184LvtAo6m_lbg8WncJG07UFAcV7Yc-aky1H1F96ubIAy7qhbQD_FOwkVIRHYu8QBD1CPZQ"
      }
    ]
  },
  "token_endpoint_auth_method": "private_key_jwt"
}
2022-11-28 06:04:29
AddResponseTypesArrayToDynamicRegistrationRequestFromEnvironment
Added response_types array to dynamic registration request
dynamic_registration_request
{
  "client_name": "Ristretto Core Conformance Test Dynamic Client One f6CpQWzGZW3ohvI",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "se_lLb-RH0wVDmkY0ceK143GsIWB7svE9uSGP-C6Bx7yLWZVDa6ONkeVvVjiGjxaNXHIh2XYFo5wtAvb7i2f3CtiHttTs2wwXHaY-cRhzxfLGQx3FSYuFq23kUiLdiagjSJoHg5fERhuezcAD2N2Ix0fM60iS230SI_EtyYaVHA0GHOy72qUwsWXyFpJipr903JhjUnjQl2qxACM9Td2qnD5HpWDfB7atCC9q6djIAYBMI66x6o8db9CrVR6a25OSgIUSwPPLppKauh184LvtAo6m_lbg8WncJG07UFAcV7Yc-aky1H1F96ubIAy7qhbQD_FOwkVIRHYu8QBD1CPZQ"
      }
    ]
  },
  "token_endpoint_auth_method": "private_key_jwt",
  "response_types": [
    "code id_token token"
  ]
}
2022-11-28 06:04:29
AddRedirectUriToDynamicRegistrationRequest
Added redirect_uris array to dynamic registration request
dynamic_registration_request
{
  "client_name": "Ristretto Core Conformance Test Dynamic Client One f6CpQWzGZW3ohvI",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "se_lLb-RH0wVDmkY0ceK143GsIWB7svE9uSGP-C6Bx7yLWZVDa6ONkeVvVjiGjxaNXHIh2XYFo5wtAvb7i2f3CtiHttTs2wwXHaY-cRhzxfLGQx3FSYuFq23kUiLdiagjSJoHg5fERhuezcAD2N2Ix0fM60iS230SI_EtyYaVHA0GHOy72qUwsWXyFpJipr903JhjUnjQl2qxACM9Td2qnD5HpWDfB7atCC9q6djIAYBMI66x6o8db9CrVR6a25OSgIUSwPPLppKauh184LvtAo6m_lbg8WncJG07UFAcV7Yc-aky1H1F96ubIAy7qhbQD_FOwkVIRHYu8QBD1CPZQ"
      }
    ]
  },
  "token_endpoint_auth_method": "private_key_jwt",
  "response_types": [
    "code id_token token"
  ],
  "redirect_uris": [
    "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"
  ]
}
2022-11-28 06:04:29
AddContactsToDynamicRegistrationRequest
Added contacts array to dynamic registration request
dynamic_registration_request
{
  "client_name": "Ristretto Core Conformance Test Dynamic Client One f6CpQWzGZW3ohvI",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "se_lLb-RH0wVDmkY0ceK143GsIWB7svE9uSGP-C6Bx7yLWZVDa6ONkeVvVjiGjxaNXHIh2XYFo5wtAvb7i2f3CtiHttTs2wwXHaY-cRhzxfLGQx3FSYuFq23kUiLdiagjSJoHg5fERhuezcAD2N2Ix0fM60iS230SI_EtyYaVHA0GHOy72qUwsWXyFpJipr903JhjUnjQl2qxACM9Td2qnD5HpWDfB7atCC9q6djIAYBMI66x6o8db9CrVR6a25OSgIUSwPPLppKauh184LvtAo6m_lbg8WncJG07UFAcV7Yc-aky1H1F96ubIAy7qhbQD_FOwkVIRHYu8QBD1CPZQ"
      }
    ]
  },
  "token_endpoint_auth_method": "private_key_jwt",
  "response_types": [
    "code id_token token"
  ],
  "redirect_uris": [
    "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"
  ],
  "contacts": [
    "certification@oidf.org"
  ]
}
2022-11-28 06:04:29
AddRefreshTokenGrantTypeToDynamicRegistrationRequest
Added 'refresh_token' to 'grant_types'
grant_types
[
  "authorization_code",
  "implicit",
  "refresh_token"
]
2022-11-28 06:04:29
CallDynamicRegistrationEndpoint
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register
request_method
POST
request_headers
{
  "accept": "application/json",
  "accept-charset": "utf-8",
  "content-type": "application/json",
  "content-length": "787"
}
request_body
{"client_name":"Ristretto Core Conformance Test Dynamic Client One f6CpQWzGZW3ohvI","grant_types":["authorization_code","implicit","refresh_token"],"jwks":{"keys":[{"kty":"RSA","e":"AQAB","use":"sig","alg":"RS256","n":"se_lLb-RH0wVDmkY0ceK143GsIWB7svE9uSGP-C6Bx7yLWZVDa6ONkeVvVjiGjxaNXHIh2XYFo5wtAvb7i2f3CtiHttTs2wwXHaY-cRhzxfLGQx3FSYuFq23kUiLdiagjSJoHg5fERhuezcAD2N2Ix0fM60iS230SI_EtyYaVHA0GHOy72qUwsWXyFpJipr903JhjUnjQl2qxACM9Td2qnD5HpWDfB7atCC9q6djIAYBMI66x6o8db9CrVR6a25OSgIUSwPPLppKauh184LvtAo6m_lbg8WncJG07UFAcV7Yc-aky1H1F96ubIAy7qhbQD_FOwkVIRHYu8QBD1CPZQ"}]},"token_endpoint_auth_method":"private_key_jwt","response_types":["code id_token token"],"redirect_uris":["https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"],"contacts":["certification@oidf.org"]}
2022-11-28 06:04:32 RESPONSE
CallDynamicRegistrationEndpoint
HTTP response
response_status_code
201 CREATED
response_status_text
Created
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK748e0401-4e00-4a20-afd3-3bbcc2ede434",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c28163844f6d37609a61",
  "content-length": "1455",
  "date": "Mon, 28 Nov 2022 06:04:32 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:Emh2XeZASTH8QRO2QCcPg+6GppLmRceFyINA1JeXz18\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:54725591; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d9464E48EBF554897D9E359F81992198F~-1~YAAQEmrcF7DzUoCEAQAA0FDWvAibhHVclfxmi9qNqxOivISRz4jQWMPg2q3IFB/6Y39rL5moWKPc6qfKgIYZc1KYUzE31NbYsU0Bwmzd4KfOGn5/2qBKcaHfTfnoWmxCXYInYOTvwbowwmB2elMfwDbU58GDu+r0ClnbWD07SEKM3spJOotZ+XQBvS9rfc8D9xi+hDydTuu5VDHTYFImQXApfwtBN2O9K9YLiq5CF161D8+5UzDU8vSiw1TYMdjZl+9IUYd1G3a7w2mCVcHh8Mbh5i9Kw34zSr9n7yil8BfszN7lTf3zY2CZ2mH/PMXrvtkSRmLmwenQEdf3KwRPTcGTtOsuQeKdGOpuhtx17sbq/5/YkV/Iy//JckrOw7PgTIG7gwc\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 06:04:32 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003dB8A8DABF076ACA6A914124ACB5A78E67~YAAQEmrcF7HzUoCEAQAA0FDWvBFyVsqLA2nsK7m3z/p+Hx2FdbrFWyvAINl5wWyGT3Cg4MORB/m9ekiN9tvFxAzJoHa3JV1+iStbYP8RKcy9gv2Pp+hGhZETJ4beO3aP61npLHPvTVv6RgSPn+Nb0tetd7A4xalH3snCVd9aDtQ0/l3qQ/fd4RWm3zcRj8hCiiMK4qJo+S47zDjKulao7V/HLsa6EMCebx3HKXRwdPfP+Jlr2xbwDtc1z0iBkphqFAGAm6v5FzAQgK3wx9bWd4oM/sEENdmIrMuKy8TG1l6DbTNJrshAIhXiON7A~4342834~3553602; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 10:04:29 GMT; Max-Age\u003d14397; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d84",
    "origin; dur\u003d2970"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"all_users_entitled":true,"client_id":"95fc743f-0686-4dd9-aa89-44be83f60057","client_id_issued_at":"2022-11-28T06:04:30Z","client_name":"Ristretto Core Conformance Test Dynamic Client One f6CpQWzGZW3ohvI","client_secret":"HEDNBxKaT3","client_secret_expires_at":0,"consent_action":"always_prompt","enforce_pkce":false,"grant_types":["authorization_code","implicit","refresh_token"],"id_token_map":[],"id_token_signed_response_alg":"RS256","initiate_login_uri":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com","jwks":{"keys":[{"use":"sig","kty":"RSA","alg":"RS256","n":"se_lLb-RH0wVDmkY0ceK143GsIWB7svE9uSGP-C6Bx7yLWZVDa6ONkeVvVjiGjxaNXHIh2XYFo5wtAvb7i2f3CtiHttTs2wwXHaY-cRhzxfLGQx3FSYuFq23kUiLdiagjSJoHg5fERhuezcAD2N2Ix0fM60iS230SI_EtyYaVHA0GHOy72qUwsWXyFpJipr903JhjUnjQl2qxACM9Td2qnD5HpWDfB7atCC9q6djIAYBMI66x6o8db9CrVR6a25OSgIUSwPPLppKauh184LvtAo6m_lbg8WncJG07UFAcV7Yc-aky1H1F96ubIAy7qhbQD_FOwkVIRHYu8QBD1CPZQ","e":"AQAB"}]},"redirect_uris":["https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"],"registration_access_token":"nj_VBoyOGTTKl_P1KPtXszkYZj7yG3_X5hcpzbTCKIE.IbNRvpooiZ-m9nLCgduou1O1gokh8dMZNDSNH1Yd8KeE7qLJ11bFnmbfAgH4SJrIl_6Z01kXb6AGwOn9ET10hA.M18xNjY5NjE1NDcyXzE4","registration_client_uri":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register/95fc743f-0686-4dd9-aa89-44be83f60057","response_types":["code token id_token"],"token_endpoint_auth_method":"private_key_jwt","token_map":[]}
2022-11-28 06:04:32
CallDynamicRegistrationEndpoint
Parsed registration endpoint response
status
201
endpoint_name
dynamic registration
headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK748e0401-4e00-4a20-afd3-3bbcc2ede434",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c28163844f6d37609a61",
  "content-length": "1455",
  "date": "Mon, 28 Nov 2022 06:04:32 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:Emh2XeZASTH8QRO2QCcPg+6GppLmRceFyINA1JeXz18\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:54725591; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d9464E48EBF554897D9E359F81992198F~-1~YAAQEmrcF7DzUoCEAQAA0FDWvAibhHVclfxmi9qNqxOivISRz4jQWMPg2q3IFB/6Y39rL5moWKPc6qfKgIYZc1KYUzE31NbYsU0Bwmzd4KfOGn5/2qBKcaHfTfnoWmxCXYInYOTvwbowwmB2elMfwDbU58GDu+r0ClnbWD07SEKM3spJOotZ+XQBvS9rfc8D9xi+hDydTuu5VDHTYFImQXApfwtBN2O9K9YLiq5CF161D8+5UzDU8vSiw1TYMdjZl+9IUYd1G3a7w2mCVcHh8Mbh5i9Kw34zSr9n7yil8BfszN7lTf3zY2CZ2mH/PMXrvtkSRmLmwenQEdf3KwRPTcGTtOsuQeKdGOpuhtx17sbq/5/YkV/Iy//JckrOw7PgTIG7gwc\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 06:04:32 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003dB8A8DABF076ACA6A914124ACB5A78E67~YAAQEmrcF7HzUoCEAQAA0FDWvBFyVsqLA2nsK7m3z/p+Hx2FdbrFWyvAINl5wWyGT3Cg4MORB/m9ekiN9tvFxAzJoHa3JV1+iStbYP8RKcy9gv2Pp+hGhZETJ4beO3aP61npLHPvTVv6RgSPn+Nb0tetd7A4xalH3snCVd9aDtQ0/l3qQ/fd4RWm3zcRj8hCiiMK4qJo+S47zDjKulao7V/HLsa6EMCebx3HKXRwdPfP+Jlr2xbwDtc1z0iBkphqFAGAm6v5FzAQgK3wx9bWd4oM/sEENdmIrMuKy8TG1l6DbTNJrshAIhXiON7A~4342834~3553602; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 10:04:29 GMT; Max-Age\u003d14397; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d84",
    "origin; dur\u003d2970"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
body
{"all_users_entitled":true,"client_id":"95fc743f-0686-4dd9-aa89-44be83f60057","client_id_issued_at":"2022-11-28T06:04:30Z","client_name":"Ristretto Core Conformance Test Dynamic Client One f6CpQWzGZW3ohvI","client_secret":"HEDNBxKaT3","client_secret_expires_at":0,"consent_action":"always_prompt","enforce_pkce":false,"grant_types":["authorization_code","implicit","refresh_token"],"id_token_map":[],"id_token_signed_response_alg":"RS256","initiate_login_uri":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com","jwks":{"keys":[{"use":"sig","kty":"RSA","alg":"RS256","n":"se_lLb-RH0wVDmkY0ceK143GsIWB7svE9uSGP-C6Bx7yLWZVDa6ONkeVvVjiGjxaNXHIh2XYFo5wtAvb7i2f3CtiHttTs2wwXHaY-cRhzxfLGQx3FSYuFq23kUiLdiagjSJoHg5fERhuezcAD2N2Ix0fM60iS230SI_EtyYaVHA0GHOy72qUwsWXyFpJipr903JhjUnjQl2qxACM9Td2qnD5HpWDfB7atCC9q6djIAYBMI66x6o8db9CrVR6a25OSgIUSwPPLppKauh184LvtAo6m_lbg8WncJG07UFAcV7Yc-aky1H1F96ubIAy7qhbQD_FOwkVIRHYu8QBD1CPZQ","e":"AQAB"}]},"redirect_uris":["https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"],"registration_access_token":"nj_VBoyOGTTKl_P1KPtXszkYZj7yG3_X5hcpzbTCKIE.IbNRvpooiZ-m9nLCgduou1O1gokh8dMZNDSNH1Yd8KeE7qLJ11bFnmbfAgH4SJrIl_6Z01kXb6AGwOn9ET10hA.M18xNjY5NjE1NDcyXzE4","registration_client_uri":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register/95fc743f-0686-4dd9-aa89-44be83f60057","response_types":["code token id_token"],"token_endpoint_auth_method":"private_key_jwt","token_map":[]}
body_json
{
  "all_users_entitled": true,
  "client_id": "95fc743f-0686-4dd9-aa89-44be83f60057",
  "client_id_issued_at": "2022-11-28T06:04:30Z",
  "client_name": "Ristretto Core Conformance Test Dynamic Client One f6CpQWzGZW3ohvI",
  "client_secret": "HEDNBxKaT3",
  "client_secret_expires_at": 0,
  "consent_action": "always_prompt",
  "enforce_pkce": false,
  "grant_types": [
    "authorization_code",
    "implicit",
    "refresh_token"
  ],
  "id_token_map": [],
  "id_token_signed_response_alg": "RS256",
  "initiate_login_uri": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com",
  "jwks": {
    "keys": [
      {
        "use": "sig",
        "kty": "RSA",
        "alg": "RS256",
        "n": "se_lLb-RH0wVDmkY0ceK143GsIWB7svE9uSGP-C6Bx7yLWZVDa6ONkeVvVjiGjxaNXHIh2XYFo5wtAvb7i2f3CtiHttTs2wwXHaY-cRhzxfLGQx3FSYuFq23kUiLdiagjSJoHg5fERhuezcAD2N2Ix0fM60iS230SI_EtyYaVHA0GHOy72qUwsWXyFpJipr903JhjUnjQl2qxACM9Td2qnD5HpWDfB7atCC9q6djIAYBMI66x6o8db9CrVR6a25OSgIUSwPPLppKauh184LvtAo6m_lbg8WncJG07UFAcV7Yc-aky1H1F96ubIAy7qhbQD_FOwkVIRHYu8QBD1CPZQ",
        "e": "AQAB"
      }
    ]
  },
  "redirect_uris": [
    "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"
  ],
  "registration_access_token": "nj_VBoyOGTTKl_P1KPtXszkYZj7yG3_X5hcpzbTCKIE.IbNRvpooiZ-m9nLCgduou1O1gokh8dMZNDSNH1Yd8KeE7qLJ11bFnmbfAgH4SJrIl_6Z01kXb6AGwOn9ET10hA.M18xNjY5NjE1NDcyXzE4",
  "registration_client_uri": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register/95fc743f-0686-4dd9-aa89-44be83f60057",
  "response_types": [
    "code token id_token"
  ],
  "token_endpoint_auth_method": "private_key_jwt",
  "token_map": []
}
2022-11-28 06:04:32 SUCCESS
EnsureContentTypeJson
endpoint_response Content-Type: header is application/json
2022-11-28 06:04:32 SUCCESS
EnsureHttpStatusCodeIs201
dynamic registration endpoint returned the expected http status
expected_status
201
http_status
201
2022-11-28 06:04:32 SUCCESS
CheckNoErrorFromDynamicRegistrationEndpoint
Dynamic registration endpoint did not return an error.
2022-11-28 06:04:32 SUCCESS
ExtractDynamicRegistrationResponse
Extracted client from dynamic registration response
client_id
95fc743f-0686-4dd9-aa89-44be83f60057
2022-11-28 06:04:32 SUCCESS
VerifyClientManagementCredentials
Verified dynamic registration management credentials
registration_client_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register/95fc743f-0686-4dd9-aa89-44be83f60057
registration_access_token
nj_VBoyOGTTKl_P1KPtXszkYZj7yG3_X5hcpzbTCKIE.IbNRvpooiZ-m9nLCgduou1O1gokh8dMZNDSNH1Yd8KeE7qLJ11bFnmbfAgH4SJrIl_6Z01kXb6AGwOn9ET10hA.M18xNjY5NjE1NDcyXzE4
2022-11-28 06:04:32
SetScopeInClientConfigurationToOpenId
Set scope in client configuration to "openid"
scope
openid
2022-11-28 06:04:32
SetScopeInClientConfigurationToOpenIdOfflineAccessIfServerSupportsOfflineAccess
scopes supported does not contain 'offline_access' so not adding it to the list of scopes to be requested
scopes_supported
[
  "openid",
  "profile",
  "email",
  "phone",
  "address"
]
2022-11-28 06:04:32 SUCCESS
EnsureServerConfigurationSupportsPrivateKeyJwt
Found supported private_key_jwt method
method
private_key_jwt
2022-11-28 06:04:32
StoreOriginalClient2Configuration
Created original_client_config object from the client configuration.
client_name
Ristretto Core Conformance Test Dynamic Client Two
2022-11-28 06:04:32
ExtractClientNameFromStoredConfig
Extracted client_name from stored client configuration.
client_name
Ristretto Core Conformance Test Dynamic Client Two
2022-11-28 06:04:32 SUCCESS
GenerateRS256ClientJWKs
Generated client JWKs
client_jwks
{
  "keys": [
    {
      "p": "2bcF1f5wJ4w5iYuCCDePbX5qmTY6ctEzR7GZNroAWmlFgx390yEkdXAT49auVPqGFCaqPO79P5WETXVLqDNA8XzXPwGZUPu4AGMDBhbJY03OpRgxB-sJc4JvYUvCflITaW240rU17LZAra7oiUqbESmFDzmIbha9kRnmykTsyC0",
      "kty": "RSA",
      "q": "lwZZ6QZf7hWLiOe_5XPbYk0xgvALZjs9IDnRqWo-wvXKcWU_XGW_Ip_HrhGBgCqIZC3XrpJE0bkIZf3CFyw5rQ1i2Wuwjswhr2GEVwR7QTPty-q70YgaYr3cKLbD2kHGjueo--xw0nEvsU02Bbw-dQmej3vW1jWSmhgl3IMgKz0",
      "d": "AsHmw1HyMkUIxoh4Aa-YHlawhQXOKnEMdo9spbfBOk86g6v58K8taD7U6BhPuH0CQegvJsb3zb1A2KzUHOFvDo2pgVtDRG9DmwXGc97QfBfiPAYIzflVs13ffs7lRBGRGDIfsNMKupP_JthCKgXM6MpPboMZFx3Z5vLaimgDwHX-SUVh0oxzr5T38u0uH7yep1BVdxzj7nHSBuOYqX5_qfX0IUTf5gE7pK1mnXM2d_WA_3dW7yJoLO9FWq82hkMSC9Bo4OkS5nmpYRSaBsU4b1HqHoL14QDPX_Wwanzny0FB6I8d02NsSPQ9665Ii2fsL7NIIoczwhfte8nZhl9psQ",
      "e": "AQAB",
      "use": "sig",
      "qi": "thr-RMmB7lbtADik_0zLAXcFWlmrodhlG2-4085g79A-y8y7Fa0Qax_ZwS2Qgedl5eWv2x_DJymo8bfdLluN_myX-YsN0T8tVLUg2mqRj9MmCzSTwIkB4FY2teMSsoyRxDonZcP2tawK3pI6_5BbsKy3g6LFzII6ocYjXNZKBiU",
      "dp": "0s4dr3vjWtey6pSTfqNVlF6gluNkKsKXlabIRK5LIz_lV7TVjfX8WF4CVE0NlijRZHefxMpfmo6KgXm-nQmrq2gG_vHsYvaozm8QgXfU3ft7yG2pJBKXnym_8QSrOSb9tsrP9-4QXbiG3eWLMUx042RBe2Fo0bfhK7tZtaaRYq0",
      "alg": "RS256",
      "dq": "cexzlGmfobyU5nBTfGXaHxw19hzXrIWRRab39oFT2MOKs-F5W1zRQvAes7s24hSzkEZYhbKGwWF_6VfzuoE8_MK1R2eJ5x4rZt3785xI0dW3UvS-O4Acz1GDKx87PIATpScxfOBN9yE0pd2lm8v1nVnlRz1WwX3mGeGPZflwIc0",
      "n": "gHBbMiofsrbdiIFH5boYu42Hf5qwiK54YMaK2gvREbtfr6skU-YuHBA4koHgfJWySwrtbzEMrtygdu845Yj-uVpwQ9L9lGJCR_BBzOveUqvRZ5O1xFi7K2hpp0fh-N-knoQSuyzcFlRf24DSBLlkXEmMETMODIsxdAm7dABkhYI2kI36UjC9welgTftXjEHxzrNb6ZEun_QKKfBX4SMfo2erl54xsDcLN-TnB_8OTresXJMYiDvwEpaUJXciEytYprGUNZqf1cfUSs1u0rdOi0LMbTJso3s9ji4hyUUUAzZt1pG6tYdkbk_2K0fm2c_Oi9UrruIjmfKSIEd6PqtBuQ"
    }
  ]
}
public_client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "alg": "RS256",
      "n": "gHBbMiofsrbdiIFH5boYu42Hf5qwiK54YMaK2gvREbtfr6skU-YuHBA4koHgfJWySwrtbzEMrtygdu845Yj-uVpwQ9L9lGJCR_BBzOveUqvRZ5O1xFi7K2hpp0fh-N-knoQSuyzcFlRf24DSBLlkXEmMETMODIsxdAm7dABkhYI2kI36UjC9welgTftXjEHxzrNb6ZEun_QKKfBX4SMfo2erl54xsDcLN-TnB_8OTresXJMYiDvwEpaUJXciEytYprGUNZqf1cfUSs1u0rdOi0LMbTJso3s9ji4hyUUUAzZt1pG6tYdkbk_2K0fm2c_Oi9UrruIjmfKSIEd6PqtBuQ"
    }
  ]
}
2022-11-28 06:04:32 SUCCESS
CheckDistinctKeyIdValueInClientJWKs
Distinct 'kid' value in all keys of client_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2022-11-28 06:04:32
CreateEmptyDynamicRegistrationRequest
Created empty dynamic registration request
2022-11-28 06:04:32
AddClientNameToDynamicRegistrationRequest
Added client_name to registration request
client_name
Ristretto Core Conformance Test Dynamic Client Two f6CpQWzGZW3ohvI
2022-11-28 06:04:32
AddAuthorizationCodeGrantTypeToDynamicRegistrationRequest
Added 'authorization_code' to 'grant_types'
grant_types
[
  "authorization_code"
]
2022-11-28 06:04:32
AddImplicitGrantTypeToDynamicRegistrationRequest
Added 'implicit' to 'grant_types'
grant_types
[
  "authorization_code",
  "implicit"
]
2022-11-28 06:04:32
AddPublicJwksToDynamicRegistrationRequest
Added client public JWKS to dynamic registration request
dynamic_registration_request
{
  "client_name": "Ristretto Core Conformance Test Dynamic Client Two f6CpQWzGZW3ohvI",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "gHBbMiofsrbdiIFH5boYu42Hf5qwiK54YMaK2gvREbtfr6skU-YuHBA4koHgfJWySwrtbzEMrtygdu845Yj-uVpwQ9L9lGJCR_BBzOveUqvRZ5O1xFi7K2hpp0fh-N-knoQSuyzcFlRf24DSBLlkXEmMETMODIsxdAm7dABkhYI2kI36UjC9welgTftXjEHxzrNb6ZEun_QKKfBX4SMfo2erl54xsDcLN-TnB_8OTresXJMYiDvwEpaUJXciEytYprGUNZqf1cfUSs1u0rdOi0LMbTJso3s9ji4hyUUUAzZt1pG6tYdkbk_2K0fm2c_Oi9UrruIjmfKSIEd6PqtBuQ"
      }
    ]
  }
}
2022-11-28 06:04:32
AddTokenEndpointAuthMethodToDynamicRegistrationRequestFromEnvironment
Added token endpoint auth method to dynamic registration request
dynamic_registration_request
{
  "client_name": "Ristretto Core Conformance Test Dynamic Client Two f6CpQWzGZW3ohvI",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "gHBbMiofsrbdiIFH5boYu42Hf5qwiK54YMaK2gvREbtfr6skU-YuHBA4koHgfJWySwrtbzEMrtygdu845Yj-uVpwQ9L9lGJCR_BBzOveUqvRZ5O1xFi7K2hpp0fh-N-knoQSuyzcFlRf24DSBLlkXEmMETMODIsxdAm7dABkhYI2kI36UjC9welgTftXjEHxzrNb6ZEun_QKKfBX4SMfo2erl54xsDcLN-TnB_8OTresXJMYiDvwEpaUJXciEytYprGUNZqf1cfUSs1u0rdOi0LMbTJso3s9ji4hyUUUAzZt1pG6tYdkbk_2K0fm2c_Oi9UrruIjmfKSIEd6PqtBuQ"
      }
    ]
  },
  "token_endpoint_auth_method": "private_key_jwt"
}
2022-11-28 06:04:32
AddResponseTypesArrayToDynamicRegistrationRequestFromEnvironment
Added response_types array to dynamic registration request
dynamic_registration_request
{
  "client_name": "Ristretto Core Conformance Test Dynamic Client Two f6CpQWzGZW3ohvI",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "gHBbMiofsrbdiIFH5boYu42Hf5qwiK54YMaK2gvREbtfr6skU-YuHBA4koHgfJWySwrtbzEMrtygdu845Yj-uVpwQ9L9lGJCR_BBzOveUqvRZ5O1xFi7K2hpp0fh-N-knoQSuyzcFlRf24DSBLlkXEmMETMODIsxdAm7dABkhYI2kI36UjC9welgTftXjEHxzrNb6ZEun_QKKfBX4SMfo2erl54xsDcLN-TnB_8OTresXJMYiDvwEpaUJXciEytYprGUNZqf1cfUSs1u0rdOi0LMbTJso3s9ji4hyUUUAzZt1pG6tYdkbk_2K0fm2c_Oi9UrruIjmfKSIEd6PqtBuQ"
      }
    ]
  },
  "token_endpoint_auth_method": "private_key_jwt",
  "response_types": [
    "code id_token token"
  ]
}
2022-11-28 06:04:32
AddRedirectUriToDynamicRegistrationRequest
Added redirect_uris array to dynamic registration request
dynamic_registration_request
{
  "client_name": "Ristretto Core Conformance Test Dynamic Client Two f6CpQWzGZW3ohvI",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "gHBbMiofsrbdiIFH5boYu42Hf5qwiK54YMaK2gvREbtfr6skU-YuHBA4koHgfJWySwrtbzEMrtygdu845Yj-uVpwQ9L9lGJCR_BBzOveUqvRZ5O1xFi7K2hpp0fh-N-knoQSuyzcFlRf24DSBLlkXEmMETMODIsxdAm7dABkhYI2kI36UjC9welgTftXjEHxzrNb6ZEun_QKKfBX4SMfo2erl54xsDcLN-TnB_8OTresXJMYiDvwEpaUJXciEytYprGUNZqf1cfUSs1u0rdOi0LMbTJso3s9ji4hyUUUAzZt1pG6tYdkbk_2K0fm2c_Oi9UrruIjmfKSIEd6PqtBuQ"
      }
    ]
  },
  "token_endpoint_auth_method": "private_key_jwt",
  "response_types": [
    "code id_token token"
  ],
  "redirect_uris": [
    "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"
  ]
}
2022-11-28 06:04:32
AddContactsToDynamicRegistrationRequest
Added contacts array to dynamic registration request
dynamic_registration_request
{
  "client_name": "Ristretto Core Conformance Test Dynamic Client Two f6CpQWzGZW3ohvI",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "gHBbMiofsrbdiIFH5boYu42Hf5qwiK54YMaK2gvREbtfr6skU-YuHBA4koHgfJWySwrtbzEMrtygdu845Yj-uVpwQ9L9lGJCR_BBzOveUqvRZ5O1xFi7K2hpp0fh-N-knoQSuyzcFlRf24DSBLlkXEmMETMODIsxdAm7dABkhYI2kI36UjC9welgTftXjEHxzrNb6ZEun_QKKfBX4SMfo2erl54xsDcLN-TnB_8OTresXJMYiDvwEpaUJXciEytYprGUNZqf1cfUSs1u0rdOi0LMbTJso3s9ji4hyUUUAzZt1pG6tYdkbk_2K0fm2c_Oi9UrruIjmfKSIEd6PqtBuQ"
      }
    ]
  },
  "token_endpoint_auth_method": "private_key_jwt",
  "response_types": [
    "code id_token token"
  ],
  "redirect_uris": [
    "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"
  ],
  "contacts": [
    "certification@oidf.org"
  ]
}
2022-11-28 06:04:32
AddRefreshTokenGrantTypeToDynamicRegistrationRequest
Added 'refresh_token' to 'grant_types'
grant_types
[
  "authorization_code",
  "implicit",
  "refresh_token"
]
2022-11-28 06:04:32
CallDynamicRegistrationEndpoint
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register
request_method
POST
request_headers
{
  "accept": "application/json",
  "accept-charset": "utf-8",
  "content-type": "application/json",
  "content-length": "787"
}
request_body
{"client_name":"Ristretto Core Conformance Test Dynamic Client Two f6CpQWzGZW3ohvI","grant_types":["authorization_code","implicit","refresh_token"],"jwks":{"keys":[{"kty":"RSA","e":"AQAB","use":"sig","alg":"RS256","n":"gHBbMiofsrbdiIFH5boYu42Hf5qwiK54YMaK2gvREbtfr6skU-YuHBA4koHgfJWySwrtbzEMrtygdu845Yj-uVpwQ9L9lGJCR_BBzOveUqvRZ5O1xFi7K2hpp0fh-N-knoQSuyzcFlRf24DSBLlkXEmMETMODIsxdAm7dABkhYI2kI36UjC9welgTftXjEHxzrNb6ZEun_QKKfBX4SMfo2erl54xsDcLN-TnB_8OTresXJMYiDvwEpaUJXciEytYprGUNZqf1cfUSs1u0rdOi0LMbTJso3s9ji4hyUUUAzZt1pG6tYdkbk_2K0fm2c_Oi9UrruIjmfKSIEd6PqtBuQ"}]},"token_endpoint_auth_method":"private_key_jwt","response_types":["code id_token token"],"redirect_uris":["https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"],"contacts":["certification@oidf.org"]}
2022-11-28 06:04:34 RESPONSE
CallDynamicRegistrationEndpoint
HTTP response
response_status_code
201 CREATED
response_status_text
Created
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AKf5d2d2ea-a4ce-4d6d-9adf-f7a8b163f1b3",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c28163844f710835219d",
  "content-length": "1455",
  "date": "Mon, 28 Nov 2022 06:04:34 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:zoDkJA/v44XYWtNosiP+402KnIbirSVXtfZEtk/C9Ko\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:57871319; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d61B4BF2161DBB6B8982A3ED30D70E701~-1~YAAQEmrcF8HzUoCEAQAAXFbWvAj9Y8m9xjYG/OXKZRaQQBMIHam+bLQxDhEc6zVt6ERYutSMsVZFsOLS3tK/zTSrjJ1iw58hkI6fFTbdveOmeItcZ4YkOUI/k5hTrr1Smgz/ID/SmSEbvfYV3pF/1AiL/VTe/lVKtqpi0kGj3YXnuCAyy9LKh8REPnVdA9gC5MAFgt1vSp4mwChkE0fJG1w6T+YeTetzh0A/hRsdNrDGKzLWUWmZPxkAo+/2MnqGzgF3PdP22aU2wET9Yg9YHAMjzVzzrbya6AcnXDKbmxHfILU77u9yCgb4Kt3xr8NRlVBWVva/bFkKkxoVWcMf6QrrSNpcML4rn4Gz5A1VFMh6UK8ymKIGsjPd8gVonxT505xzsVI\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 06:04:34 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d3D2144DD89D34508B2198CB6263E8EC0~YAAQEmrcF8LzUoCEAQAAXFbWvBGBhqEBf4l3JjpBn7XpasVL6u/3XJKUptyhLQ0eE4BOx+rhaMn+lMLsK7HfVZLErM97A4C14kZkAqGvNTP2/nsikUxxP4hosEdDTFu0NeTKMVyQAMy9l0wiqBX9p4aHKeVh8W8je+gqcJZVXWEvVJbWU9MdIyyqn7LRfFevC8IsGlwcF1EI4LrS3VE6oodps4nJEJz94r34m5f7AGdXjMbOTqSWOjpe18A7XNFd+/VulcmF/pYlra/QFnCn9TFOLryxNXWiyTI33QSML1BS0k12YwazzgNaN9mS~3551288~3225909; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 10:04:33 GMT; Max-Age\u003d14399; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d85",
    "origin; dur\u003d1125"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"all_users_entitled":true,"client_id":"5a1f7223-02dd-4e06-95d5-0d8edaf7ea67","client_id_issued_at":"2022-11-28T06:04:33Z","client_name":"Ristretto Core Conformance Test Dynamic Client Two f6CpQWzGZW3ohvI","client_secret":"QLYguCbJ4P","client_secret_expires_at":0,"consent_action":"always_prompt","enforce_pkce":false,"grant_types":["authorization_code","implicit","refresh_token"],"id_token_map":[],"id_token_signed_response_alg":"RS256","initiate_login_uri":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com","jwks":{"keys":[{"use":"sig","kty":"RSA","alg":"RS256","n":"gHBbMiofsrbdiIFH5boYu42Hf5qwiK54YMaK2gvREbtfr6skU-YuHBA4koHgfJWySwrtbzEMrtygdu845Yj-uVpwQ9L9lGJCR_BBzOveUqvRZ5O1xFi7K2hpp0fh-N-knoQSuyzcFlRf24DSBLlkXEmMETMODIsxdAm7dABkhYI2kI36UjC9welgTftXjEHxzrNb6ZEun_QKKfBX4SMfo2erl54xsDcLN-TnB_8OTresXJMYiDvwEpaUJXciEytYprGUNZqf1cfUSs1u0rdOi0LMbTJso3s9ji4hyUUUAzZt1pG6tYdkbk_2K0fm2c_Oi9UrruIjmfKSIEd6PqtBuQ","e":"AQAB"}]},"redirect_uris":["https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"],"registration_access_token":"awaRMhACOaMsGS7bx9sr_wuoHw5Fp5XX2J7KgDvtY3w.5mWvaw48a4XQAA-6f8ye-sdYz0khERLGP50o5BdAttneueuePLwdjQU8CHWLB1sLLoMcr0ZKZ3heWhgg7QzRbA.M18xNjY5NjE1NDc0XzE4","registration_client_uri":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register/5a1f7223-02dd-4e06-95d5-0d8edaf7ea67","response_types":["code token id_token"],"token_endpoint_auth_method":"private_key_jwt","token_map":[]}
2022-11-28 06:04:34
CallDynamicRegistrationEndpoint
Parsed registration endpoint response
status
201
endpoint_name
dynamic registration
headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AKf5d2d2ea-a4ce-4d6d-9adf-f7a8b163f1b3",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c28163844f710835219d",
  "content-length": "1455",
  "date": "Mon, 28 Nov 2022 06:04:34 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:zoDkJA/v44XYWtNosiP+402KnIbirSVXtfZEtk/C9Ko\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:57871319; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d61B4BF2161DBB6B8982A3ED30D70E701~-1~YAAQEmrcF8HzUoCEAQAAXFbWvAj9Y8m9xjYG/OXKZRaQQBMIHam+bLQxDhEc6zVt6ERYutSMsVZFsOLS3tK/zTSrjJ1iw58hkI6fFTbdveOmeItcZ4YkOUI/k5hTrr1Smgz/ID/SmSEbvfYV3pF/1AiL/VTe/lVKtqpi0kGj3YXnuCAyy9LKh8REPnVdA9gC5MAFgt1vSp4mwChkE0fJG1w6T+YeTetzh0A/hRsdNrDGKzLWUWmZPxkAo+/2MnqGzgF3PdP22aU2wET9Yg9YHAMjzVzzrbya6AcnXDKbmxHfILU77u9yCgb4Kt3xr8NRlVBWVva/bFkKkxoVWcMf6QrrSNpcML4rn4Gz5A1VFMh6UK8ymKIGsjPd8gVonxT505xzsVI\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 06:04:34 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d3D2144DD89D34508B2198CB6263E8EC0~YAAQEmrcF8LzUoCEAQAAXFbWvBGBhqEBf4l3JjpBn7XpasVL6u/3XJKUptyhLQ0eE4BOx+rhaMn+lMLsK7HfVZLErM97A4C14kZkAqGvNTP2/nsikUxxP4hosEdDTFu0NeTKMVyQAMy9l0wiqBX9p4aHKeVh8W8je+gqcJZVXWEvVJbWU9MdIyyqn7LRfFevC8IsGlwcF1EI4LrS3VE6oodps4nJEJz94r34m5f7AGdXjMbOTqSWOjpe18A7XNFd+/VulcmF/pYlra/QFnCn9TFOLryxNXWiyTI33QSML1BS0k12YwazzgNaN9mS~3551288~3225909; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 10:04:33 GMT; Max-Age\u003d14399; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d85",
    "origin; dur\u003d1125"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
body
{"all_users_entitled":true,"client_id":"5a1f7223-02dd-4e06-95d5-0d8edaf7ea67","client_id_issued_at":"2022-11-28T06:04:33Z","client_name":"Ristretto Core Conformance Test Dynamic Client Two f6CpQWzGZW3ohvI","client_secret":"QLYguCbJ4P","client_secret_expires_at":0,"consent_action":"always_prompt","enforce_pkce":false,"grant_types":["authorization_code","implicit","refresh_token"],"id_token_map":[],"id_token_signed_response_alg":"RS256","initiate_login_uri":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com","jwks":{"keys":[{"use":"sig","kty":"RSA","alg":"RS256","n":"gHBbMiofsrbdiIFH5boYu42Hf5qwiK54YMaK2gvREbtfr6skU-YuHBA4koHgfJWySwrtbzEMrtygdu845Yj-uVpwQ9L9lGJCR_BBzOveUqvRZ5O1xFi7K2hpp0fh-N-knoQSuyzcFlRf24DSBLlkXEmMETMODIsxdAm7dABkhYI2kI36UjC9welgTftXjEHxzrNb6ZEun_QKKfBX4SMfo2erl54xsDcLN-TnB_8OTresXJMYiDvwEpaUJXciEytYprGUNZqf1cfUSs1u0rdOi0LMbTJso3s9ji4hyUUUAzZt1pG6tYdkbk_2K0fm2c_Oi9UrruIjmfKSIEd6PqtBuQ","e":"AQAB"}]},"redirect_uris":["https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"],"registration_access_token":"awaRMhACOaMsGS7bx9sr_wuoHw5Fp5XX2J7KgDvtY3w.5mWvaw48a4XQAA-6f8ye-sdYz0khERLGP50o5BdAttneueuePLwdjQU8CHWLB1sLLoMcr0ZKZ3heWhgg7QzRbA.M18xNjY5NjE1NDc0XzE4","registration_client_uri":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register/5a1f7223-02dd-4e06-95d5-0d8edaf7ea67","response_types":["code token id_token"],"token_endpoint_auth_method":"private_key_jwt","token_map":[]}
body_json
{
  "all_users_entitled": true,
  "client_id": "5a1f7223-02dd-4e06-95d5-0d8edaf7ea67",
  "client_id_issued_at": "2022-11-28T06:04:33Z",
  "client_name": "Ristretto Core Conformance Test Dynamic Client Two f6CpQWzGZW3ohvI",
  "client_secret": "QLYguCbJ4P",
  "client_secret_expires_at": 0,
  "consent_action": "always_prompt",
  "enforce_pkce": false,
  "grant_types": [
    "authorization_code",
    "implicit",
    "refresh_token"
  ],
  "id_token_map": [],
  "id_token_signed_response_alg": "RS256",
  "initiate_login_uri": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com",
  "jwks": {
    "keys": [
      {
        "use": "sig",
        "kty": "RSA",
        "alg": "RS256",
        "n": "gHBbMiofsrbdiIFH5boYu42Hf5qwiK54YMaK2gvREbtfr6skU-YuHBA4koHgfJWySwrtbzEMrtygdu845Yj-uVpwQ9L9lGJCR_BBzOveUqvRZ5O1xFi7K2hpp0fh-N-knoQSuyzcFlRf24DSBLlkXEmMETMODIsxdAm7dABkhYI2kI36UjC9welgTftXjEHxzrNb6ZEun_QKKfBX4SMfo2erl54xsDcLN-TnB_8OTresXJMYiDvwEpaUJXciEytYprGUNZqf1cfUSs1u0rdOi0LMbTJso3s9ji4hyUUUAzZt1pG6tYdkbk_2K0fm2c_Oi9UrruIjmfKSIEd6PqtBuQ",
        "e": "AQAB"
      }
    ]
  },
  "redirect_uris": [
    "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"
  ],
  "registration_access_token": "awaRMhACOaMsGS7bx9sr_wuoHw5Fp5XX2J7KgDvtY3w.5mWvaw48a4XQAA-6f8ye-sdYz0khERLGP50o5BdAttneueuePLwdjQU8CHWLB1sLLoMcr0ZKZ3heWhgg7QzRbA.M18xNjY5NjE1NDc0XzE4",
  "registration_client_uri": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register/5a1f7223-02dd-4e06-95d5-0d8edaf7ea67",
  "response_types": [
    "code token id_token"
  ],
  "token_endpoint_auth_method": "private_key_jwt",
  "token_map": []
}
2022-11-28 06:04:34 SUCCESS
EnsureContentTypeJson
endpoint_response Content-Type: header is application/json
2022-11-28 06:04:34 SUCCESS
EnsureHttpStatusCodeIs201
dynamic registration endpoint returned the expected http status
expected_status
201
http_status
201
2022-11-28 06:04:34 SUCCESS
CheckNoErrorFromDynamicRegistrationEndpoint
Dynamic registration endpoint did not return an error.
2022-11-28 06:04:34 SUCCESS
ExtractDynamicRegistrationResponse
Extracted client from dynamic registration response
client_id
5a1f7223-02dd-4e06-95d5-0d8edaf7ea67
2022-11-28 06:04:34 SUCCESS
VerifyClientManagementCredentials
Verified dynamic registration management credentials
registration_client_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register/5a1f7223-02dd-4e06-95d5-0d8edaf7ea67
registration_access_token
awaRMhACOaMsGS7bx9sr_wuoHw5Fp5XX2J7KgDvtY3w.5mWvaw48a4XQAA-6f8ye-sdYz0khERLGP50o5BdAttneueuePLwdjQU8CHWLB1sLLoMcr0ZKZ3heWhgg7QzRbA.M18xNjY5NjE1NDc0XzE4
2022-11-28 06:04:34
SetScopeInClientConfigurationToOpenId
Set scope in client configuration to "openid"
scope
openid
2022-11-28 06:04:34
SetScopeInClientConfigurationToOpenIdOfflineAccessIfServerSupportsOfflineAccess
scopes supported does not contain 'offline_access' so not adding it to the list of scopes to be requested
scopes_supported
[
  "openid",
  "profile",
  "email",
  "phone",
  "address"
]
2022-11-28 06:04:34 SUCCESS
EnsureServerConfigurationSupportsPrivateKeyJwt
Found supported private_key_jwt method
method
private_key_jwt
2022-11-28 06:04:34 SUCCESS
SetProtectedResourceUrlToUserInfoEndpoint
userinfo_endpoint will be used to test access token. The user info is not a mandatory to implement feature in the OpenID Connect specification, but is mandatory for certification.
protected_resource_url
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/userinfo
2022-11-28 06:04:34
oidcc-refresh-token
Setup Done
Make request to authorization endpoint
2022-11-28 06:04:34 SUCCESS
CreateAuthorizationEndpointRequestFromClientInformation
Created authorization endpoint request
client_id
95fc743f-0686-4dd9-aa89-44be83f60057
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
scope
openid
2022-11-28 06:04:34
CreateRandomStateValue
Created state value
requested_state_length
10
state
au8Cp7VBCk
2022-11-28 06:04:34 SUCCESS
AddStateToAuthorizationEndpointRequest
Added state parameter to request
client_id
95fc743f-0686-4dd9-aa89-44be83f60057
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
scope
openid
state
au8Cp7VBCk
2022-11-28 06:04:34
CreateRandomNonceValue
Created nonce value
requested_nonce_length
10
nonce
IroJxtRIfV
2022-11-28 06:04:34 SUCCESS
AddNonceToAuthorizationEndpointRequest
Added nonce parameter to request
client_id
95fc743f-0686-4dd9-aa89-44be83f60057
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
scope
openid
state
au8Cp7VBCk
nonce
IroJxtRIfV
2022-11-28 06:04:34 SUCCESS
SetAuthorizationEndpointRequestResponseTypeFromEnvironment
Added response_type parameter to request
client_id
95fc743f-0686-4dd9-aa89-44be83f60057
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
scope
openid
state
au8Cp7VBCk
nonce
IroJxtRIfV
response_type
code id_token token
2022-11-28 06:04:34 SUCCESS
AddPromptConsentToAuthorizationEndpointRequestIfScopeContainsOfflineAccess
Not adding prompt=consent as the scope in the configuration does not contain offline_access
2022-11-28 06:04:34 SUCCESS
BuildPlainRedirectToAuthorizationEndpoint
Sending to authorization endpoint
auth_request
{
  "client_id": "95fc743f-0686-4dd9-aa89-44be83f60057",
  "redirect_uri": "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback",
  "scope": "openid",
  "state": "au8Cp7VBCk",
  "nonce": "IroJxtRIfV",
  "response_type": "code id_token token"
}
redirect_to_authorization_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/authorize?client_id=95fc743f-0686-4dd9-aa89-44be83f60057&redirect_uri=https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback&scope=openid&state=au8Cp7VBCk&nonce=IroJxtRIfV&response_type=code%20id_token%20token
2022-11-28 06:04:34 REDIRECT
oidcc-refresh-token
Redirecting to authorization endpoint
redirect_to
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/authorize?client_id=95fc743f-0686-4dd9-aa89-44be83f60057&redirect_uri=https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback&scope=openid&state=au8Cp7VBCk&nonce=IroJxtRIfV&response_type=code%20id_token%20token
2022-11-28 06:04:55 INCOMING
oidcc-refresh-token
Incoming HTTP request to /test/a/isv_op_oidc_core_test/callback
incoming_headers
{
  "host": "www.certification.openid.net",
  "cache-control": "max-age\u003d0",
  "upgrade-insecure-requests": "1",
  "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,image/avif,image/webp,image/apng,*/*;q\u003d0.8,application/signed-exchange;v\u003db3;q\u003d0.9",
  "sec-fetch-site": "cross-site",
  "sec-fetch-mode": "navigate",
  "sec-fetch-user": "?1",
  "sec-fetch-dest": "document",
  "sec-ch-ua": "\"Google Chrome\";v\u003d\"107\", \"Chromium\";v\u003d\"107\", \"Not\u003dA?Brand\";v\u003d\"24\"",
  "sec-ch-ua-mobile": "?0",
  "sec-ch-ua-platform": "\"Windows\"",
  "referer": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-US,en;q\u003d0.9,zh-CN;q\u003d0.8,zh;q\u003d0.7",
  "cookie": "__utmc\u003d201319536; __utma\u003d201319536.1094656506.1667372526.1669192421.1669574146.18; __utmz\u003d201319536.1669574146.18.4.utmcsr\u003dgoogle|utmccn\u003d(organic)|utmcmd\u003dorganic|utmctr\u003d(not%20provided); JSESSIONID\u003d3F138883B59A4562B9987C6E0F96FA4F",
  "connection": "close"
}
incoming_path
/test/a/isv_op_oidc_core_test/callback
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cert
incoming_query_string_params
{}
incoming_body
incoming_tls_chain
[
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL"
]
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_body_json
2022-11-28 06:04:55 SUCCESS
CreateRandomImplicitSubmitUrl
Created random implicit submission URL
implicit_submit
{
  "path": "implicit/erluUP0a5fdwOzbB0xy8",
  "fullUrl": "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/implicit/erluUP0a5fdwOzbB0xy8"
}
2022-11-28 06:04:55 OUTGOING
oidcc-refresh-token
Response to HTTP request to test instance f6CpQWzGZW3ohvI
outgoing
ModelAndView [view="implicitCallback"; model={implicitSubmitUrl=https://www.certification.openid.net/test/a/isv_op_oidc_core_test/implicit/erluUP0a5fdwOzbB0xy8, returnUrl=/log-detail.html?log=f6CpQWzGZW3ohvI}]
outgoing_path
callback
2022-11-28 06:04:55 INCOMING
oidcc-refresh-token
Incoming HTTP request to /test/a/isv_op_oidc_core_test/implicit/erluUP0a5fdwOzbB0xy8
incoming_headers
{
  "host": "www.certification.openid.net",
  "sec-ch-ua": "\"Google Chrome\";v\u003d\"107\", \"Chromium\";v\u003d\"107\", \"Not\u003dA?Brand\";v\u003d\"24\"",
  "accept": "*/*",
  "content-type": "text/plain",
  "x-requested-with": "XMLHttpRequest",
  "sec-ch-ua-mobile": "?0",
  "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36",
  "sec-ch-ua-platform": "\"Windows\"",
  "origin": "https://www.certification.openid.net",
  "sec-fetch-site": "same-origin",
  "sec-fetch-mode": "cors",
  "sec-fetch-dest": "empty",
  "referer": "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-US,en;q\u003d0.9,zh-CN;q\u003d0.8,zh;q\u003d0.7",
  "cookie": "__utmc\u003d201319536; __utma\u003d201319536.1094656506.1667372526.1669192421.1669574146.18; __utmz\u003d201319536.1669574146.18.4.utmcsr\u003dgoogle|utmccn\u003d(organic)|utmcmd\u003dorganic|utmctr\u003d(not%20provided); JSESSIONID\u003d3F138883B59A4562B9987C6E0F96FA4F",
  "connection": "close",
  "content-length": "1537"
}
incoming_path
/test/a/isv_op_oidc_core_test/implicit/erluUP0a5fdwOzbB0xy8
incoming_body_form_params
incoming_method
POST
incoming_tls_version
TLSv1.2
incoming_tls_cert
incoming_query_string_params
{}
incoming_body
#access_token=ft5mE9Z1kGZB-hL4oR_c0VgyAmJX65_VmIJfWYWuaWI.CxigSwbPW_QYfaQ3I5GSF4wJn6qjciN7Ga72CAgr89aOeH6ikvl6P9T_5xPHCbWbXV39qZIj-A06ZFI4dM2Mzw.M18xNjY5NjE1NDk0XzE4&code=tp3iPjdoqggVHR08C2BREAnsYlyBLaQ5sRCOqGwn0N4.29tpafUuls7sMGOpykBd7EAk_CfdfVCDfrwpNKR3yb05112JGnMN18ONVIkmiKS7yf1_cy3IzrPb81Rb1Sk5cg&expires_in=7200&id_token=eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJZYk1KeUpPcmF6M29VSUZOMWxtY0p3IiwiYXVkIjpbIjk1ZmM3NDNmLTA2ODYtNGRkOS1hYTg5LTQ0YmU4M2Y2MDA1NyJdLCJhdXRoX3RpbWUiOjE2Njk2MTUyMTMsImNfaGFzaCI6IjFobkpNSk94QTd6cWxFNU50eXNVSEEiLCJleHAiOjE2Njk2MjI2OTQsImlhdCI6MTY2OTYxNTQ5NCwiaXNzIjoiaHR0cHM6Ly9vaWRjLWNvbmZvcm1hbmNlLnJlbC52ZXJpZnkuaWJtY2xvdWRzZWN1cml0eS5jb20vb2F1dGgyIiwianRpIjoiNzI2NDk1NWQtYWJjNC00MzVmLWFmZWUtNGVjYTlkYTJiYWIwIiwibmFtZSI6IklTViBEZXYiLCJub25jZSI6Iklyb0p4dFJJZlYiLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJpc3ZkZXZAaWJtLmNvbSIsInJhdCI6MTY2OTYxNTQ5MSwicmVhbG1OYW1lIjoiY2xvdWRJZGVudGl0eVJlYWxtIiwic19oYXNoIjoieFp3WWtTOWVXLUJjNlVkbmNBTGgtUSIsInN1YiI6IjYxNjAwMTdONjcifQ.oozvkpEHE2js5QubnBQIdkmjhipt801rGWQjJboY3I98M7OW4OvCTT8v5_NbbEeZrf0jTMddXKs1WbmBjep_DmR2KQ_VMw67kSRx-hamtS3ItDMY1ykSz8lk4_U8haiVJ6LCpFe7ogcF6D7L7PKEfmGvk58ywbnR8UeE10cwo0T86dFfsVJ-U7zC4xIlN52nE0YI65WlheDSNDQsbg6sLgX1bLBpnSYof1lB1ZC9RU1RwYS8zeXdxofccv_SaWYV4dWrQ55N9h6EDeoe2Zc4RTKLCSO9Pa1rAIkXQlIlb4N3DXF7YjGTnBwzsZ18crS3szm3a295MBnKzzi7Qxiypw&iss=https%3A%2F%2Foidc-conformance.rel.verify.ibmcloudsecurity.com%2Foauth2&scope=openid&state=au8Cp7VBCk&token_type=bearer
incoming_tls_chain
[
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL"
]
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_body_json
2022-11-28 06:04:55 OUTGOING
oidcc-refresh-token
Response to HTTP request to test instance f6CpQWzGZW3ohvI
outgoing_status_code
204
outgoing_headers
{}
outgoing_body

                                
outgoing_path
implicit/erluUP0a5fdwOzbB0xy8
2022-11-28 06:04:55
ExtractImplicitHashToCallbackResponse
Extracted response from URL fragment
parameters
[
  {
    "name": "access_token",
    "value": "ft5mE9Z1kGZB-hL4oR_c0VgyAmJX65_VmIJfWYWuaWI.CxigSwbPW_QYfaQ3I5GSF4wJn6qjciN7Ga72CAgr89aOeH6ikvl6P9T_5xPHCbWbXV39qZIj-A06ZFI4dM2Mzw.M18xNjY5NjE1NDk0XzE4"
  },
  {
    "name": "code",
    "value": "tp3iPjdoqggVHR08C2BREAnsYlyBLaQ5sRCOqGwn0N4.29tpafUuls7sMGOpykBd7EAk_CfdfVCDfrwpNKR3yb05112JGnMN18ONVIkmiKS7yf1_cy3IzrPb81Rb1Sk5cg"
  },
  {
    "name": "expires_in",
    "value": "7200"
  },
  {
    "name": "id_token",
    "value": "eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJZYk1KeUpPcmF6M29VSUZOMWxtY0p3IiwiYXVkIjpbIjk1ZmM3NDNmLTA2ODYtNGRkOS1hYTg5LTQ0YmU4M2Y2MDA1NyJdLCJhdXRoX3RpbWUiOjE2Njk2MTUyMTMsImNfaGFzaCI6IjFobkpNSk94QTd6cWxFNU50eXNVSEEiLCJleHAiOjE2Njk2MjI2OTQsImlhdCI6MTY2OTYxNTQ5NCwiaXNzIjoiaHR0cHM6Ly9vaWRjLWNvbmZvcm1hbmNlLnJlbC52ZXJpZnkuaWJtY2xvdWRzZWN1cml0eS5jb20vb2F1dGgyIiwianRpIjoiNzI2NDk1NWQtYWJjNC00MzVmLWFmZWUtNGVjYTlkYTJiYWIwIiwibmFtZSI6IklTViBEZXYiLCJub25jZSI6Iklyb0p4dFJJZlYiLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJpc3ZkZXZAaWJtLmNvbSIsInJhdCI6MTY2OTYxNTQ5MSwicmVhbG1OYW1lIjoiY2xvdWRJZGVudGl0eVJlYWxtIiwic19oYXNoIjoieFp3WWtTOWVXLUJjNlVkbmNBTGgtUSIsInN1YiI6IjYxNjAwMTdONjcifQ.oozvkpEHE2js5QubnBQIdkmjhipt801rGWQjJboY3I98M7OW4OvCTT8v5_NbbEeZrf0jTMddXKs1WbmBjep_DmR2KQ_VMw67kSRx-hamtS3ItDMY1ykSz8lk4_U8haiVJ6LCpFe7ogcF6D7L7PKEfmGvk58ywbnR8UeE10cwo0T86dFfsVJ-U7zC4xIlN52nE0YI65WlheDSNDQsbg6sLgX1bLBpnSYof1lB1ZC9RU1RwYS8zeXdxofccv_SaWYV4dWrQ55N9h6EDeoe2Zc4RTKLCSO9Pa1rAIkXQlIlb4N3DXF7YjGTnBwzsZ18crS3szm3a295MBnKzzi7Qxiypw"
  },
  {
    "name": "iss",
    "value": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2"
  },
  {
    "name": "scope",
    "value": "openid"
  },
  {
    "name": "state",
    "value": "au8Cp7VBCk"
  },
  {
    "name": "token_type",
    "value": "bearer"
  }
]
2022-11-28 06:04:55 SUCCESS
ExtractImplicitHashToCallbackResponse
Extracted the hash values
access_token
ft5mE9Z1kGZB-hL4oR_c0VgyAmJX65_VmIJfWYWuaWI.CxigSwbPW_QYfaQ3I5GSF4wJn6qjciN7Ga72CAgr89aOeH6ikvl6P9T_5xPHCbWbXV39qZIj-A06ZFI4dM2Mzw.M18xNjY5NjE1NDk0XzE4
code
tp3iPjdoqggVHR08C2BREAnsYlyBLaQ5sRCOqGwn0N4.29tpafUuls7sMGOpykBd7EAk_CfdfVCDfrwpNKR3yb05112JGnMN18ONVIkmiKS7yf1_cy3IzrPb81Rb1Sk5cg
expires_in
7200
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJZYk1KeUpPcmF6M29VSUZOMWxtY0p3IiwiYXVkIjpbIjk1ZmM3NDNmLTA2ODYtNGRkOS1hYTg5LTQ0YmU4M2Y2MDA1NyJdLCJhdXRoX3RpbWUiOjE2Njk2MTUyMTMsImNfaGFzaCI6IjFobkpNSk94QTd6cWxFNU50eXNVSEEiLCJleHAiOjE2Njk2MjI2OTQsImlhdCI6MTY2OTYxNTQ5NCwiaXNzIjoiaHR0cHM6Ly9vaWRjLWNvbmZvcm1hbmNlLnJlbC52ZXJpZnkuaWJtY2xvdWRzZWN1cml0eS5jb20vb2F1dGgyIiwianRpIjoiNzI2NDk1NWQtYWJjNC00MzVmLWFmZWUtNGVjYTlkYTJiYWIwIiwibmFtZSI6IklTViBEZXYiLCJub25jZSI6Iklyb0p4dFJJZlYiLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJpc3ZkZXZAaWJtLmNvbSIsInJhdCI6MTY2OTYxNTQ5MSwicmVhbG1OYW1lIjoiY2xvdWRJZGVudGl0eVJlYWxtIiwic19oYXNoIjoieFp3WWtTOWVXLUJjNlVkbmNBTGgtUSIsInN1YiI6IjYxNjAwMTdONjcifQ.oozvkpEHE2js5QubnBQIdkmjhipt801rGWQjJboY3I98M7OW4OvCTT8v5_NbbEeZrf0jTMddXKs1WbmBjep_DmR2KQ_VMw67kSRx-hamtS3ItDMY1ykSz8lk4_U8haiVJ6LCpFe7ogcF6D7L7PKEfmGvk58ywbnR8UeE10cwo0T86dFfsVJ-U7zC4xIlN52nE0YI65WlheDSNDQsbg6sLgX1bLBpnSYof1lB1ZC9RU1RwYS8zeXdxofccv_SaWYV4dWrQ55N9h6EDeoe2Zc4RTKLCSO9Pa1rAIkXQlIlb4N3DXF7YjGTnBwzsZ18crS3szm3a295MBnKzzi7Qxiypw
iss
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2
scope
openid
state
au8Cp7VBCk
token_type
bearer
2022-11-28 06:04:55 REDIRECT-IN
oidcc-refresh-token
Authorization endpoint response captured
url_query
{}
headers
{
  "host": "www.certification.openid.net",
  "cache-control": "max-age\u003d0",
  "upgrade-insecure-requests": "1",
  "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,image/avif,image/webp,image/apng,*/*;q\u003d0.8,application/signed-exchange;v\u003db3;q\u003d0.9",
  "sec-fetch-site": "cross-site",
  "sec-fetch-mode": "navigate",
  "sec-fetch-user": "?1",
  "sec-fetch-dest": "document",
  "sec-ch-ua": "\"Google Chrome\";v\u003d\"107\", \"Chromium\";v\u003d\"107\", \"Not\u003dA?Brand\";v\u003d\"24\"",
  "sec-ch-ua-mobile": "?0",
  "sec-ch-ua-platform": "\"Windows\"",
  "referer": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-US,en;q\u003d0.9,zh-CN;q\u003d0.8,zh;q\u003d0.7",
  "cookie": "__utmc\u003d201319536; __utma\u003d201319536.1094656506.1667372526.1669192421.1669574146.18; __utmz\u003d201319536.1669574146.18.4.utmcsr\u003dgoogle|utmccn\u003d(organic)|utmcmd\u003dorganic|utmctr\u003d(not%20provided); JSESSIONID\u003d3F138883B59A4562B9987C6E0F96FA4F",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "x-forwarded-proto": "https",
  "x-forwarded-port": "443",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
http_method
GET
url_fragment
{
  "access_token": "ft5mE9Z1kGZB-hL4oR_c0VgyAmJX65_VmIJfWYWuaWI.CxigSwbPW_QYfaQ3I5GSF4wJn6qjciN7Ga72CAgr89aOeH6ikvl6P9T_5xPHCbWbXV39qZIj-A06ZFI4dM2Mzw.M18xNjY5NjE1NDk0XzE4",
  "code": "tp3iPjdoqggVHR08C2BREAnsYlyBLaQ5sRCOqGwn0N4.29tpafUuls7sMGOpykBd7EAk_CfdfVCDfrwpNKR3yb05112JGnMN18ONVIkmiKS7yf1_cy3IzrPb81Rb1Sk5cg",
  "expires_in": "7200",
  "id_token": "eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJZYk1KeUpPcmF6M29VSUZOMWxtY0p3IiwiYXVkIjpbIjk1ZmM3NDNmLTA2ODYtNGRkOS1hYTg5LTQ0YmU4M2Y2MDA1NyJdLCJhdXRoX3RpbWUiOjE2Njk2MTUyMTMsImNfaGFzaCI6IjFobkpNSk94QTd6cWxFNU50eXNVSEEiLCJleHAiOjE2Njk2MjI2OTQsImlhdCI6MTY2OTYxNTQ5NCwiaXNzIjoiaHR0cHM6Ly9vaWRjLWNvbmZvcm1hbmNlLnJlbC52ZXJpZnkuaWJtY2xvdWRzZWN1cml0eS5jb20vb2F1dGgyIiwianRpIjoiNzI2NDk1NWQtYWJjNC00MzVmLWFmZWUtNGVjYTlkYTJiYWIwIiwibmFtZSI6IklTViBEZXYiLCJub25jZSI6Iklyb0p4dFJJZlYiLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJpc3ZkZXZAaWJtLmNvbSIsInJhdCI6MTY2OTYxNTQ5MSwicmVhbG1OYW1lIjoiY2xvdWRJZGVudGl0eVJlYWxtIiwic19oYXNoIjoieFp3WWtTOWVXLUJjNlVkbmNBTGgtUSIsInN1YiI6IjYxNjAwMTdONjcifQ.oozvkpEHE2js5QubnBQIdkmjhipt801rGWQjJboY3I98M7OW4OvCTT8v5_NbbEeZrf0jTMddXKs1WbmBjep_DmR2KQ_VMw67kSRx-hamtS3ItDMY1ykSz8lk4_U8haiVJ6LCpFe7ogcF6D7L7PKEfmGvk58ywbnR8UeE10cwo0T86dFfsVJ-U7zC4xIlN52nE0YI65WlheDSNDQsbg6sLgX1bLBpnSYof1lB1ZC9RU1RwYS8zeXdxofccv_SaWYV4dWrQ55N9h6EDeoe2Zc4RTKLCSO9Pa1rAIkXQlIlb4N3DXF7YjGTnBwzsZ18crS3szm3a295MBnKzzi7Qxiypw",
  "iss": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "scope": "openid",
  "state": "au8Cp7VBCk",
  "token_type": "bearer"
}
post_body
Verify authorization endpoint response
2022-11-28 06:04:55 SUCCESS
RejectAuthCodeInUrlQuery
Authorization code is not present in URL query returned from authorization endpoint
2022-11-28 06:04:55 SUCCESS
RejectErrorInUrlQuery
'error' is not present in URL query returned from authorization endpoint
2022-11-28 06:04:55 SUCCESS
CheckMatchingCallbackParameters
Callback parameters successfully verified
2022-11-28 06:04:55 SUCCESS
ValidateIssInAuthorizationResponse
'iss' parameter in authorization response matches server's issuer value.
2022-11-28 06:04:55 SUCCESS
CheckIfAuthorizationEndpointError
No error from authorization endpoint
2022-11-28 06:04:55 SUCCESS
CheckStateInAuthorizationResponse
State in response correctly returned
state
au8Cp7VBCk
2022-11-28 06:04:55 SUCCESS
ExtractAuthorizationCodeFromAuthorizationResponse
Found authorization code
code
tp3iPjdoqggVHR08C2BREAnsYlyBLaQ5sRCOqGwn0N4.29tpafUuls7sMGOpykBd7EAk_CfdfVCDfrwpNKR3yb05112JGnMN18ONVIkmiKS7yf1_cy3IzrPb81Rb1Sk5cg
2022-11-28 06:04:55 SUCCESS
ExtractAccessTokenFromAuthorizationResponse
Extracted the access token
value
ft5mE9Z1kGZB-hL4oR_c0VgyAmJX65_VmIJfWYWuaWI.CxigSwbPW_QYfaQ3I5GSF4wJn6qjciN7Ga72CAgr89aOeH6ikvl6P9T_5xPHCbWbXV39qZIj-A06ZFI4dM2Mzw.M18xNjY5NjE1NDk0XzE4
type
bearer
2022-11-28 06:04:55 SUCCESS
ExtractIdTokenFromAuthorizationResponse
Found and parsed the id_token from authorization_endpoint_response
value
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJZYk1KeUpPcmF6M29VSUZOMWxtY0p3IiwiYXVkIjpbIjk1ZmM3NDNmLTA2ODYtNGRkOS1hYTg5LTQ0YmU4M2Y2MDA1NyJdLCJhdXRoX3RpbWUiOjE2Njk2MTUyMTMsImNfaGFzaCI6IjFobkpNSk94QTd6cWxFNU50eXNVSEEiLCJleHAiOjE2Njk2MjI2OTQsImlhdCI6MTY2OTYxNTQ5NCwiaXNzIjoiaHR0cHM6Ly9vaWRjLWNvbmZvcm1hbmNlLnJlbC52ZXJpZnkuaWJtY2xvdWRzZWN1cml0eS5jb20vb2F1dGgyIiwianRpIjoiNzI2NDk1NWQtYWJjNC00MzVmLWFmZWUtNGVjYTlkYTJiYWIwIiwibmFtZSI6IklTViBEZXYiLCJub25jZSI6Iklyb0p4dFJJZlYiLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJpc3ZkZXZAaWJtLmNvbSIsInJhdCI6MTY2OTYxNTQ5MSwicmVhbG1OYW1lIjoiY2xvdWRJZGVudGl0eVJlYWxtIiwic19oYXNoIjoieFp3WWtTOWVXLUJjNlVkbmNBTGgtUSIsInN1YiI6IjYxNjAwMTdONjcifQ.oozvkpEHE2js5QubnBQIdkmjhipt801rGWQjJboY3I98M7OW4OvCTT8v5_NbbEeZrf0jTMddXKs1WbmBjep_DmR2KQ_VMw67kSRx-hamtS3ItDMY1ykSz8lk4_U8haiVJ6LCpFe7ogcF6D7L7PKEfmGvk58ywbnR8UeE10cwo0T86dFfsVJ-U7zC4xIlN52nE0YI65WlheDSNDQsbg6sLgX1bLBpnSYof1lB1ZC9RU1RwYS8zeXdxofccv_SaWYV4dWrQ55N9h6EDeoe2Zc4RTKLCSO9Pa1rAIkXQlIlb4N3DXF7YjGTnBwzsZ18crS3szm3a295MBnKzzi7Qxiypw
header
{
  "kid": "server",
  "alg": "RS256"
}
claims
{
  "at_hash": "YbMJyJOraz3oUIFN1lmcJw",
  "sub": "6160017N67",
  "rat": 1669615491,
  "realmName": "cloudIdentityRealm",
  "amr": [
    "password"
  ],
  "iss": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "preferred_username": "isvdev@ibm.com",
  "nonce": "IroJxtRIfV",
  "acr": "urn:ibm:security:policy:id:1",
  "aud": "95fc743f-0686-4dd9-aa89-44be83f60057",
  "c_hash": "1hnJMJOxA7zqlE5NtysUHA",
  "s_hash": "xZwYkS9eW-Bc6UdncALh-Q",
  "auth_time": 1669615213,
  "name": "ISV Dev",
  "exp": 1669622694,
  "iat": 1669615494,
  "jti": "7264955d-abc4-435f-afee-4eca9da2bab0"
}
2022-11-28 06:04:55 SUCCESS
ValidateIdToken
ID token iss, aud, exp, iat, auth_time, acr & nbf claims passed validation checks
2022-11-28 06:04:55
ValidateIdTokenStandardClaims
sub is a string with content
2022-11-28 06:04:55
ValidateIdTokenStandardClaims
Skipping unknown claim: rat
2022-11-28 06:04:55
ValidateIdTokenStandardClaims
Skipping unknown claim: realmName
2022-11-28 06:04:55
ValidateIdTokenStandardClaims
preferred_username is a string with content
2022-11-28 06:04:55
ValidateIdTokenStandardClaims
name is a string with content
2022-11-28 06:04:55 SUCCESS
ValidateIdTokenStandardClaims
id_token claims are valid
2022-11-28 06:04:55 SUCCESS
ValidateIdTokenNonce
Nonce values match
nonce
IroJxtRIfV
2022-11-28 06:04:55 SUCCESS
ValidateIdTokenACRClaimAgainstRequest
Nothing to check; the conformance suite did not request an acr claim in request object
2022-11-28 06:04:55 SUCCESS
ValidateIdTokenSignature
id_token signature validated
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJZYk1KeUpPcmF6M29VSUZOMWxtY0p3IiwiYXVkIjpbIjk1ZmM3NDNmLTA2ODYtNGRkOS1hYTg5LTQ0YmU4M2Y2MDA1NyJdLCJhdXRoX3RpbWUiOjE2Njk2MTUyMTMsImNfaGFzaCI6IjFobkpNSk94QTd6cWxFNU50eXNVSEEiLCJleHAiOjE2Njk2MjI2OTQsImlhdCI6MTY2OTYxNTQ5NCwiaXNzIjoiaHR0cHM6Ly9vaWRjLWNvbmZvcm1hbmNlLnJlbC52ZXJpZnkuaWJtY2xvdWRzZWN1cml0eS5jb20vb2F1dGgyIiwianRpIjoiNzI2NDk1NWQtYWJjNC00MzVmLWFmZWUtNGVjYTlkYTJiYWIwIiwibmFtZSI6IklTViBEZXYiLCJub25jZSI6Iklyb0p4dFJJZlYiLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJpc3ZkZXZAaWJtLmNvbSIsInJhdCI6MTY2OTYxNTQ5MSwicmVhbG1OYW1lIjoiY2xvdWRJZGVudGl0eVJlYWxtIiwic19oYXNoIjoieFp3WWtTOWVXLUJjNlVkbmNBTGgtUSIsInN1YiI6IjYxNjAwMTdONjcifQ.oozvkpEHE2js5QubnBQIdkmjhipt801rGWQjJboY3I98M7OW4OvCTT8v5_NbbEeZrf0jTMddXKs1WbmBjep_DmR2KQ_VMw67kSRx-hamtS3ItDMY1ykSz8lk4_U8haiVJ6LCpFe7ogcF6D7L7PKEfmGvk58ywbnR8UeE10cwo0T86dFfsVJ-U7zC4xIlN52nE0YI65WlheDSNDQsbg6sLgX1bLBpnSYof1lB1ZC9RU1RwYS8zeXdxofccv_SaWYV4dWrQ55N9h6EDeoe2Zc4RTKLCSO9Pa1rAIkXQlIlb4N3DXF7YjGTnBwzsZ18crS3szm3a295MBnKzzi7Qxiypw
2022-11-28 06:04:55 SUCCESS
ValidateIdTokenSignatureUsingKid
id_token signature validated
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJZYk1KeUpPcmF6M29VSUZOMWxtY0p3IiwiYXVkIjpbIjk1ZmM3NDNmLTA2ODYtNGRkOS1hYTg5LTQ0YmU4M2Y2MDA1NyJdLCJhdXRoX3RpbWUiOjE2Njk2MTUyMTMsImNfaGFzaCI6IjFobkpNSk94QTd6cWxFNU50eXNVSEEiLCJleHAiOjE2Njk2MjI2OTQsImlhdCI6MTY2OTYxNTQ5NCwiaXNzIjoiaHR0cHM6Ly9vaWRjLWNvbmZvcm1hbmNlLnJlbC52ZXJpZnkuaWJtY2xvdWRzZWN1cml0eS5jb20vb2F1dGgyIiwianRpIjoiNzI2NDk1NWQtYWJjNC00MzVmLWFmZWUtNGVjYTlkYTJiYWIwIiwibmFtZSI6IklTViBEZXYiLCJub25jZSI6Iklyb0p4dFJJZlYiLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJpc3ZkZXZAaWJtLmNvbSIsInJhdCI6MTY2OTYxNTQ5MSwicmVhbG1OYW1lIjoiY2xvdWRJZGVudGl0eVJlYWxtIiwic19oYXNoIjoieFp3WWtTOWVXLUJjNlVkbmNBTGgtUSIsInN1YiI6IjYxNjAwMTdONjcifQ.oozvkpEHE2js5QubnBQIdkmjhipt801rGWQjJboY3I98M7OW4OvCTT8v5_NbbEeZrf0jTMddXKs1WbmBjep_DmR2KQ_VMw67kSRx-hamtS3ItDMY1ykSz8lk4_U8haiVJ6LCpFe7ogcF6D7L7PKEfmGvk58ywbnR8UeE10cwo0T86dFfsVJ-U7zC4xIlN52nE0YI65WlheDSNDQsbg6sLgX1bLBpnSYof1lB1ZC9RU1RwYS8zeXdxofccv_SaWYV4dWrQ55N9h6EDeoe2Zc4RTKLCSO9Pa1rAIkXQlIlb4N3DXF7YjGTnBwzsZ18crS3szm3a295MBnKzzi7Qxiypw
2022-11-28 06:04:55 SUCCESS
CheckForSubjectInIdToken
Found 'sub' in id_token
sub
6160017N67
2022-11-28 06:04:55
EnsureIdTokenUpdatedAtValid
id_token response does not contain 'updated_at'
2022-11-28 06:04:55 INFO
ValidateEncryptedIdTokenHasKid
Skipped evaluation due to missing required element: id_token jwe_header
path
jwe_header
mapped
object
id_token
Userinfo endpoint tests
2022-11-28 06:04:55
CallProtectedResource
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/userinfo
request_method
GET
request_headers
{
  "accept": "application/json",
  "authorization": "bearer ft5mE9Z1kGZB-hL4oR_c0VgyAmJX65_VmIJfWYWuaWI.CxigSwbPW_QYfaQ3I5GSF4wJn6qjciN7Ga72CAgr89aOeH6ikvl6P9T_5xPHCbWbXV39qZIj-A06ZFI4dM2Mzw.M18xNjY5NjE1NDk0XzE4",
  "content-length": "0"
}
request_body

                                
2022-11-28 06:04:55 RESPONSE
CallProtectedResource
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK0ed497ae-1c0a-4c5b-a0fd-465c4f573ce7",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c28163844f8721badcc5",
  "content-length": "324",
  "date": "Mon, 28 Nov 2022 06:04:55 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:20mEKCeXb2M/oVIihGsnQXcPA3PZXbR5oyvCxhWWb6A\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:61017047; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003dDD665F9BFAC5B5B06D3D91EE60D94FF6~-1~YAAQJHYGFw/f/ISEAQAA3KrWvAhbVM2DQ/1xCBTaOV62Vdct/mLgi6r4OdGMRE4wCPETkFMmlG2xPQYlkhWoKPdXTOUCbMeTyurMqClNCm+l70BCN7fWRHjFQ1suxd/kzyaq+Plrw4bnjGd6kVfNYreHss+b9y0UMuFUr+XbhYDjDM2176kiD1g0vMGBGkdSOnZNBQ0/TDvAYFrYpTWTQAqTRMeW6PSfUpar5C3D7acTt4eDI76ERpU9OzyftIyNDJLmQFA0kzQxtixpqtQHy7PiWgIn1r4Eol/62ymPN7eMtbVCudin0jAyRwLzQrNBmxgrE7dGKrX4Yw5Tf+D49nDMfAu0KB5dBhwVQwE1lXQxp82QJARQiNGekslkW4pjaseI2Aw\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 06:04:55 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d8438F30F30CFD73EBD0254EC37BBF5B7~YAAQJHYGFxDf/ISEAQAA3KrWvBE/FwCgz4PGkWIaINK4gqK2F50EKm98pYP1NuVDPTfU/nmBqMkfa9lDe24rcp83IVToJm7UXGoQ5rFl7Mi2JdFSBYGYRr92Wsp7SX93JtItF3DnttNBSv/CqTU8LdvBMJBWQNt+QyusdLUCf3vVTB4FYN02wjioEmFEb1hy/V3Yo8D9oJd3vazUtDWMTy4xPZrXboUQGuH/IOYrtysBV3CRTYAZw6sFwMXhAlHP7P3jD0CbTunjBMJA7V9XEip2gmOAMh1MWaLTQ9O1WsAAc6ZV6+iQRm8KsEBA~3159097~3683398; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 10:04:55 GMT; Max-Age\u003d14400; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d93",
    "origin; dur\u003d114"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"acr":"urn:ibm:security:policy:id:1","amr":["password"],"aud":["95fc743f-0686-4dd9-aa89-44be83f60057"],"auth_time":1669615213,"iss":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2","name":"ISV Dev","preferred_username":"isvdev@ibm.com","rat":1669615491,"realmName":"cloudIdentityRealm","sub":"6160017N67"}
2022-11-28 06:04:55 SUCCESS
CallProtectedResource
Got a response from the resource endpoint
status
200
endpoint_name
resource
headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK0ed497ae-1c0a-4c5b-a0fd-465c4f573ce7",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c28163844f8721badcc5",
  "content-length": "324",
  "date": "Mon, 28 Nov 2022 06:04:55 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:20mEKCeXb2M/oVIihGsnQXcPA3PZXbR5oyvCxhWWb6A\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:61017047; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003dDD665F9BFAC5B5B06D3D91EE60D94FF6~-1~YAAQJHYGFw/f/ISEAQAA3KrWvAhbVM2DQ/1xCBTaOV62Vdct/mLgi6r4OdGMRE4wCPETkFMmlG2xPQYlkhWoKPdXTOUCbMeTyurMqClNCm+l70BCN7fWRHjFQ1suxd/kzyaq+Plrw4bnjGd6kVfNYreHss+b9y0UMuFUr+XbhYDjDM2176kiD1g0vMGBGkdSOnZNBQ0/TDvAYFrYpTWTQAqTRMeW6PSfUpar5C3D7acTt4eDI76ERpU9OzyftIyNDJLmQFA0kzQxtixpqtQHy7PiWgIn1r4Eol/62ymPN7eMtbVCudin0jAyRwLzQrNBmxgrE7dGKrX4Yw5Tf+D49nDMfAu0KB5dBhwVQwE1lXQxp82QJARQiNGekslkW4pjaseI2Aw\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 06:04:55 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d8438F30F30CFD73EBD0254EC37BBF5B7~YAAQJHYGFxDf/ISEAQAA3KrWvBE/FwCgz4PGkWIaINK4gqK2F50EKm98pYP1NuVDPTfU/nmBqMkfa9lDe24rcp83IVToJm7UXGoQ5rFl7Mi2JdFSBYGYRr92Wsp7SX93JtItF3DnttNBSv/CqTU8LdvBMJBWQNt+QyusdLUCf3vVTB4FYN02wjioEmFEb1hy/V3Yo8D9oJd3vazUtDWMTy4xPZrXboUQGuH/IOYrtysBV3CRTYAZw6sFwMXhAlHP7P3jD0CbTunjBMJA7V9XEip2gmOAMh1MWaLTQ9O1WsAAc6ZV6+iQRm8KsEBA~3159097~3683398; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 10:04:55 GMT; Max-Age\u003d14400; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d93",
    "origin; dur\u003d114"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
body
{"acr":"urn:ibm:security:policy:id:1","amr":["password"],"aud":["95fc743f-0686-4dd9-aa89-44be83f60057"],"auth_time":1669615213,"iss":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2","name":"ISV Dev","preferred_username":"isvdev@ibm.com","rat":1669615491,"realmName":"cloudIdentityRealm","sub":"6160017N67"}
2022-11-28 06:04:55 SUCCESS
EnsureHttpStatusCodeIs200
resource endpoint returned the expected http status
expected_status
200
http_status
200
2022-11-28 06:04:55 SUCCESS
CreateTokenEndpointRequestForAuthorizationCodeGrant
Created token endpoint request
grant_type
authorization_code
code
tp3iPjdoqggVHR08C2BREAnsYlyBLaQ5sRCOqGwn0N4.29tpafUuls7sMGOpykBd7EAk_CfdfVCDfrwpNKR3yb05112JGnMN18ONVIkmiKS7yf1_cy3IzrPb81Rb1Sk5cg
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
2022-11-28 06:04:55 SUCCESS
CreateClientAuthenticationAssertionClaims
Created client assertion claims
iss
95fc743f-0686-4dd9-aa89-44be83f60057
sub
95fc743f-0686-4dd9-aa89-44be83f60057
aud
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/token
jti
cJTBVkZ1EZ7mxV4Cu8bg
iat
1669615495
exp
1669615555
2022-11-28 06:04:55 SUCCESS
SignClientAuthenticationAssertion
Signed the client assertion
client_assertion
eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiI5NWZjNzQzZi0wNjg2LTRkZDktYWE4OS00NGJlODNmNjAwNTciLCJhdWQiOiJodHRwczpcL1wvb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tXC9vYXV0aDJcL3Rva2VuIiwiaXNzIjoiOTVmYzc0M2YtMDY4Ni00ZGQ5LWFhODktNDRiZTgzZjYwMDU3IiwiZXhwIjoxNjY5NjE1NTU1LCJpYXQiOjE2Njk2MTU0OTUsImp0aSI6ImNKVEJWa1oxRVo3bXhWNEN1OGJnIn0.AbxTS44mI2gMetsY5tnfrdcsmhGjlzzHy8_RBGndJ0iyzuLgjLVTCMEhFoMo5moCrVfTTbiNpKKoyOxLiM3Vr86aD8yGmytg_B4--Fn0gyLU8SNR3hgo2nwxx02NHgJ9vfKrO_cCOCKxmkNF87FQvjYJdvOKiceZgZ7DVcphIx7aIOPHospNrOXOeSrI3U-CBayPgAPP7ix5ZvmsZJblTQLVNLsAWuLKvzv_69hr45TivS3KW9D1vNpLTGefS9rdC96aj0vtnvtDoGSLUHnGhToyuT27iMwQGLqtf461u7Avk0OWsFfDAJKMM0Pf4FIv4rsNV4JcXHSkm1HknNIYnA
2022-11-28 06:04:55
AddClientAssertionToTokenEndpointRequest
Added client assertion
grant_type
authorization_code
code
tp3iPjdoqggVHR08C2BREAnsYlyBLaQ5sRCOqGwn0N4.29tpafUuls7sMGOpykBd7EAk_CfdfVCDfrwpNKR3yb05112JGnMN18ONVIkmiKS7yf1_cy3IzrPb81Rb1Sk5cg
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
client_assertion
eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiI5NWZjNzQzZi0wNjg2LTRkZDktYWE4OS00NGJlODNmNjAwNTciLCJhdWQiOiJodHRwczpcL1wvb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tXC9vYXV0aDJcL3Rva2VuIiwiaXNzIjoiOTVmYzc0M2YtMDY4Ni00ZGQ5LWFhODktNDRiZTgzZjYwMDU3IiwiZXhwIjoxNjY5NjE1NTU1LCJpYXQiOjE2Njk2MTU0OTUsImp0aSI6ImNKVEJWa1oxRVo3bXhWNEN1OGJnIn0.AbxTS44mI2gMetsY5tnfrdcsmhGjlzzHy8_RBGndJ0iyzuLgjLVTCMEhFoMo5moCrVfTTbiNpKKoyOxLiM3Vr86aD8yGmytg_B4--Fn0gyLU8SNR3hgo2nwxx02NHgJ9vfKrO_cCOCKxmkNF87FQvjYJdvOKiceZgZ7DVcphIx7aIOPHospNrOXOeSrI3U-CBayPgAPP7ix5ZvmsZJblTQLVNLsAWuLKvzv_69hr45TivS3KW9D1vNpLTGefS9rdC96aj0vtnvtDoGSLUHnGhToyuT27iMwQGLqtf461u7Avk0OWsFfDAJKMM0Pf4FIv4rsNV4JcXHSkm1HknNIYnA
client_assertion_type
urn:ietf:params:oauth:client-assertion-type:jwt-bearer
2022-11-28 06:04:55
CallTokenEndpoint
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/token
request_method
POST
request_headers
{
  "accept": "application/json",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "1051"
}
request_body
grant_type=authorization_code&code=tp3iPjdoqggVHR08C2BREAnsYlyBLaQ5sRCOqGwn0N4.29tpafUuls7sMGOpykBd7EAk_CfdfVCDfrwpNKR3yb05112JGnMN18ONVIkmiKS7yf1_cy3IzrPb81Rb1Sk5cg&redirect_uri=https%3A%2F%2Fwww.certification.openid.net%2Ftest%2Fa%2Fisv_op_oidc_core_test%2Fcallback&client_assertion=eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiI5NWZjNzQzZi0wNjg2LTRkZDktYWE4OS00NGJlODNmNjAwNTciLCJhdWQiOiJodHRwczpcL1wvb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tXC9vYXV0aDJcL3Rva2VuIiwiaXNzIjoiOTVmYzc0M2YtMDY4Ni00ZGQ5LWFhODktNDRiZTgzZjYwMDU3IiwiZXhwIjoxNjY5NjE1NTU1LCJpYXQiOjE2Njk2MTU0OTUsImp0aSI6ImNKVEJWa1oxRVo3bXhWNEN1OGJnIn0.AbxTS44mI2gMetsY5tnfrdcsmhGjlzzHy8_RBGndJ0iyzuLgjLVTCMEhFoMo5moCrVfTTbiNpKKoyOxLiM3Vr86aD8yGmytg_B4--Fn0gyLU8SNR3hgo2nwxx02NHgJ9vfKrO_cCOCKxmkNF87FQvjYJdvOKiceZgZ7DVcphIx7aIOPHospNrOXOeSrI3U-CBayPgAPP7ix5ZvmsZJblTQLVNLsAWuLKvzv_69hr45TivS3KW9D1vNpLTGefS9rdC96aj0vtnvtDoGSLUHnGhToyuT27iMwQGLqtf461u7Avk0OWsFfDAJKMM0Pf4FIv4rsNV4JcXHSkm1HknNIYnA&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer
2022-11-28 06:04:56 RESPONSE
CallTokenEndpoint
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK6be8423b-b4ac-499b-9a25-342fdf3cb0fd",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c28163844f880835306d",
  "content-length": "1498",
  "date": "Mon, 28 Nov 2022 06:04:56 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:S36FzIzd8pFS71+pAYYDOM2miYxMagv5R63U5Ei3gh8\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:61017047; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d524E0EB468C654467159E6E07BD60748~-1~YAAQJHYGFyzf/ISEAQAA4azWvAg9S7BYynYqEvf5WYx7FCbG5TdvW57hXqv3qVQEwa3EaFeEe1plAsLF4kURXJNoSMbZPvC42fIEl2mhBDkd2mpaTWUvYBN1KeTm3hpN0KxtGRmAEd/bzICzTJUPSQwERJjamvQv58s4hJ834K0NXtyBRbtDUbH5rhAf8EzM6qs+wN6XF8qkBB7C8wnCyF1fx/akl3wqgYGjcO9WWxhV8tQeTiTaHlAdgOBwSJKO2adROSEWub97k0JRtWRGwmKnEQQrpZj+lo3YsAXlh7WUZrYnqYdEUNGbEWoGHW7HBoSZAlmxefBIXs7C5t000Fa2oblL9kUdOkZLgNEb5f/8QiNObXLkcsYtcf7fwMzB+dhYfb4\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 06:04:56 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003dB9A1BEBF9623A647B92C596CE7C773FE~YAAQJHYGFy3f/ISEAQAA4azWvBGq6qHvH7OUh9w06uPqxs4T59/DzliHwx6NK4OAZ1sOXz7V7K+pUI5aqHG6glsdLNPIQATF0SGSwfUsSzQ4vTytDqGZWpzmSSpPv6T2bR1xgwhNyrRDVwzrHhwu6tV9F/vJGS3TQdVqLWo6B+NZaCbWE00KCBnLZgwhzY7q1wKSn3YU3jnE0ZgOoA4BXLmge2VZjKB1HqFo4jyDytt1ng7+dHrvz6/8QKIQaFANYy9ANypxrE3Bo8Bt90XMM579y/YqCwlEjx0r6gt8eCt/BQkelQf7NbiYtq69~3159097~3683398; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 10:04:55 GMT; Max-Age\u003d14399; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d224",
    "origin; dur\u003d222"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"access_token":"7x5Dq0kIiremVTWn9hkp-_FU4GPj4mrZvWnFiyDQsyY._8JIhHtfJBJuaeG2iIHdnLYue3oVaeVBR3r6UXyouc8YvvqqzKScUWdfRfBS2t-gYi80BywSqhI4uaKareny6g.M18xNjY5NjE1NDk2XzE4","expires_in":7199,"id_token":"eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJvYVp2NklNaEw3cEZEQUtFR1gwZS1BIiwiYXVkIjpbIjk1ZmM3NDNmLTA2ODYtNGRkOS1hYTg5LTQ0YmU4M2Y2MDA1NyJdLCJhdXRoX3RpbWUiOjE2Njk2MTUyMTMsImV4cCI6MTY2OTYyMjY5NiwiaWF0IjoxNjY5NjE1NDk2LCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiI1ZWNmMjcxZi1kMWVjLTQ2ODMtOTc5OS04Yzg1YTRmZjA4NzUiLCJuYW1lIjoiSVNWIERldiIsIm5vbmNlIjoiSXJvSnh0UklmViIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NjE1NDkxLCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoibnA2dWs3Q2ltUFpPMWc2a0ZnajZ4ZyIsInNfaGFzaCI6Inhad1lrUzllVy1CYzZVZG5jQUxoLVEiLCJzdWIiOiI2MTYwMDE3TjY3In0.ZgsZFj5k4Bni2Qk9mtuJ42mfI7Yy_vXDDbiEQyxvb1IMltyAI3fF4KkLh4pAVoKTBlx_drVQmDFtk_I24PZm5_L4dZCSjjX2-w6ZWr5zTuGjRDyTu3H2ro6FJdTw3gZKvm_zJXlNoGTGLZF9k-7aTx2FMRAw_qDTS5lPL4hEwlj5dptv1phzBNZCTY34OeyphLjEEvqZVDGSdbDsKGVoXt6bBkOri29j73O8o2dsjSx-qt5SpplgQLkQz_kjbE4-36xOMbthhhoKtp--pJTcjkQEPLBNEHaIipkIFaZGLxJgPBQKQJiQD_EmI9Kxx5v6onjOCLwT1l145EErx7ZoOQ","refresh_token":"hzWauw2HPYA6s3QLA-0Sfqb08IZ6XhQJRsRdAlARW_Q.wcZNjE1FGx-0Z0-Tc7HpGxHOFbH-6ZJ99WOsZdKRHjjBM04_5UHFwXPhpXmp23GpFRCn_IMlNLTggkJQ7g-TAg.M18xNjY5NjE1NDk2XzE4","scope":"openid","token_type":"bearer"}
2022-11-28 06:04:56 SUCCESS
CallTokenEndpoint
Parsed token endpoint response
access_token
7x5Dq0kIiremVTWn9hkp-_FU4GPj4mrZvWnFiyDQsyY._8JIhHtfJBJuaeG2iIHdnLYue3oVaeVBR3r6UXyouc8YvvqqzKScUWdfRfBS2t-gYi80BywSqhI4uaKareny6g.M18xNjY5NjE1NDk2XzE4
expires_in
7199
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJvYVp2NklNaEw3cEZEQUtFR1gwZS1BIiwiYXVkIjpbIjk1ZmM3NDNmLTA2ODYtNGRkOS1hYTg5LTQ0YmU4M2Y2MDA1NyJdLCJhdXRoX3RpbWUiOjE2Njk2MTUyMTMsImV4cCI6MTY2OTYyMjY5NiwiaWF0IjoxNjY5NjE1NDk2LCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiI1ZWNmMjcxZi1kMWVjLTQ2ODMtOTc5OS04Yzg1YTRmZjA4NzUiLCJuYW1lIjoiSVNWIERldiIsIm5vbmNlIjoiSXJvSnh0UklmViIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NjE1NDkxLCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoibnA2dWs3Q2ltUFpPMWc2a0ZnajZ4ZyIsInNfaGFzaCI6Inhad1lrUzllVy1CYzZVZG5jQUxoLVEiLCJzdWIiOiI2MTYwMDE3TjY3In0.ZgsZFj5k4Bni2Qk9mtuJ42mfI7Yy_vXDDbiEQyxvb1IMltyAI3fF4KkLh4pAVoKTBlx_drVQmDFtk_I24PZm5_L4dZCSjjX2-w6ZWr5zTuGjRDyTu3H2ro6FJdTw3gZKvm_zJXlNoGTGLZF9k-7aTx2FMRAw_qDTS5lPL4hEwlj5dptv1phzBNZCTY34OeyphLjEEvqZVDGSdbDsKGVoXt6bBkOri29j73O8o2dsjSx-qt5SpplgQLkQz_kjbE4-36xOMbthhhoKtp--pJTcjkQEPLBNEHaIipkIFaZGLxJgPBQKQJiQD_EmI9Kxx5v6onjOCLwT1l145EErx7ZoOQ
refresh_token
hzWauw2HPYA6s3QLA-0Sfqb08IZ6XhQJRsRdAlARW_Q.wcZNjE1FGx-0Z0-Tc7HpGxHOFbH-6ZJ99WOsZdKRHjjBM04_5UHFwXPhpXmp23GpFRCn_IMlNLTggkJQ7g-TAg.M18xNjY5NjE1NDk2XzE4
scope
openid
token_type
bearer
2022-11-28 06:04:56 SUCCESS
CheckIfTokenEndpointResponseError
No error from token endpoint
2022-11-28 06:04:56 SUCCESS
CheckForAccessTokenValue
Found an access token
access_token
7x5Dq0kIiremVTWn9hkp-_FU4GPj4mrZvWnFiyDQsyY._8JIhHtfJBJuaeG2iIHdnLYue3oVaeVBR3r6UXyouc8YvvqqzKScUWdfRfBS2t-gYi80BywSqhI4uaKareny6g.M18xNjY5NjE1NDk2XzE4
2022-11-28 06:04:56 SUCCESS
ExtractAccessTokenFromTokenResponse
Extracted the access token
value
7x5Dq0kIiremVTWn9hkp-_FU4GPj4mrZvWnFiyDQsyY._8JIhHtfJBJuaeG2iIHdnLYue3oVaeVBR3r6UXyouc8YvvqqzKScUWdfRfBS2t-gYi80BywSqhI4uaKareny6g.M18xNjY5NjE1NDk2XzE4
type
bearer
2022-11-28 06:04:56 SUCCESS
ExtractExpiresInFromTokenEndpointResponse
Extracted 'expires_in'
expires_in
7199
2022-11-28 06:04:56 SUCCESS
ValidateExpiresIn
expires_in passed all validation checks
expires_in
7199
2022-11-28 06:04:56 SUCCESS
CheckForRefreshTokenValue
Found a refresh token
refresh_token
hzWauw2HPYA6s3QLA-0Sfqb08IZ6XhQJRsRdAlARW_Q.wcZNjE1FGx-0Z0-Tc7HpGxHOFbH-6ZJ99WOsZdKRHjjBM04_5UHFwXPhpXmp23GpFRCn_IMlNLTggkJQ7g-TAg.M18xNjY5NjE1NDk2XzE4
2022-11-28 06:04:56 SUCCESS
ExtractIdTokenFromTokenResponse
Found and parsed the id_token from token_endpoint_response
value
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJvYVp2NklNaEw3cEZEQUtFR1gwZS1BIiwiYXVkIjpbIjk1ZmM3NDNmLTA2ODYtNGRkOS1hYTg5LTQ0YmU4M2Y2MDA1NyJdLCJhdXRoX3RpbWUiOjE2Njk2MTUyMTMsImV4cCI6MTY2OTYyMjY5NiwiaWF0IjoxNjY5NjE1NDk2LCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiI1ZWNmMjcxZi1kMWVjLTQ2ODMtOTc5OS04Yzg1YTRmZjA4NzUiLCJuYW1lIjoiSVNWIERldiIsIm5vbmNlIjoiSXJvSnh0UklmViIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NjE1NDkxLCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoibnA2dWs3Q2ltUFpPMWc2a0ZnajZ4ZyIsInNfaGFzaCI6Inhad1lrUzllVy1CYzZVZG5jQUxoLVEiLCJzdWIiOiI2MTYwMDE3TjY3In0.ZgsZFj5k4Bni2Qk9mtuJ42mfI7Yy_vXDDbiEQyxvb1IMltyAI3fF4KkLh4pAVoKTBlx_drVQmDFtk_I24PZm5_L4dZCSjjX2-w6ZWr5zTuGjRDyTu3H2ro6FJdTw3gZKvm_zJXlNoGTGLZF9k-7aTx2FMRAw_qDTS5lPL4hEwlj5dptv1phzBNZCTY34OeyphLjEEvqZVDGSdbDsKGVoXt6bBkOri29j73O8o2dsjSx-qt5SpplgQLkQz_kjbE4-36xOMbthhhoKtp--pJTcjkQEPLBNEHaIipkIFaZGLxJgPBQKQJiQD_EmI9Kxx5v6onjOCLwT1l145EErx7ZoOQ
header
{
  "kid": "server",
  "alg": "RS256"
}
claims
{
  "at_hash": "oaZv6IMhL7pFDAKEGX0e-A",
  "sub": "6160017N67",
  "rat": 1669615491,
  "realmName": "cloudIdentityRealm",
  "amr": [
    "password"
  ],
  "iss": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "preferred_username": "isvdev@ibm.com",
  "nonce": "IroJxtRIfV",
  "rt_hash": "np6uk7CimPZO1g6kFgj6xg",
  "acr": "urn:ibm:security:policy:id:1",
  "aud": "95fc743f-0686-4dd9-aa89-44be83f60057",
  "s_hash": "xZwYkS9eW-Bc6UdncALh-Q",
  "auth_time": 1669615213,
  "name": "ISV Dev",
  "exp": 1669622696,
  "iat": 1669615496,
  "jti": "5ecf271f-d1ec-4683-9799-8c85a4ff0875"
}
2022-11-28 06:04:56 SUCCESS
ValidateIdToken
ID token iss, aud, exp, iat, auth_time, acr & nbf claims passed validation checks
2022-11-28 06:04:56
ValidateIdTokenStandardClaims
sub is a string with content
2022-11-28 06:04:56
ValidateIdTokenStandardClaims
Skipping unknown claim: rat
2022-11-28 06:04:56
ValidateIdTokenStandardClaims
Skipping unknown claim: realmName
2022-11-28 06:04:56
ValidateIdTokenStandardClaims
preferred_username is a string with content
2022-11-28 06:04:56
ValidateIdTokenStandardClaims
Skipping unknown claim: rt_hash
2022-11-28 06:04:56
ValidateIdTokenStandardClaims
name is a string with content
2022-11-28 06:04:56 SUCCESS
ValidateIdTokenStandardClaims
id_token claims are valid
2022-11-28 06:04:56 SUCCESS
ValidateIdTokenNonce
Nonce values match
nonce
IroJxtRIfV
2022-11-28 06:04:56 SUCCESS
ValidateIdTokenACRClaimAgainstRequest
Nothing to check; the conformance suite did not request an acr claim in request object
2022-11-28 06:04:56 SUCCESS
ValidateIdTokenSignature
id_token signature validated
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJvYVp2NklNaEw3cEZEQUtFR1gwZS1BIiwiYXVkIjpbIjk1ZmM3NDNmLTA2ODYtNGRkOS1hYTg5LTQ0YmU4M2Y2MDA1NyJdLCJhdXRoX3RpbWUiOjE2Njk2MTUyMTMsImV4cCI6MTY2OTYyMjY5NiwiaWF0IjoxNjY5NjE1NDk2LCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiI1ZWNmMjcxZi1kMWVjLTQ2ODMtOTc5OS04Yzg1YTRmZjA4NzUiLCJuYW1lIjoiSVNWIERldiIsIm5vbmNlIjoiSXJvSnh0UklmViIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NjE1NDkxLCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoibnA2dWs3Q2ltUFpPMWc2a0ZnajZ4ZyIsInNfaGFzaCI6Inhad1lrUzllVy1CYzZVZG5jQUxoLVEiLCJzdWIiOiI2MTYwMDE3TjY3In0.ZgsZFj5k4Bni2Qk9mtuJ42mfI7Yy_vXDDbiEQyxvb1IMltyAI3fF4KkLh4pAVoKTBlx_drVQmDFtk_I24PZm5_L4dZCSjjX2-w6ZWr5zTuGjRDyTu3H2ro6FJdTw3gZKvm_zJXlNoGTGLZF9k-7aTx2FMRAw_qDTS5lPL4hEwlj5dptv1phzBNZCTY34OeyphLjEEvqZVDGSdbDsKGVoXt6bBkOri29j73O8o2dsjSx-qt5SpplgQLkQz_kjbE4-36xOMbthhhoKtp--pJTcjkQEPLBNEHaIipkIFaZGLxJgPBQKQJiQD_EmI9Kxx5v6onjOCLwT1l145EErx7ZoOQ
2022-11-28 06:04:56 SUCCESS
ValidateIdTokenSignatureUsingKid
id_token signature validated
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJvYVp2NklNaEw3cEZEQUtFR1gwZS1BIiwiYXVkIjpbIjk1ZmM3NDNmLTA2ODYtNGRkOS1hYTg5LTQ0YmU4M2Y2MDA1NyJdLCJhdXRoX3RpbWUiOjE2Njk2MTUyMTMsImV4cCI6MTY2OTYyMjY5NiwiaWF0IjoxNjY5NjE1NDk2LCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiI1ZWNmMjcxZi1kMWVjLTQ2ODMtOTc5OS04Yzg1YTRmZjA4NzUiLCJuYW1lIjoiSVNWIERldiIsIm5vbmNlIjoiSXJvSnh0UklmViIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NjE1NDkxLCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoibnA2dWs3Q2ltUFpPMWc2a0ZnajZ4ZyIsInNfaGFzaCI6Inhad1lrUzllVy1CYzZVZG5jQUxoLVEiLCJzdWIiOiI2MTYwMDE3TjY3In0.ZgsZFj5k4Bni2Qk9mtuJ42mfI7Yy_vXDDbiEQyxvb1IMltyAI3fF4KkLh4pAVoKTBlx_drVQmDFtk_I24PZm5_L4dZCSjjX2-w6ZWr5zTuGjRDyTu3H2ro6FJdTw3gZKvm_zJXlNoGTGLZF9k-7aTx2FMRAw_qDTS5lPL4hEwlj5dptv1phzBNZCTY34OeyphLjEEvqZVDGSdbDsKGVoXt6bBkOri29j73O8o2dsjSx-qt5SpplgQLkQz_kjbE4-36xOMbthhhoKtp--pJTcjkQEPLBNEHaIipkIFaZGLxJgPBQKQJiQD_EmI9Kxx5v6onjOCLwT1l145EErx7ZoOQ
2022-11-28 06:04:56 SUCCESS
CheckForSubjectInIdToken
Found 'sub' in id_token
sub
6160017N67
2022-11-28 06:04:56
EnsureIdTokenUpdatedAtValid
id_token response does not contain 'updated_at'
2022-11-28 06:04:56 INFO
ValidateEncryptedIdTokenHasKid
Skipped evaluation due to missing required element: id_token jwe_header
path
jwe_header
mapped
object
id_token
2022-11-28 06:04:56 SUCCESS
VerifyIdTokenSubConsistentHybridFlow
authorization endpoint and token endpoint id_token have same sub
sub_auth_endpoint
6160017N67
sub_token_endpoint
6160017N67
2022-11-28 06:04:56 SUCCESS
ExtractRefreshTokenFromTokenResponse
Extracted refresh token from response
refresh_token
hzWauw2HPYA6s3QLA-0Sfqb08IZ6XhQJRsRdAlARW_Q.wcZNjE1FGx-0Z0-Tc7HpGxHOFbH-6ZJ99WOsZdKRHjjBM04_5UHFwXPhpXmp23GpFRCn_IMlNLTggkJQ7g-TAg.M18xNjY5NjE1NDk2XzE4
2022-11-28 06:04:56 SUCCESS
EnsureServerConfigurationSupportsRefreshToken
The server configuration indicates support for refresh tokens
supported_grant_types
[
  "authorization_code",
  "implicit",
  "password",
  "refresh_token",
  "client_credentials"
]
2022-11-28 06:04:56 SUCCESS
EnsureRefreshTokenContainsAllowedCharactersOnly
Refresh token does not contain any illegal characters
Refresh Token Request
2022-11-28 06:04:56 SUCCESS
CreateRefreshTokenRequest
Created token endpoint request parameters
grant_type
refresh_token
refresh_token
hzWauw2HPYA6s3QLA-0Sfqb08IZ6XhQJRsRdAlARW_Q.wcZNjE1FGx-0Z0-Tc7HpGxHOFbH-6ZJ99WOsZdKRHjjBM04_5UHFwXPhpXmp23GpFRCn_IMlNLTggkJQ7g-TAg.M18xNjY5NjE1NDk2XzE4
2022-11-28 06:04:56 SUCCESS
AddScopeToTokenEndpointRequest
Added scope of 'openid' to token endpoint request
grant_type
refresh_token
refresh_token
hzWauw2HPYA6s3QLA-0Sfqb08IZ6XhQJRsRdAlARW_Q.wcZNjE1FGx-0Z0-Tc7HpGxHOFbH-6ZJ99WOsZdKRHjjBM04_5UHFwXPhpXmp23GpFRCn_IMlNLTggkJQ7g-TAg.M18xNjY5NjE1NDk2XzE4
scope
openid
2022-11-28 06:04:56 SUCCESS
CreateClientAuthenticationAssertionClaims
Created client assertion claims
iss
95fc743f-0686-4dd9-aa89-44be83f60057
sub
95fc743f-0686-4dd9-aa89-44be83f60057
aud
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/token
jti
cZ07yGZgRfu12u3leLXB
iat
1669615496
exp
1669615556
2022-11-28 06:04:56 SUCCESS
SignClientAuthenticationAssertion
Signed the client assertion
client_assertion
eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiI5NWZjNzQzZi0wNjg2LTRkZDktYWE4OS00NGJlODNmNjAwNTciLCJhdWQiOiJodHRwczpcL1wvb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tXC9vYXV0aDJcL3Rva2VuIiwiaXNzIjoiOTVmYzc0M2YtMDY4Ni00ZGQ5LWFhODktNDRiZTgzZjYwMDU3IiwiZXhwIjoxNjY5NjE1NTU2LCJpYXQiOjE2Njk2MTU0OTYsImp0aSI6ImNaMDd5R1pnUmZ1MTJ1M2xlTFhCIn0.j9HQao94ECFzlhUrRufKLkODiF9HHkKZuNcH1izzA1EKNE5C_311hTxkqaRjGRiy9xefTyOVRIR0fIknRgh2yi-vd4Ys8Q3mVpbmf7H2Uq3wsH4WFCI7H_HT7E6LnnPIT9DhtZTfB-LUfXskA7tMnizURixQVebgYkoP1MhGev1sElif7bgjbgZ98iCF0mcTJA9wNd2CfbYqqffCUrZ2p1UN27LcXW8u4JtqtdxU9_7ptBabn4yGW7v97hNMBg0DjhLKqBHgcfwg7PAPU28yQtUNxBXXHvz6T-6mtIlULlmesrjzXfMQUmouU2BaLskOTNP05hdRU0rXdQ_XXlRRhQ
2022-11-28 06:04:56
AddClientAssertionToTokenEndpointRequest
Added client assertion
grant_type
refresh_token
refresh_token
hzWauw2HPYA6s3QLA-0Sfqb08IZ6XhQJRsRdAlARW_Q.wcZNjE1FGx-0Z0-Tc7HpGxHOFbH-6ZJ99WOsZdKRHjjBM04_5UHFwXPhpXmp23GpFRCn_IMlNLTggkJQ7g-TAg.M18xNjY5NjE1NDk2XzE4
scope
openid
client_assertion
eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiI5NWZjNzQzZi0wNjg2LTRkZDktYWE4OS00NGJlODNmNjAwNTciLCJhdWQiOiJodHRwczpcL1wvb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tXC9vYXV0aDJcL3Rva2VuIiwiaXNzIjoiOTVmYzc0M2YtMDY4Ni00ZGQ5LWFhODktNDRiZTgzZjYwMDU3IiwiZXhwIjoxNjY5NjE1NTU2LCJpYXQiOjE2Njk2MTU0OTYsImp0aSI6ImNaMDd5R1pnUmZ1MTJ1M2xlTFhCIn0.j9HQao94ECFzlhUrRufKLkODiF9HHkKZuNcH1izzA1EKNE5C_311hTxkqaRjGRiy9xefTyOVRIR0fIknRgh2yi-vd4Ys8Q3mVpbmf7H2Uq3wsH4WFCI7H_HT7E6LnnPIT9DhtZTfB-LUfXskA7tMnizURixQVebgYkoP1MhGev1sElif7bgjbgZ98iCF0mcTJA9wNd2CfbYqqffCUrZ2p1UN27LcXW8u4JtqtdxU9_7ptBabn4yGW7v97hNMBg0DjhLKqBHgcfwg7PAPU28yQtUNxBXXHvz6T-6mtIlULlmesrjzXfMQUmouU2BaLskOTNP05hdRU0rXdQ_XXlRRhQ
client_assertion_type
urn:ietf:params:oauth:client-assertion-type:jwt-bearer
2022-11-28 06:04:56 SUCCESS
WaitForOneSecond
Pausing for 1 seconds
2022-11-28 06:04:57 SUCCESS
WaitForOneSecond
Woke up after 1 seconds sleep
2022-11-28 06:04:57
CallTokenEndpointAndReturnFullResponse
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/token
request_method
POST
request_headers
{
  "accept": "application/json",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "987"
}
request_body
grant_type=refresh_token&refresh_token=hzWauw2HPYA6s3QLA-0Sfqb08IZ6XhQJRsRdAlARW_Q.wcZNjE1FGx-0Z0-Tc7HpGxHOFbH-6ZJ99WOsZdKRHjjBM04_5UHFwXPhpXmp23GpFRCn_IMlNLTggkJQ7g-TAg.M18xNjY5NjE1NDk2XzE4&scope=openid&client_assertion=eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiI5NWZjNzQzZi0wNjg2LTRkZDktYWE4OS00NGJlODNmNjAwNTciLCJhdWQiOiJodHRwczpcL1wvb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tXC9vYXV0aDJcL3Rva2VuIiwiaXNzIjoiOTVmYzc0M2YtMDY4Ni00ZGQ5LWFhODktNDRiZTgzZjYwMDU3IiwiZXhwIjoxNjY5NjE1NTU2LCJpYXQiOjE2Njk2MTU0OTYsImp0aSI6ImNaMDd5R1pnUmZ1MTJ1M2xlTFhCIn0.j9HQao94ECFzlhUrRufKLkODiF9HHkKZuNcH1izzA1EKNE5C_311hTxkqaRjGRiy9xefTyOVRIR0fIknRgh2yi-vd4Ys8Q3mVpbmf7H2Uq3wsH4WFCI7H_HT7E6LnnPIT9DhtZTfB-LUfXskA7tMnizURixQVebgYkoP1MhGev1sElif7bgjbgZ98iCF0mcTJA9wNd2CfbYqqffCUrZ2p1UN27LcXW8u4JtqtdxU9_7ptBabn4yGW7v97hNMBg0DjhLKqBHgcfwg7PAPU28yQtUNxBXXHvz6T-6mtIlULlmesrjzXfMQUmouU2BaLskOTNP05hdRU0rXdQ_XXlRRhQ&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer
2022-11-28 06:04:57 RESPONSE
CallTokenEndpointAndReturnFullResponse
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK7ad1b6f9-63aa-4136-ae04-cbdd82de58e3",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c28163844f8911b19959",
  "content-length": "1425",
  "date": "Mon, 28 Nov 2022 06:04:57 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:WOqS14bOu8lmK3mxlSGh/nNxGwk5lm/zHvgOwputSy8\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:54725591; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d600903E8E5931EE5070378D633B4F739~-1~YAAQJHYGF9Tf/ISEAQAAsLLWvAjSh3bTq7vz29F/a8ryxJkXrjPqAAHy0AEvVs9S/8pAhcxGGZe5icNwxyhQYW9F2voPkZwYvSg2EdAReJtr+/ILXjACNSDELu8dyZFJ3bP11i6I1yQE14Ft79n98+aOQardFMbFdiz+C4kcGTTKbSIyE/mCJKl6aen9wGKNCPURrPDam0AZd03qbf0Dkqr44NF/WOFMJwu0hDsYFfEwK10HU+zA6fuakwGUQpigV3brsfGl41tVfUGtixvr1gDW7SDzKJkJHARsA4xtFWsY36AEJ/oJkWCHfaO9yPTidpQLz/UfcEz8+QERg23BdZ0pV76eVTN95qhLgn/rHCQIyy8M8LS07kVH5abadlvugHL2rXg\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 06:04:57 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003dB10B6D42BD30784E120A9A9D3ED7524B~YAAQJHYGF9Xf/ISEAQAAsLLWvBHs8AATH5JCUehXuMXpoy6N0knRU26AKB40IHJk79IzksC+2ysv16svzXoiSxjBkcuUYdoFgfjMxO0FH1h2grs+roGwGbzUROFse0u8feTPlaikhFKZngdEHQ2RV03Kt+MdSiSz5dizmQ84p+ICMV9tjM18Wj8CAAVRkETZ4CctN5+rQfBpBEr7Hn3A+J0hqGaJn2IJZN4A6EE0fGeTomfP8shxY4cmTg2OR4uWNECOKsWWLpg+ZdnyCxHaQTo00STVxkoLRC6QEyvCrnVJdUpQzqMWfRyhnQkm~3225649~3223861; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 10:04:57 GMT; Max-Age\u003d14400; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d106",
    "origin; dur\u003d272"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"access_token":"mnL4sqYcv1L2qVWhTnnhVTd6tY3tfwv8tw1HpCA8iPk.NTdp-eQ8_ca2GRSJywNvkvIL2VXRs09u8vI2cfaduspWXTd1RhSJjBBtho4ONH8u7gX1k_xs56RArE9sKMRO_Q.M18xNjY5NjE1NDk3XzE4","expires_in":7200,"id_token":"eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJkZldwaFA4ckZlQzVIeFlFaFhibFhBIiwiYXVkIjpbIjk1ZmM3NDNmLTA2ODYtNGRkOS1hYTg5LTQ0YmU4M2Y2MDA1NyJdLCJhdXRoX3RpbWUiOjE2Njk2MTUyMTMsImV4cCI6MTY2OTYyMjY5NywiaWF0IjoxNjY5NjE1NDk3LCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiIyNTZlYjNjOS1kZmMxLTQwODUtYTAzNy0wNTEyOTRiN2M3OTEiLCJuYW1lIjoiSVNWIERldiIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NjE1NDkxLCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoiR1pna0lrU3d0cGRNLWp4ZGQ4TzhoQSIsInN1YiI6IjYxNjAwMTdONjcifQ.qaKyST_PvSKsCoeZVjqV8r2cBzBDm-xOo0qwe-kaWlKlA8p7LmzczWMtSr33V8fSi-yKcDlpfF75fFnO0zvFlrr73ytyOMSZRTTce-LYCD3xcBGHzdqQpRYKIgvp--Io6XrrR0P-qJrnrrtsaFoMb-umCGEZ5_RgSKq9tOkZJ0IvV9qr23owlVwKWPyYNtk-75zT-DGbJudm-lFMc-q6nO5tP5liPZE-8rrBI52NkUPS_h7MeywPmPoVVU87W5WbGZAIz3GoHYxCukyBrEsGDMBTGZtVT1VtFITATvixg40K-XoPy_EbMPJBTevZF09cc5B7MaG7MAmoewTr9ZHOGA","refresh_token":"s3NzN_6gNbArnhQXQIGeGX49oucWD78Krq-8w_hl0b0.xoIvXWy9jdl6aEO23uxRy0wXLsnqWwpBYCbAfesRJaNbuiYC-FB9zrJs8S0Pxy1B9PYNoqx4Fk4MGZiXn4w5aQ.M18xNjY5NjE1NDk3XzE4","scope":"openid","token_type":"bearer"}
2022-11-28 06:04:57 SUCCESS
CallTokenEndpointAndReturnFullResponse
Parsed token endpoint response
access_token
mnL4sqYcv1L2qVWhTnnhVTd6tY3tfwv8tw1HpCA8iPk.NTdp-eQ8_ca2GRSJywNvkvIL2VXRs09u8vI2cfaduspWXTd1RhSJjBBtho4ONH8u7gX1k_xs56RArE9sKMRO_Q.M18xNjY5NjE1NDk3XzE4
expires_in
7200
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJkZldwaFA4ckZlQzVIeFlFaFhibFhBIiwiYXVkIjpbIjk1ZmM3NDNmLTA2ODYtNGRkOS1hYTg5LTQ0YmU4M2Y2MDA1NyJdLCJhdXRoX3RpbWUiOjE2Njk2MTUyMTMsImV4cCI6MTY2OTYyMjY5NywiaWF0IjoxNjY5NjE1NDk3LCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiIyNTZlYjNjOS1kZmMxLTQwODUtYTAzNy0wNTEyOTRiN2M3OTEiLCJuYW1lIjoiSVNWIERldiIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NjE1NDkxLCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoiR1pna0lrU3d0cGRNLWp4ZGQ4TzhoQSIsInN1YiI6IjYxNjAwMTdONjcifQ.qaKyST_PvSKsCoeZVjqV8r2cBzBDm-xOo0qwe-kaWlKlA8p7LmzczWMtSr33V8fSi-yKcDlpfF75fFnO0zvFlrr73ytyOMSZRTTce-LYCD3xcBGHzdqQpRYKIgvp--Io6XrrR0P-qJrnrrtsaFoMb-umCGEZ5_RgSKq9tOkZJ0IvV9qr23owlVwKWPyYNtk-75zT-DGbJudm-lFMc-q6nO5tP5liPZE-8rrBI52NkUPS_h7MeywPmPoVVU87W5WbGZAIz3GoHYxCukyBrEsGDMBTGZtVT1VtFITATvixg40K-XoPy_EbMPJBTevZF09cc5B7MaG7MAmoewTr9ZHOGA
refresh_token
s3NzN_6gNbArnhQXQIGeGX49oucWD78Krq-8w_hl0b0.xoIvXWy9jdl6aEO23uxRy0wXLsnqWwpBYCbAfesRJaNbuiYC-FB9zrJs8S0Pxy1B9PYNoqx4Fk4MGZiXn4w5aQ.M18xNjY5NjE1NDk3XzE4
scope
openid
token_type
bearer
2022-11-28 06:04:57 SUCCESS
CheckTokenEndpointHttpStatus200
Token endpoint http status code was 200
2022-11-28 06:04:57 SUCCESS
CheckTokenEndpointReturnedJsonContentType
token_endpoint_response_headers Content-Type: header is application/json
2022-11-28 06:04:57 SUCCESS
CheckTokenEndpointCacheHeaders
'cache-control' header in token endpoint response contains expected value.
cache_control_header
no-store
2022-11-28 06:04:57 SUCCESS
CheckIfTokenEndpointResponseError
No error from token endpoint
2022-11-28 06:04:57 SUCCESS
ExtractAccessTokenFromTokenResponse
Extracted the access token
value
mnL4sqYcv1L2qVWhTnnhVTd6tY3tfwv8tw1HpCA8iPk.NTdp-eQ8_ca2GRSJywNvkvIL2VXRs09u8vI2cfaduspWXTd1RhSJjBBtho4ONH8u7gX1k_xs56RArE9sKMRO_Q.M18xNjY5NjE1NDk3XzE4
type
bearer
2022-11-28 06:04:57 SUCCESS
CheckTokenTypeIsBearer
Token type is bearer
2022-11-28 06:04:57 SUCCESS
EnsureMinimumAccessTokenEntropy
Calculated shannon entropy seems sufficient
actual
860.582219175834
expected
96.0
value
mnL4sqYcv1L2qVWhTnnhVTd6tY3tfwv8tw1HpCA8iPk.NTdp-eQ8_ca2GRSJywNvkvIL2VXRs09u8vI2cfaduspWXTd1RhSJjBBtho4ONH8u7gX1k_xs56RArE9sKMRO_Q.M18xNjY5NjE1NDk3XzE4
2022-11-28 06:04:57 SUCCESS
EnsureAccessTokenContainsAllowedCharactersOnly
Access token does not contain any illegal characters
2022-11-28 06:04:57 SUCCESS
ExtractExpiresInFromTokenEndpointResponse
Extracted 'expires_in'
expires_in
7200
2022-11-28 06:04:57 SUCCESS
ValidateExpiresIn
expires_in passed all validation checks
expires_in
7200
2022-11-28 06:04:57 SUCCESS
EnsureAccessTokenValuesAreDifferent
Access token values are not the same
first_access_token
7x5Dq0kIiremVTWn9hkp-_FU4GPj4mrZvWnFiyDQsyY._8JIhHtfJBJuaeG2iIHdnLYue3oVaeVBR3r6UXyouc8YvvqqzKScUWdfRfBS2t-gYi80BywSqhI4uaKareny6g.M18xNjY5NjE1NDk2XzE4
second_access_token
mnL4sqYcv1L2qVWhTnnhVTd6tY3tfwv8tw1HpCA8iPk.NTdp-eQ8_ca2GRSJywNvkvIL2VXRs09u8vI2cfaduspWXTd1RhSJjBBtho4ONH8u7gX1k_xs56RArE9sKMRO_Q.M18xNjY5NjE1NDk3XzE4
2022-11-28 06:04:57 SUCCESS
ExtractIdTokenFromTokenResponse
Found and parsed the id_token from token_endpoint_response
value
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJkZldwaFA4ckZlQzVIeFlFaFhibFhBIiwiYXVkIjpbIjk1ZmM3NDNmLTA2ODYtNGRkOS1hYTg5LTQ0YmU4M2Y2MDA1NyJdLCJhdXRoX3RpbWUiOjE2Njk2MTUyMTMsImV4cCI6MTY2OTYyMjY5NywiaWF0IjoxNjY5NjE1NDk3LCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiIyNTZlYjNjOS1kZmMxLTQwODUtYTAzNy0wNTEyOTRiN2M3OTEiLCJuYW1lIjoiSVNWIERldiIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NjE1NDkxLCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoiR1pna0lrU3d0cGRNLWp4ZGQ4TzhoQSIsInN1YiI6IjYxNjAwMTdONjcifQ.qaKyST_PvSKsCoeZVjqV8r2cBzBDm-xOo0qwe-kaWlKlA8p7LmzczWMtSr33V8fSi-yKcDlpfF75fFnO0zvFlrr73ytyOMSZRTTce-LYCD3xcBGHzdqQpRYKIgvp--Io6XrrR0P-qJrnrrtsaFoMb-umCGEZ5_RgSKq9tOkZJ0IvV9qr23owlVwKWPyYNtk-75zT-DGbJudm-lFMc-q6nO5tP5liPZE-8rrBI52NkUPS_h7MeywPmPoVVU87W5WbGZAIz3GoHYxCukyBrEsGDMBTGZtVT1VtFITATvixg40K-XoPy_EbMPJBTevZF09cc5B7MaG7MAmoewTr9ZHOGA
header
{
  "kid": "server",
  "alg": "RS256"
}
claims
{
  "at_hash": "dfWphP8rFeC5HxYEhXblXA",
  "sub": "6160017N67",
  "rat": 1669615491,
  "realmName": "cloudIdentityRealm",
  "amr": [
    "password"
  ],
  "iss": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "preferred_username": "isvdev@ibm.com",
  "rt_hash": "GZgkIkSwtpdM-jxdd8O8hA",
  "acr": "urn:ibm:security:policy:id:1",
  "aud": "95fc743f-0686-4dd9-aa89-44be83f60057",
  "auth_time": 1669615213,
  "name": "ISV Dev",
  "exp": 1669622697,
  "iat": 1669615497,
  "jti": "256eb3c9-dfc1-4085-a037-051294b7c791"
}
2022-11-28 06:04:57 SUCCESS
ExtractRefreshTokenFromTokenResponse
Extracted refresh token from response
refresh_token
s3NzN_6gNbArnhQXQIGeGX49oucWD78Krq-8w_hl0b0.xoIvXWy9jdl6aEO23uxRy0wXLsnqWwpBYCbAfesRJaNbuiYC-FB9zrJs8S0Pxy1B9PYNoqx4Fk4MGZiXn4w5aQ.M18xNjY5NjE1NDk3XzE4
2022-11-28 06:04:57 SUCCESS
EnsureMinimumRefreshTokenLength
Refresh token is of sufficient length
actual
1208
required
128
2022-11-28 06:04:57 SUCCESS
EnsureMinimumRefreshTokenEntropy
Calculated shannon entropy seems sufficient
actual
860.1918596502711
expected
96.0
value
s3NzN_6gNbArnhQXQIGeGX49oucWD78Krq-8w_hl0b0.xoIvXWy9jdl6aEO23uxRy0wXLsnqWwpBYCbAfesRJaNbuiYC-FB9zrJs8S0Pxy1B9PYNoqx4Fk4MGZiXn4w5aQ.M18xNjY5NjE1NDk3XzE4
2022-11-28 06:04:57 SUCCESS
CompareIdTokenClaims
Validated id token claims successfully
iss
{
  "first": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "second": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "note": "Values are expected to be equal"
}
sub
{
  "first": "6160017N67",
  "second": "6160017N67",
  "note": "Values are expected to be equal"
}
iat
{
  "first": 1669615496,
  "second": 1669615497,
  "note": "Values are expected to be different"
}
aud
{
  "first": "95fc743f-0686-4dd9-aa89-44be83f60057",
  "second": "95fc743f-0686-4dd9-aa89-44be83f60057",
  "note": "Values are expected to be equal"
}
auth_time
{
  "first": 1669615213,
  "second": 1669615213,
  "note": "Values are expected to be equal"
}
azp
Id tokens do not contain azp claims
Userinfo endpoint tests
2022-11-28 06:04:57
CallProtectedResource
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/userinfo
request_method
GET
request_headers
{
  "accept": "application/json",
  "authorization": "bearer mnL4sqYcv1L2qVWhTnnhVTd6tY3tfwv8tw1HpCA8iPk.NTdp-eQ8_ca2GRSJywNvkvIL2VXRs09u8vI2cfaduspWXTd1RhSJjBBtho4ONH8u7gX1k_xs56RArE9sKMRO_Q.M18xNjY5NjE1NDk3XzE4",
  "content-length": "0"
}
request_body

                                
2022-11-28 06:04:58 RESPONSE
CallProtectedResource
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AKb8218afb-40d9-4e3c-a3b8-da75a0fe59a0",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c28163844f8a375feeb1",
  "content-length": "324",
  "date": "Mon, 28 Nov 2022 06:04:58 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:G4I2lqFiwcFvhrVsEITUZuGeADiJg5fZCqqWTxGjwcY\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:54725591; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d41D558DA812E185467917C144AE9F5CA~-1~YAAQJHYGF/Df/ISEAQAADLTWvAgN3F6HQdvypd6wzU/ImwYABH4ROMA+g8rJ7Ih7mFLNR+mnIccj96GXMuqkNpjj1XvFyAszOiPMUoeDBfsH07ysS1tVCEgAaKQVfJ1hpLByGQXahWKoEzIe6KO/w6X4JXJGk/uzq+16SfVcgbGTi/B6KUJ/E4gKhm3TQL+KLjdzRfOSA3s+3D7IZoIgTMnCzwpOkUZXOzGRMvufA62hBqnAQy0Aa4ZSaHJHW9s6MnpsZ8/oh+BjBuFOR0BQ3cwC850O/IRo4XL9Ef5yPzdjdZ/GWrxMUU2COHqIqz7KVX/nNlff1vOg4iq7NGLmGzF1a4UPBIk7Jtw896hZwItY8+mWe4qlEJoIQPQTI6OAzivMoHY\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 06:04:58 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003dEA6C3E99EB0D7EAD8560A4A317D7387C~YAAQJHYGF/Hf/ISEAQAADLTWvBG0QJIiv/T4a8md+ImjSuYfHeXD0bDWko0M8FyZKoRZYzlKB+imx2YqlGlCUKmI/aVl0o+5p/1OlCc2SjxbaIJsVGXrUAeNfIfZATuv34QvF3ZfD+EwrLeM0IoE6f/cJKhRvRe6SpgJFm87VpkD637MgT0OmMC7Fn+MSogTEP7244zrVRgKcTE1OYa22fjG/y27Etm6DPfANaqtBJJEn5Nnp77A5gtr80xvHVW93QTYmBt0T2IzLvzJXV07Zfq9yDHQhaf5gGkJY297IZwaDrfkwT2t4CtUTFkr~3225649~3223861; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 10:04:57 GMT; Max-Age\u003d14399; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d90",
    "origin; dur\u003d178"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"acr":"urn:ibm:security:policy:id:1","amr":["password"],"aud":["95fc743f-0686-4dd9-aa89-44be83f60057"],"auth_time":1669615213,"iss":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2","name":"ISV Dev","preferred_username":"isvdev@ibm.com","rat":1669615491,"realmName":"cloudIdentityRealm","sub":"6160017N67"}
2022-11-28 06:04:58 SUCCESS
CallProtectedResource
Got a response from the resource endpoint
status
200
endpoint_name
resource
headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AKb8218afb-40d9-4e3c-a3b8-da75a0fe59a0",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c28163844f8a375feeb1",
  "content-length": "324",
  "date": "Mon, 28 Nov 2022 06:04:58 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:G4I2lqFiwcFvhrVsEITUZuGeADiJg5fZCqqWTxGjwcY\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:54725591; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d41D558DA812E185467917C144AE9F5CA~-1~YAAQJHYGF/Df/ISEAQAADLTWvAgN3F6HQdvypd6wzU/ImwYABH4ROMA+g8rJ7Ih7mFLNR+mnIccj96GXMuqkNpjj1XvFyAszOiPMUoeDBfsH07ysS1tVCEgAaKQVfJ1hpLByGQXahWKoEzIe6KO/w6X4JXJGk/uzq+16SfVcgbGTi/B6KUJ/E4gKhm3TQL+KLjdzRfOSA3s+3D7IZoIgTMnCzwpOkUZXOzGRMvufA62hBqnAQy0Aa4ZSaHJHW9s6MnpsZ8/oh+BjBuFOR0BQ3cwC850O/IRo4XL9Ef5yPzdjdZ/GWrxMUU2COHqIqz7KVX/nNlff1vOg4iq7NGLmGzF1a4UPBIk7Jtw896hZwItY8+mWe4qlEJoIQPQTI6OAzivMoHY\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 06:04:58 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003dEA6C3E99EB0D7EAD8560A4A317D7387C~YAAQJHYGF/Hf/ISEAQAADLTWvBG0QJIiv/T4a8md+ImjSuYfHeXD0bDWko0M8FyZKoRZYzlKB+imx2YqlGlCUKmI/aVl0o+5p/1OlCc2SjxbaIJsVGXrUAeNfIfZATuv34QvF3ZfD+EwrLeM0IoE6f/cJKhRvRe6SpgJFm87VpkD637MgT0OmMC7Fn+MSogTEP7244zrVRgKcTE1OYa22fjG/y27Etm6DPfANaqtBJJEn5Nnp77A5gtr80xvHVW93QTYmBt0T2IzLvzJXV07Zfq9yDHQhaf5gGkJY297IZwaDrfkwT2t4CtUTFkr~3225649~3223861; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 10:04:57 GMT; Max-Age\u003d14399; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d90",
    "origin; dur\u003d178"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
body
{"acr":"urn:ibm:security:policy:id:1","amr":["password"],"aud":["95fc743f-0686-4dd9-aa89-44be83f60057"],"auth_time":1669615213,"iss":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2","name":"ISV Dev","preferred_username":"isvdev@ibm.com","rat":1669615491,"realmName":"cloudIdentityRealm","sub":"6160017N67"}
2022-11-28 06:04:58 SUCCESS
EnsureHttpStatusCodeIs200
resource endpoint returned the expected http status
expected_status
200
http_status
200
Second client: Make request to authorization endpoint
2022-11-28 06:04:58 SUCCESS
CreateAuthorizationEndpointRequestFromClientInformation
Created authorization endpoint request
client_id
5a1f7223-02dd-4e06-95d5-0d8edaf7ea67
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
scope
openid
2022-11-28 06:04:58
CreateRandomStateValue
Created state value
requested_state_length
10
state
IYznR7Bcbm
2022-11-28 06:04:58 SUCCESS
AddStateToAuthorizationEndpointRequest
Added state parameter to request
client_id
5a1f7223-02dd-4e06-95d5-0d8edaf7ea67
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
scope
openid
state
IYznR7Bcbm
2022-11-28 06:04:58
CreateRandomNonceValue
Created nonce value
requested_nonce_length
10
nonce
7vodnWxcH0
2022-11-28 06:04:58 SUCCESS
AddNonceToAuthorizationEndpointRequest
Added nonce parameter to request
client_id
5a1f7223-02dd-4e06-95d5-0d8edaf7ea67
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
scope
openid
state
IYznR7Bcbm
nonce
7vodnWxcH0
2022-11-28 06:04:58 SUCCESS
SetAuthorizationEndpointRequestResponseTypeFromEnvironment
Added response_type parameter to request
client_id
5a1f7223-02dd-4e06-95d5-0d8edaf7ea67
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
scope
openid
state
IYznR7Bcbm
nonce
7vodnWxcH0
response_type
code id_token token
2022-11-28 06:04:58 SUCCESS
AddPromptConsentToAuthorizationEndpointRequestIfScopeContainsOfflineAccess
Not adding prompt=consent as the scope in the configuration does not contain offline_access
2022-11-28 06:04:58 SUCCESS
BuildPlainRedirectToAuthorizationEndpoint
Sending to authorization endpoint
auth_request
{
  "client_id": "5a1f7223-02dd-4e06-95d5-0d8edaf7ea67",
  "redirect_uri": "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback",
  "scope": "openid",
  "state": "IYznR7Bcbm",
  "nonce": "7vodnWxcH0",
  "response_type": "code id_token token"
}
redirect_to_authorization_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/authorize?client_id=5a1f7223-02dd-4e06-95d5-0d8edaf7ea67&redirect_uri=https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback&scope=openid&state=IYznR7Bcbm&nonce=7vodnWxcH0&response_type=code%20id_token%20token
2022-11-28 06:04:58 REDIRECT
oidcc-refresh-token
Redirecting to authorization endpoint
redirect_to
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/authorize?client_id=5a1f7223-02dd-4e06-95d5-0d8edaf7ea67&redirect_uri=https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback&scope=openid&state=IYznR7Bcbm&nonce=7vodnWxcH0&response_type=code%20id_token%20token
2022-11-28 06:05:03 INCOMING
oidcc-refresh-token
Incoming HTTP request to /test/a/isv_op_oidc_core_test/callback
incoming_headers
{
  "host": "www.certification.openid.net",
  "cache-control": "max-age\u003d0",
  "upgrade-insecure-requests": "1",
  "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,image/avif,image/webp,image/apng,*/*;q\u003d0.8,application/signed-exchange;v\u003db3;q\u003d0.9",
  "sec-fetch-site": "cross-site",
  "sec-fetch-mode": "navigate",
  "sec-fetch-user": "?1",
  "sec-fetch-dest": "document",
  "sec-ch-ua": "\"Google Chrome\";v\u003d\"107\", \"Chromium\";v\u003d\"107\", \"Not\u003dA?Brand\";v\u003d\"24\"",
  "sec-ch-ua-mobile": "?0",
  "sec-ch-ua-platform": "\"Windows\"",
  "referer": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-US,en;q\u003d0.9,zh-CN;q\u003d0.8,zh;q\u003d0.7",
  "cookie": "__utmc\u003d201319536; __utma\u003d201319536.1094656506.1667372526.1669192421.1669574146.18; __utmz\u003d201319536.1669574146.18.4.utmcsr\u003dgoogle|utmccn\u003d(organic)|utmcmd\u003dorganic|utmctr\u003d(not%20provided); JSESSIONID\u003d3F138883B59A4562B9987C6E0F96FA4F",
  "connection": "close"
}
incoming_path
/test/a/isv_op_oidc_core_test/callback
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cert
incoming_query_string_params
{}
incoming_body
incoming_tls_chain
[
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL"
]
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_body_json
2022-11-28 06:05:03 SUCCESS
CreateRandomImplicitSubmitUrl
Created random implicit submission URL
implicit_submit
{
  "path": "implicit/Wm04DhuRZl87j7mM2BFo",
  "fullUrl": "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/implicit/Wm04DhuRZl87j7mM2BFo"
}
2022-11-28 06:05:03 OUTGOING
oidcc-refresh-token
Response to HTTP request to test instance f6CpQWzGZW3ohvI
outgoing
ModelAndView [view="implicitCallback"; model={implicitSubmitUrl=https://www.certification.openid.net/test/a/isv_op_oidc_core_test/implicit/Wm04DhuRZl87j7mM2BFo, returnUrl=/log-detail.html?log=f6CpQWzGZW3ohvI}]
outgoing_path
callback
2022-11-28 06:05:03 INCOMING
oidcc-refresh-token
Incoming HTTP request to /test/a/isv_op_oidc_core_test/implicit/Wm04DhuRZl87j7mM2BFo
incoming_headers
{
  "host": "www.certification.openid.net",
  "sec-ch-ua": "\"Google Chrome\";v\u003d\"107\", \"Chromium\";v\u003d\"107\", \"Not\u003dA?Brand\";v\u003d\"24\"",
  "accept": "*/*",
  "content-type": "text/plain",
  "x-requested-with": "XMLHttpRequest",
  "sec-ch-ua-mobile": "?0",
  "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36",
  "sec-ch-ua-platform": "\"Windows\"",
  "origin": "https://www.certification.openid.net",
  "sec-fetch-site": "same-origin",
  "sec-fetch-mode": "cors",
  "sec-fetch-dest": "empty",
  "referer": "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-US,en;q\u003d0.9,zh-CN;q\u003d0.8,zh;q\u003d0.7",
  "cookie": "__utmc\u003d201319536; __utma\u003d201319536.1094656506.1667372526.1669192421.1669574146.18; __utmz\u003d201319536.1669574146.18.4.utmcsr\u003dgoogle|utmccn\u003d(organic)|utmcmd\u003dorganic|utmctr\u003d(not%20provided); JSESSIONID\u003d3F138883B59A4562B9987C6E0F96FA4F",
  "connection": "close",
  "content-length": "1537"
}
incoming_path
/test/a/isv_op_oidc_core_test/implicit/Wm04DhuRZl87j7mM2BFo
incoming_body_form_params
incoming_method
POST
incoming_tls_version
TLSv1.2
incoming_tls_cert
incoming_query_string_params
{}
incoming_body
#access_token=1dHqqBjbdQUjnGTmxweKvqnnD2u22grd_kIInJEBzxo.w768i8kx1Cne-G_5dT5ewinXCf9EBitStCoytKGXT7lDcDM7T2SlgDYgpeaDl_Y-s0tOCoo266Cz_rKOxTMB3g.M18xNjY5NjE1NTAyXzE4&code=_jOggXQPN7IYyrcy_Ym4rlC07rRiIOEXp0R1r72-D5Y.MXJ2C98xv9pwYhO3V7RB2wpvD_ycebsLFqw_y-QsrMZfIwQkO3fGjghtHxxAzTpaTcCkIr-3ksv-cOFhRoeuqA&expires_in=7200&id_token=eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiI0clg0dXdkSG5TYmVkdk5yaVFud293IiwiYXVkIjpbIjVhMWY3MjIzLTAyZGQtNGUwNi05NWQ1LTBkOGVkYWY3ZWE2NyJdLCJhdXRoX3RpbWUiOjE2Njk2MTUyMTMsImNfaGFzaCI6Ikd5anM5UWJmRU5sUXFYTkdQYXQtQWciLCJleHAiOjE2Njk2MjI3MDIsImlhdCI6MTY2OTYxNTUwMiwiaXNzIjoiaHR0cHM6Ly9vaWRjLWNvbmZvcm1hbmNlLnJlbC52ZXJpZnkuaWJtY2xvdWRzZWN1cml0eS5jb20vb2F1dGgyIiwianRpIjoiOTgzMjZmYjYtZWQ5Yi00Y2YwLWI5NjgtMTQ2MmE1NDMwZTYyIiwibmFtZSI6IklTViBEZXYiLCJub25jZSI6Ijd2b2RuV3hjSDAiLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJpc3ZkZXZAaWJtLmNvbSIsInJhdCI6MTY2OTYxNTUwMCwicmVhbG1OYW1lIjoiY2xvdWRJZGVudGl0eVJlYWxtIiwic19oYXNoIjoiVXh6WUtXTy1SZFBsbU1fQXpZeUJtdyIsInN1YiI6IjYxNjAwMTdONjcifQ.khDK75vB55YeA0qw-17nXFiomea-HBC_afOcOLN8qJrJ63LyMgPBxbVwL76lnMoQeJe5G9tlrzCtbMPllfmziHJOhbFFqyHULK6xiBVjK2H_FHgq5buIdfkGrn9eLB9Ld37nHbXRldenHbUgbuJzltVc71d4J1yguoS4xQCJtbxv2sThqumRqRQyV9PZmk7pe-093yiFfJF_D2ekuAjp3l1e3ynoWB9pa-TEv4vSwfYBUpFS8UnZA_lAjBrz_FLQTFTR-K0sjl3Eg-NDfI_U--lvfz6ziGmIcChNO2K2djJG5DjVEwizGtTiluyfeQ5HN6nqRhDdd9TjublO4XmoAA&iss=https%3A%2F%2Foidc-conformance.rel.verify.ibmcloudsecurity.com%2Foauth2&scope=openid&state=IYznR7Bcbm&token_type=bearer
incoming_tls_chain
[
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL"
]
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_body_json
2022-11-28 06:05:03 OUTGOING
oidcc-refresh-token
Response to HTTP request to test instance f6CpQWzGZW3ohvI
outgoing_status_code
204
outgoing_headers
{}
outgoing_body

                                
outgoing_path
implicit/Wm04DhuRZl87j7mM2BFo
2022-11-28 06:05:03
ExtractImplicitHashToCallbackResponse
Extracted response from URL fragment
parameters
[
  {
    "name": "access_token",
    "value": "1dHqqBjbdQUjnGTmxweKvqnnD2u22grd_kIInJEBzxo.w768i8kx1Cne-G_5dT5ewinXCf9EBitStCoytKGXT7lDcDM7T2SlgDYgpeaDl_Y-s0tOCoo266Cz_rKOxTMB3g.M18xNjY5NjE1NTAyXzE4"
  },
  {
    "name": "code",
    "value": "_jOggXQPN7IYyrcy_Ym4rlC07rRiIOEXp0R1r72-D5Y.MXJ2C98xv9pwYhO3V7RB2wpvD_ycebsLFqw_y-QsrMZfIwQkO3fGjghtHxxAzTpaTcCkIr-3ksv-cOFhRoeuqA"
  },
  {
    "name": "expires_in",
    "value": "7200"
  },
  {
    "name": "id_token",
    "value": "eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiI0clg0dXdkSG5TYmVkdk5yaVFud293IiwiYXVkIjpbIjVhMWY3MjIzLTAyZGQtNGUwNi05NWQ1LTBkOGVkYWY3ZWE2NyJdLCJhdXRoX3RpbWUiOjE2Njk2MTUyMTMsImNfaGFzaCI6Ikd5anM5UWJmRU5sUXFYTkdQYXQtQWciLCJleHAiOjE2Njk2MjI3MDIsImlhdCI6MTY2OTYxNTUwMiwiaXNzIjoiaHR0cHM6Ly9vaWRjLWNvbmZvcm1hbmNlLnJlbC52ZXJpZnkuaWJtY2xvdWRzZWN1cml0eS5jb20vb2F1dGgyIiwianRpIjoiOTgzMjZmYjYtZWQ5Yi00Y2YwLWI5NjgtMTQ2MmE1NDMwZTYyIiwibmFtZSI6IklTViBEZXYiLCJub25jZSI6Ijd2b2RuV3hjSDAiLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJpc3ZkZXZAaWJtLmNvbSIsInJhdCI6MTY2OTYxNTUwMCwicmVhbG1OYW1lIjoiY2xvdWRJZGVudGl0eVJlYWxtIiwic19oYXNoIjoiVXh6WUtXTy1SZFBsbU1fQXpZeUJtdyIsInN1YiI6IjYxNjAwMTdONjcifQ.khDK75vB55YeA0qw-17nXFiomea-HBC_afOcOLN8qJrJ63LyMgPBxbVwL76lnMoQeJe5G9tlrzCtbMPllfmziHJOhbFFqyHULK6xiBVjK2H_FHgq5buIdfkGrn9eLB9Ld37nHbXRldenHbUgbuJzltVc71d4J1yguoS4xQCJtbxv2sThqumRqRQyV9PZmk7pe-093yiFfJF_D2ekuAjp3l1e3ynoWB9pa-TEv4vSwfYBUpFS8UnZA_lAjBrz_FLQTFTR-K0sjl3Eg-NDfI_U--lvfz6ziGmIcChNO2K2djJG5DjVEwizGtTiluyfeQ5HN6nqRhDdd9TjublO4XmoAA"
  },
  {
    "name": "iss",
    "value": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2"
  },
  {
    "name": "scope",
    "value": "openid"
  },
  {
    "name": "state",
    "value": "IYznR7Bcbm"
  },
  {
    "name": "token_type",
    "value": "bearer"
  }
]
2022-11-28 06:05:03 SUCCESS
ExtractImplicitHashToCallbackResponse
Extracted the hash values
access_token
1dHqqBjbdQUjnGTmxweKvqnnD2u22grd_kIInJEBzxo.w768i8kx1Cne-G_5dT5ewinXCf9EBitStCoytKGXT7lDcDM7T2SlgDYgpeaDl_Y-s0tOCoo266Cz_rKOxTMB3g.M18xNjY5NjE1NTAyXzE4
code
_jOggXQPN7IYyrcy_Ym4rlC07rRiIOEXp0R1r72-D5Y.MXJ2C98xv9pwYhO3V7RB2wpvD_ycebsLFqw_y-QsrMZfIwQkO3fGjghtHxxAzTpaTcCkIr-3ksv-cOFhRoeuqA
expires_in
7200
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiI0clg0dXdkSG5TYmVkdk5yaVFud293IiwiYXVkIjpbIjVhMWY3MjIzLTAyZGQtNGUwNi05NWQ1LTBkOGVkYWY3ZWE2NyJdLCJhdXRoX3RpbWUiOjE2Njk2MTUyMTMsImNfaGFzaCI6Ikd5anM5UWJmRU5sUXFYTkdQYXQtQWciLCJleHAiOjE2Njk2MjI3MDIsImlhdCI6MTY2OTYxNTUwMiwiaXNzIjoiaHR0cHM6Ly9vaWRjLWNvbmZvcm1hbmNlLnJlbC52ZXJpZnkuaWJtY2xvdWRzZWN1cml0eS5jb20vb2F1dGgyIiwianRpIjoiOTgzMjZmYjYtZWQ5Yi00Y2YwLWI5NjgtMTQ2MmE1NDMwZTYyIiwibmFtZSI6IklTViBEZXYiLCJub25jZSI6Ijd2b2RuV3hjSDAiLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJpc3ZkZXZAaWJtLmNvbSIsInJhdCI6MTY2OTYxNTUwMCwicmVhbG1OYW1lIjoiY2xvdWRJZGVudGl0eVJlYWxtIiwic19oYXNoIjoiVXh6WUtXTy1SZFBsbU1fQXpZeUJtdyIsInN1YiI6IjYxNjAwMTdONjcifQ.khDK75vB55YeA0qw-17nXFiomea-HBC_afOcOLN8qJrJ63LyMgPBxbVwL76lnMoQeJe5G9tlrzCtbMPllfmziHJOhbFFqyHULK6xiBVjK2H_FHgq5buIdfkGrn9eLB9Ld37nHbXRldenHbUgbuJzltVc71d4J1yguoS4xQCJtbxv2sThqumRqRQyV9PZmk7pe-093yiFfJF_D2ekuAjp3l1e3ynoWB9pa-TEv4vSwfYBUpFS8UnZA_lAjBrz_FLQTFTR-K0sjl3Eg-NDfI_U--lvfz6ziGmIcChNO2K2djJG5DjVEwizGtTiluyfeQ5HN6nqRhDdd9TjublO4XmoAA
iss
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2
scope
openid
state
IYznR7Bcbm
token_type
bearer
2022-11-28 06:05:03 REDIRECT-IN
oidcc-refresh-token
Authorization endpoint response captured
url_query
{}
headers
{
  "host": "www.certification.openid.net",
  "cache-control": "max-age\u003d0",
  "upgrade-insecure-requests": "1",
  "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,image/avif,image/webp,image/apng,*/*;q\u003d0.8,application/signed-exchange;v\u003db3;q\u003d0.9",
  "sec-fetch-site": "cross-site",
  "sec-fetch-mode": "navigate",
  "sec-fetch-user": "?1",
  "sec-fetch-dest": "document",
  "sec-ch-ua": "\"Google Chrome\";v\u003d\"107\", \"Chromium\";v\u003d\"107\", \"Not\u003dA?Brand\";v\u003d\"24\"",
  "sec-ch-ua-mobile": "?0",
  "sec-ch-ua-platform": "\"Windows\"",
  "referer": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-US,en;q\u003d0.9,zh-CN;q\u003d0.8,zh;q\u003d0.7",
  "cookie": "__utmc\u003d201319536; __utma\u003d201319536.1094656506.1667372526.1669192421.1669574146.18; __utmz\u003d201319536.1669574146.18.4.utmcsr\u003dgoogle|utmccn\u003d(organic)|utmcmd\u003dorganic|utmctr\u003d(not%20provided); JSESSIONID\u003d3F138883B59A4562B9987C6E0F96FA4F",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "x-forwarded-proto": "https",
  "x-forwarded-port": "443",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
http_method
GET
url_fragment
{
  "access_token": "1dHqqBjbdQUjnGTmxweKvqnnD2u22grd_kIInJEBzxo.w768i8kx1Cne-G_5dT5ewinXCf9EBitStCoytKGXT7lDcDM7T2SlgDYgpeaDl_Y-s0tOCoo266Cz_rKOxTMB3g.M18xNjY5NjE1NTAyXzE4",
  "code": "_jOggXQPN7IYyrcy_Ym4rlC07rRiIOEXp0R1r72-D5Y.MXJ2C98xv9pwYhO3V7RB2wpvD_ycebsLFqw_y-QsrMZfIwQkO3fGjghtHxxAzTpaTcCkIr-3ksv-cOFhRoeuqA",
  "expires_in": "7200",
  "id_token": "eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiI0clg0dXdkSG5TYmVkdk5yaVFud293IiwiYXVkIjpbIjVhMWY3MjIzLTAyZGQtNGUwNi05NWQ1LTBkOGVkYWY3ZWE2NyJdLCJhdXRoX3RpbWUiOjE2Njk2MTUyMTMsImNfaGFzaCI6Ikd5anM5UWJmRU5sUXFYTkdQYXQtQWciLCJleHAiOjE2Njk2MjI3MDIsImlhdCI6MTY2OTYxNTUwMiwiaXNzIjoiaHR0cHM6Ly9vaWRjLWNvbmZvcm1hbmNlLnJlbC52ZXJpZnkuaWJtY2xvdWRzZWN1cml0eS5jb20vb2F1dGgyIiwianRpIjoiOTgzMjZmYjYtZWQ5Yi00Y2YwLWI5NjgtMTQ2MmE1NDMwZTYyIiwibmFtZSI6IklTViBEZXYiLCJub25jZSI6Ijd2b2RuV3hjSDAiLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJpc3ZkZXZAaWJtLmNvbSIsInJhdCI6MTY2OTYxNTUwMCwicmVhbG1OYW1lIjoiY2xvdWRJZGVudGl0eVJlYWxtIiwic19oYXNoIjoiVXh6WUtXTy1SZFBsbU1fQXpZeUJtdyIsInN1YiI6IjYxNjAwMTdONjcifQ.khDK75vB55YeA0qw-17nXFiomea-HBC_afOcOLN8qJrJ63LyMgPBxbVwL76lnMoQeJe5G9tlrzCtbMPllfmziHJOhbFFqyHULK6xiBVjK2H_FHgq5buIdfkGrn9eLB9Ld37nHbXRldenHbUgbuJzltVc71d4J1yguoS4xQCJtbxv2sThqumRqRQyV9PZmk7pe-093yiFfJF_D2ekuAjp3l1e3ynoWB9pa-TEv4vSwfYBUpFS8UnZA_lAjBrz_FLQTFTR-K0sjl3Eg-NDfI_U--lvfz6ziGmIcChNO2K2djJG5DjVEwizGtTiluyfeQ5HN6nqRhDdd9TjublO4XmoAA",
  "iss": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "scope": "openid",
  "state": "IYznR7Bcbm",
  "token_type": "bearer"
}
post_body
Second client: Verify authorization endpoint response
2022-11-28 06:05:03 SUCCESS
RejectAuthCodeInUrlQuery
Authorization code is not present in URL query returned from authorization endpoint
2022-11-28 06:05:03 SUCCESS
RejectErrorInUrlQuery
'error' is not present in URL query returned from authorization endpoint
2022-11-28 06:05:03 SUCCESS
CheckMatchingCallbackParameters
Callback parameters successfully verified
2022-11-28 06:05:03 SUCCESS
ValidateIssInAuthorizationResponse
'iss' parameter in authorization response matches server's issuer value.
2022-11-28 06:05:03 SUCCESS
CheckIfAuthorizationEndpointError
No error from authorization endpoint
2022-11-28 06:05:03 SUCCESS
CheckStateInAuthorizationResponse
State in response correctly returned
state
IYznR7Bcbm
2022-11-28 06:05:03 SUCCESS
ExtractAuthorizationCodeFromAuthorizationResponse
Found authorization code
code
_jOggXQPN7IYyrcy_Ym4rlC07rRiIOEXp0R1r72-D5Y.MXJ2C98xv9pwYhO3V7RB2wpvD_ycebsLFqw_y-QsrMZfIwQkO3fGjghtHxxAzTpaTcCkIr-3ksv-cOFhRoeuqA
2022-11-28 06:05:03 SUCCESS
ExtractAccessTokenFromAuthorizationResponse
Extracted the access token
value
1dHqqBjbdQUjnGTmxweKvqnnD2u22grd_kIInJEBzxo.w768i8kx1Cne-G_5dT5ewinXCf9EBitStCoytKGXT7lDcDM7T2SlgDYgpeaDl_Y-s0tOCoo266Cz_rKOxTMB3g.M18xNjY5NjE1NTAyXzE4
type
bearer
2022-11-28 06:05:03 SUCCESS
ExtractIdTokenFromAuthorizationResponse
Found and parsed the id_token from authorization_endpoint_response
value
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiI0clg0dXdkSG5TYmVkdk5yaVFud293IiwiYXVkIjpbIjVhMWY3MjIzLTAyZGQtNGUwNi05NWQ1LTBkOGVkYWY3ZWE2NyJdLCJhdXRoX3RpbWUiOjE2Njk2MTUyMTMsImNfaGFzaCI6Ikd5anM5UWJmRU5sUXFYTkdQYXQtQWciLCJleHAiOjE2Njk2MjI3MDIsImlhdCI6MTY2OTYxNTUwMiwiaXNzIjoiaHR0cHM6Ly9vaWRjLWNvbmZvcm1hbmNlLnJlbC52ZXJpZnkuaWJtY2xvdWRzZWN1cml0eS5jb20vb2F1dGgyIiwianRpIjoiOTgzMjZmYjYtZWQ5Yi00Y2YwLWI5NjgtMTQ2MmE1NDMwZTYyIiwibmFtZSI6IklTViBEZXYiLCJub25jZSI6Ijd2b2RuV3hjSDAiLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJpc3ZkZXZAaWJtLmNvbSIsInJhdCI6MTY2OTYxNTUwMCwicmVhbG1OYW1lIjoiY2xvdWRJZGVudGl0eVJlYWxtIiwic19oYXNoIjoiVXh6WUtXTy1SZFBsbU1fQXpZeUJtdyIsInN1YiI6IjYxNjAwMTdONjcifQ.khDK75vB55YeA0qw-17nXFiomea-HBC_afOcOLN8qJrJ63LyMgPBxbVwL76lnMoQeJe5G9tlrzCtbMPllfmziHJOhbFFqyHULK6xiBVjK2H_FHgq5buIdfkGrn9eLB9Ld37nHbXRldenHbUgbuJzltVc71d4J1yguoS4xQCJtbxv2sThqumRqRQyV9PZmk7pe-093yiFfJF_D2ekuAjp3l1e3ynoWB9pa-TEv4vSwfYBUpFS8UnZA_lAjBrz_FLQTFTR-K0sjl3Eg-NDfI_U--lvfz6ziGmIcChNO2K2djJG5DjVEwizGtTiluyfeQ5HN6nqRhDdd9TjublO4XmoAA
header
{
  "kid": "server",
  "alg": "RS256"
}
claims
{
  "at_hash": "4rX4uwdHnSbedvNriQnwow",
  "sub": "6160017N67",
  "rat": 1669615500,
  "realmName": "cloudIdentityRealm",
  "amr": [
    "password"
  ],
  "iss": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "preferred_username": "isvdev@ibm.com",
  "nonce": "7vodnWxcH0",
  "acr": "urn:ibm:security:policy:id:1",
  "aud": "5a1f7223-02dd-4e06-95d5-0d8edaf7ea67",
  "c_hash": "Gyjs9QbfENlQqXNGPat-Ag",
  "s_hash": "UxzYKWO-RdPlmM_AzYyBmw",
  "auth_time": 1669615213,
  "name": "ISV Dev",
  "exp": 1669622702,
  "iat": 1669615502,
  "jti": "98326fb6-ed9b-4cf0-b968-1462a5430e62"
}
2022-11-28 06:05:03 SUCCESS
ValidateIdToken
ID token iss, aud, exp, iat, auth_time, acr & nbf claims passed validation checks
2022-11-28 06:05:03
ValidateIdTokenStandardClaims
sub is a string with content
2022-11-28 06:05:03
ValidateIdTokenStandardClaims
Skipping unknown claim: rat
2022-11-28 06:05:03
ValidateIdTokenStandardClaims
Skipping unknown claim: realmName
2022-11-28 06:05:03
ValidateIdTokenStandardClaims
preferred_username is a string with content
2022-11-28 06:05:03
ValidateIdTokenStandardClaims
name is a string with content
2022-11-28 06:05:03 SUCCESS
ValidateIdTokenStandardClaims
id_token claims are valid
2022-11-28 06:05:03 SUCCESS
ValidateIdTokenNonce
Nonce values match
nonce
7vodnWxcH0
2022-11-28 06:05:03 SUCCESS
ValidateIdTokenACRClaimAgainstRequest
Nothing to check; the conformance suite did not request an acr claim in request object
2022-11-28 06:05:03 SUCCESS
ValidateIdTokenSignature
id_token signature validated
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiI0clg0dXdkSG5TYmVkdk5yaVFud293IiwiYXVkIjpbIjVhMWY3MjIzLTAyZGQtNGUwNi05NWQ1LTBkOGVkYWY3ZWE2NyJdLCJhdXRoX3RpbWUiOjE2Njk2MTUyMTMsImNfaGFzaCI6Ikd5anM5UWJmRU5sUXFYTkdQYXQtQWciLCJleHAiOjE2Njk2MjI3MDIsImlhdCI6MTY2OTYxNTUwMiwiaXNzIjoiaHR0cHM6Ly9vaWRjLWNvbmZvcm1hbmNlLnJlbC52ZXJpZnkuaWJtY2xvdWRzZWN1cml0eS5jb20vb2F1dGgyIiwianRpIjoiOTgzMjZmYjYtZWQ5Yi00Y2YwLWI5NjgtMTQ2MmE1NDMwZTYyIiwibmFtZSI6IklTViBEZXYiLCJub25jZSI6Ijd2b2RuV3hjSDAiLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJpc3ZkZXZAaWJtLmNvbSIsInJhdCI6MTY2OTYxNTUwMCwicmVhbG1OYW1lIjoiY2xvdWRJZGVudGl0eVJlYWxtIiwic19oYXNoIjoiVXh6WUtXTy1SZFBsbU1fQXpZeUJtdyIsInN1YiI6IjYxNjAwMTdONjcifQ.khDK75vB55YeA0qw-17nXFiomea-HBC_afOcOLN8qJrJ63LyMgPBxbVwL76lnMoQeJe5G9tlrzCtbMPllfmziHJOhbFFqyHULK6xiBVjK2H_FHgq5buIdfkGrn9eLB9Ld37nHbXRldenHbUgbuJzltVc71d4J1yguoS4xQCJtbxv2sThqumRqRQyV9PZmk7pe-093yiFfJF_D2ekuAjp3l1e3ynoWB9pa-TEv4vSwfYBUpFS8UnZA_lAjBrz_FLQTFTR-K0sjl3Eg-NDfI_U--lvfz6ziGmIcChNO2K2djJG5DjVEwizGtTiluyfeQ5HN6nqRhDdd9TjublO4XmoAA
2022-11-28 06:05:03 SUCCESS
ValidateIdTokenSignatureUsingKid
id_token signature validated
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiI0clg0dXdkSG5TYmVkdk5yaVFud293IiwiYXVkIjpbIjVhMWY3MjIzLTAyZGQtNGUwNi05NWQ1LTBkOGVkYWY3ZWE2NyJdLCJhdXRoX3RpbWUiOjE2Njk2MTUyMTMsImNfaGFzaCI6Ikd5anM5UWJmRU5sUXFYTkdQYXQtQWciLCJleHAiOjE2Njk2MjI3MDIsImlhdCI6MTY2OTYxNTUwMiwiaXNzIjoiaHR0cHM6Ly9vaWRjLWNvbmZvcm1hbmNlLnJlbC52ZXJpZnkuaWJtY2xvdWRzZWN1cml0eS5jb20vb2F1dGgyIiwianRpIjoiOTgzMjZmYjYtZWQ5Yi00Y2YwLWI5NjgtMTQ2MmE1NDMwZTYyIiwibmFtZSI6IklTViBEZXYiLCJub25jZSI6Ijd2b2RuV3hjSDAiLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJpc3ZkZXZAaWJtLmNvbSIsInJhdCI6MTY2OTYxNTUwMCwicmVhbG1OYW1lIjoiY2xvdWRJZGVudGl0eVJlYWxtIiwic19oYXNoIjoiVXh6WUtXTy1SZFBsbU1fQXpZeUJtdyIsInN1YiI6IjYxNjAwMTdONjcifQ.khDK75vB55YeA0qw-17nXFiomea-HBC_afOcOLN8qJrJ63LyMgPBxbVwL76lnMoQeJe5G9tlrzCtbMPllfmziHJOhbFFqyHULK6xiBVjK2H_FHgq5buIdfkGrn9eLB9Ld37nHbXRldenHbUgbuJzltVc71d4J1yguoS4xQCJtbxv2sThqumRqRQyV9PZmk7pe-093yiFfJF_D2ekuAjp3l1e3ynoWB9pa-TEv4vSwfYBUpFS8UnZA_lAjBrz_FLQTFTR-K0sjl3Eg-NDfI_U--lvfz6ziGmIcChNO2K2djJG5DjVEwizGtTiluyfeQ5HN6nqRhDdd9TjublO4XmoAA
2022-11-28 06:05:03 SUCCESS
CheckForSubjectInIdToken
Found 'sub' in id_token
sub
6160017N67
2022-11-28 06:05:03
EnsureIdTokenUpdatedAtValid
id_token response does not contain 'updated_at'
2022-11-28 06:05:03 INFO
ValidateEncryptedIdTokenHasKid
Skipped evaluation due to missing required element: id_token jwe_header
path
jwe_header
mapped
object
id_token
Second client: Userinfo endpoint tests
2022-11-28 06:05:03
CallProtectedResource
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/userinfo
request_method
GET
request_headers
{
  "accept": "application/json",
  "authorization": "bearer 1dHqqBjbdQUjnGTmxweKvqnnD2u22grd_kIInJEBzxo.w768i8kx1Cne-G_5dT5ewinXCf9EBitStCoytKGXT7lDcDM7T2SlgDYgpeaDl_Y-s0tOCoo266Cz_rKOxTMB3g.M18xNjY5NjE1NTAyXzE4",
  "content-length": "0"
}
request_body

                                
2022-11-28 06:05:04 RESPONSE
CallProtectedResource
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK3c7c41cb-0a1e-4bb6-af55-363c72785750",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c28163844f9011b1a269",
  "content-length": "324",
  "date": "Mon, 28 Nov 2022 06:05:04 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:MvVSbfFDHDFmlWeV+fEcMr30TCoYlArMw4zt+eQCa6w\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:61017047; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003dDDA8AB9A3BAF2D2F83B84728E69A217A~-1~YAAQJHYGFyfi/ISEAQAAksvWvAhVfZl7zxP2ZzOvsgUXmMe3pIDTTq9foo1QDVQXnG5JZpiLxuhdxR3XHFZRclwfHy5gWfiztcZG501WiCXBhyvdafBrQfYpnwYGb1E4Ww41cAODSXJQdK54pSHDdZK+FMptpvQK23TZH1ogieBHBJ2OKCzi79sBhWEISKfAnWZESsmfpSav5fWQjsehsTTip6NN5s4hI/g1FOTshbSDIVSUsOSEq7VMTnEphO5ZofoADpnbiCyWO0iIRpD4r/IWPv1KIFQ0HDnf0Ufc8PhgyLhbtD6Ox4yiITxXOYk2K452De3cKKuyr9d/+xYE33LHEmhpkmKiIV6/1T+z3yCPWSusJ2aP388amblMS9k3gcQN58E\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 06:05:04 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003dF7369B89EC5FF040ABCBE73FA623426A~YAAQJHYGFyji/ISEAQAAksvWvBHFxBUu9IsNKEyVwjoLWg5FlzM34iA0H/WkvM7UVGJrq1kD2ZaOsVU1hCSh0UZjoCGK4rkVSIqycz+XSNQtmx6bciu6GyDx8WE9KfgRA6WLI8m47e/NScIeTIj9cqx7GskJJvgmSaR0jLwPVavv/WLa3p+yk4qoXx/I+XwMeo+vLMXlVIwhv0MUqgmqT9w6+HTTfCerSMY8A0yOCaffiY62PAA2lOlzdEbj1AjRDc1W3ZVfSJOPXf6BzQ8syZYW0W+ItHc/7tUIBIFRQadpuBRPgHd+YSMOPWr+~3683641~4473648; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 10:05:03 GMT; Max-Age\u003d14399; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d184",
    "origin; dur\u003d126"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"acr":"urn:ibm:security:policy:id:1","amr":["password"],"aud":["5a1f7223-02dd-4e06-95d5-0d8edaf7ea67"],"auth_time":1669615213,"iss":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2","name":"ISV Dev","preferred_username":"isvdev@ibm.com","rat":1669615500,"realmName":"cloudIdentityRealm","sub":"6160017N67"}
2022-11-28 06:05:04 SUCCESS
CallProtectedResource
Got a response from the resource endpoint
status
200
endpoint_name
resource
headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK3c7c41cb-0a1e-4bb6-af55-363c72785750",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c28163844f9011b1a269",
  "content-length": "324",
  "date": "Mon, 28 Nov 2022 06:05:04 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:MvVSbfFDHDFmlWeV+fEcMr30TCoYlArMw4zt+eQCa6w\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:61017047; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003dDDA8AB9A3BAF2D2F83B84728E69A217A~-1~YAAQJHYGFyfi/ISEAQAAksvWvAhVfZl7zxP2ZzOvsgUXmMe3pIDTTq9foo1QDVQXnG5JZpiLxuhdxR3XHFZRclwfHy5gWfiztcZG501WiCXBhyvdafBrQfYpnwYGb1E4Ww41cAODSXJQdK54pSHDdZK+FMptpvQK23TZH1ogieBHBJ2OKCzi79sBhWEISKfAnWZESsmfpSav5fWQjsehsTTip6NN5s4hI/g1FOTshbSDIVSUsOSEq7VMTnEphO5ZofoADpnbiCyWO0iIRpD4r/IWPv1KIFQ0HDnf0Ufc8PhgyLhbtD6Ox4yiITxXOYk2K452De3cKKuyr9d/+xYE33LHEmhpkmKiIV6/1T+z3yCPWSusJ2aP388amblMS9k3gcQN58E\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 06:05:04 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003dF7369B89EC5FF040ABCBE73FA623426A~YAAQJHYGFyji/ISEAQAAksvWvBHFxBUu9IsNKEyVwjoLWg5FlzM34iA0H/WkvM7UVGJrq1kD2ZaOsVU1hCSh0UZjoCGK4rkVSIqycz+XSNQtmx6bciu6GyDx8WE9KfgRA6WLI8m47e/NScIeTIj9cqx7GskJJvgmSaR0jLwPVavv/WLa3p+yk4qoXx/I+XwMeo+vLMXlVIwhv0MUqgmqT9w6+HTTfCerSMY8A0yOCaffiY62PAA2lOlzdEbj1AjRDc1W3ZVfSJOPXf6BzQ8syZYW0W+ItHc/7tUIBIFRQadpuBRPgHd+YSMOPWr+~3683641~4473648; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 10:05:03 GMT; Max-Age\u003d14399; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d184",
    "origin; dur\u003d126"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
body
{"acr":"urn:ibm:security:policy:id:1","amr":["password"],"aud":["5a1f7223-02dd-4e06-95d5-0d8edaf7ea67"],"auth_time":1669615213,"iss":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2","name":"ISV Dev","preferred_username":"isvdev@ibm.com","rat":1669615500,"realmName":"cloudIdentityRealm","sub":"6160017N67"}
2022-11-28 06:05:04 SUCCESS
EnsureHttpStatusCodeIs200
resource endpoint returned the expected http status
expected_status
200
http_status
200
2022-11-28 06:05:04 SUCCESS
CreateTokenEndpointRequestForAuthorizationCodeGrant
Created token endpoint request
grant_type
authorization_code
code
_jOggXQPN7IYyrcy_Ym4rlC07rRiIOEXp0R1r72-D5Y.MXJ2C98xv9pwYhO3V7RB2wpvD_ycebsLFqw_y-QsrMZfIwQkO3fGjghtHxxAzTpaTcCkIr-3ksv-cOFhRoeuqA
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
2022-11-28 06:05:04 SUCCESS
CreateClientAuthenticationAssertionClaims
Created client assertion claims
iss
5a1f7223-02dd-4e06-95d5-0d8edaf7ea67
sub
5a1f7223-02dd-4e06-95d5-0d8edaf7ea67
aud
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/token
jti
OgP6Znwt7zgMRA7gaTEm
iat
1669615504
exp
1669615564
2022-11-28 06:05:04 SUCCESS
SignClientAuthenticationAssertion
Signed the client assertion
client_assertion
eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiI1YTFmNzIyMy0wMmRkLTRlMDYtOTVkNS0wZDhlZGFmN2VhNjciLCJhdWQiOiJodHRwczpcL1wvb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tXC9vYXV0aDJcL3Rva2VuIiwiaXNzIjoiNWExZjcyMjMtMDJkZC00ZTA2LTk1ZDUtMGQ4ZWRhZjdlYTY3IiwiZXhwIjoxNjY5NjE1NTY0LCJpYXQiOjE2Njk2MTU1MDQsImp0aSI6Ik9nUDZabnd0N3pnTVJBN2dhVEVtIn0.awQEHgMkz7mDfiPvbYJGglQZ5qYKJY0sJVRWkmqdD8DCIP92693GdULO7n1ZXVio1y0Cdv6Gc0mDwF--h-KdYPtkIRWtOYctX4CExix6zb2z7-L-sXCcXZuHbg5RD6go14i9BlxuZuJdn46Y9YYVJN2rlLI9C_5vSMrnIgUDg7Brnk0qc_sz7TE-K9aT_PZIXlD_pHPqGBew7nCjJBnvCEhNHJEJMCyLViNZm4WumyjrXHTiPMOGkQUv3NHu2UbkVfVewupbthSalXuIymdyi5UBPr8Cki-xfh25-6c3NwXkfhBJhCRWr4G0AnQfD_4vr7EgtcjoNanVtG2Xfm3Z_g
2022-11-28 06:05:04
AddClientAssertionToTokenEndpointRequest
Added client assertion
grant_type
authorization_code
code
_jOggXQPN7IYyrcy_Ym4rlC07rRiIOEXp0R1r72-D5Y.MXJ2C98xv9pwYhO3V7RB2wpvD_ycebsLFqw_y-QsrMZfIwQkO3fGjghtHxxAzTpaTcCkIr-3ksv-cOFhRoeuqA
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
client_assertion
eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiI1YTFmNzIyMy0wMmRkLTRlMDYtOTVkNS0wZDhlZGFmN2VhNjciLCJhdWQiOiJodHRwczpcL1wvb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tXC9vYXV0aDJcL3Rva2VuIiwiaXNzIjoiNWExZjcyMjMtMDJkZC00ZTA2LTk1ZDUtMGQ4ZWRhZjdlYTY3IiwiZXhwIjoxNjY5NjE1NTY0LCJpYXQiOjE2Njk2MTU1MDQsImp0aSI6Ik9nUDZabnd0N3pnTVJBN2dhVEVtIn0.awQEHgMkz7mDfiPvbYJGglQZ5qYKJY0sJVRWkmqdD8DCIP92693GdULO7n1ZXVio1y0Cdv6Gc0mDwF--h-KdYPtkIRWtOYctX4CExix6zb2z7-L-sXCcXZuHbg5RD6go14i9BlxuZuJdn46Y9YYVJN2rlLI9C_5vSMrnIgUDg7Brnk0qc_sz7TE-K9aT_PZIXlD_pHPqGBew7nCjJBnvCEhNHJEJMCyLViNZm4WumyjrXHTiPMOGkQUv3NHu2UbkVfVewupbthSalXuIymdyi5UBPr8Cki-xfh25-6c3NwXkfhBJhCRWr4G0AnQfD_4vr7EgtcjoNanVtG2Xfm3Z_g
client_assertion_type
urn:ietf:params:oauth:client-assertion-type:jwt-bearer
2022-11-28 06:05:04
CallTokenEndpoint
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/token
request_method
POST
request_headers
{
  "accept": "application/json",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "1051"
}
request_body
grant_type=authorization_code&code=_jOggXQPN7IYyrcy_Ym4rlC07rRiIOEXp0R1r72-D5Y.MXJ2C98xv9pwYhO3V7RB2wpvD_ycebsLFqw_y-QsrMZfIwQkO3fGjghtHxxAzTpaTcCkIr-3ksv-cOFhRoeuqA&redirect_uri=https%3A%2F%2Fwww.certification.openid.net%2Ftest%2Fa%2Fisv_op_oidc_core_test%2Fcallback&client_assertion=eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiI1YTFmNzIyMy0wMmRkLTRlMDYtOTVkNS0wZDhlZGFmN2VhNjciLCJhdWQiOiJodHRwczpcL1wvb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tXC9vYXV0aDJcL3Rva2VuIiwiaXNzIjoiNWExZjcyMjMtMDJkZC00ZTA2LTk1ZDUtMGQ4ZWRhZjdlYTY3IiwiZXhwIjoxNjY5NjE1NTY0LCJpYXQiOjE2Njk2MTU1MDQsImp0aSI6Ik9nUDZabnd0N3pnTVJBN2dhVEVtIn0.awQEHgMkz7mDfiPvbYJGglQZ5qYKJY0sJVRWkmqdD8DCIP92693GdULO7n1ZXVio1y0Cdv6Gc0mDwF--h-KdYPtkIRWtOYctX4CExix6zb2z7-L-sXCcXZuHbg5RD6go14i9BlxuZuJdn46Y9YYVJN2rlLI9C_5vSMrnIgUDg7Brnk0qc_sz7TE-K9aT_PZIXlD_pHPqGBew7nCjJBnvCEhNHJEJMCyLViNZm4WumyjrXHTiPMOGkQUv3NHu2UbkVfVewupbthSalXuIymdyi5UBPr8Cki-xfh25-6c3NwXkfhBJhCRWr4G0AnQfD_4vr7EgtcjoNanVtG2Xfm3Z_g&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer
2022-11-28 06:05:04 RESPONSE
CallTokenEndpoint
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK1e73b61b-69b7-4389-a411-8c619ef5fa7c",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c28163844f9011b1a3d9",
  "content-length": "1498",
  "date": "Mon, 28 Nov 2022 06:05:04 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:df5Ss2pMz4TEx+2P9v7SDhbMDU08eeXASpCqxghZfWU\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:54725591; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003dFE6360FF2B8A86F76ED2A6D171DA4489~-1~YAAQJHYGFz7i/ISEAQAAJ83WvAirJL78uNSsJuPyEN88rGmoXJ48d6aT6i3B1md4lkDA1tPNACn8rTeior1l8BiDYmPbTBhx2sExRUAtPlJx4+0F9Zqw2DPvPPU+zpyn4uj0eOq3E9KA6IK1FLx44PCDzmDGXTMjT6pZ4twl5N12vfqAXmGt+NKFPQxaZMEu4gTJ3771DxAAXQz2kpryXAUvYKCFdleOWaT8eK+qLNB02agVaI4TXR666zUfc4trkGvKggwi3/JwrmXAeSQjk/L9Z0uQFBRm3OmIyi2UmGGqUgi3Lp+hNF8z41azQc7/s+5xmJHiHhDqbgT24+bqqTKJX8JZ0xWIbsoCbqiBtVHcuhJmt5LdbBBdP7yPP9JbZzquBp0\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 06:05:04 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003dDA23C37DE072324A224C19A91526C67C~YAAQJHYGFz/i/ISEAQAAJ83WvBEy6xgj5uI/mJUONIsNPJmZGUKwYhZeZ2Vf86ymeWox5T6LbADUX2asHz+cmcPnNub0ajWSQdAq5LKFpmggD2ff+Ma65XMhyoNOy7Q9I0L+xzsNQPrn4dyVsdswoY87n7cHHyIrLDsWOItPHcmL77GSoeKKMXhhcvzvcW045gcz+lj9wRqor1Fwr6DAmNArWrELcOh3BFAadyTtfHr3z3kKVgBtPIeGcjXpDNGq/fb4tab5/6ZwKI85e9XdeLcDP4DdTjeV6KwtzrtBJdqoFF8JJXcrGPAst7U2~4273970~4407603; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 10:05:04 GMT; Max-Age\u003d14400; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d151",
    "origin; dur\u003d174"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"access_token":"LHNfQWhdrRD-2EDWPsXoagcduOv6hRdVehBW44vvWxw.Ze6ssN21irkG5QDOSoh9_eFMrQE12WQ9tDSgCXz7C2k3QL3R24DyU-QkYC6BPXRQuB2iSt92ilB_Y7swbDoSJg.M18xNjY5NjE1NTA0XzE4","expires_in":7200,"id_token":"eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJGLUlvYmpVcS1ybU8wS1lDZEFzMzFBIiwiYXVkIjpbIjVhMWY3MjIzLTAyZGQtNGUwNi05NWQ1LTBkOGVkYWY3ZWE2NyJdLCJhdXRoX3RpbWUiOjE2Njk2MTUyMTMsImV4cCI6MTY2OTYyMjcwNCwiaWF0IjoxNjY5NjE1NTA0LCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiJjNjU4MGM5MS1jMmUyLTQ2OWMtYjkwNi1hNjJhZTBiZjYzNWEiLCJuYW1lIjoiSVNWIERldiIsIm5vbmNlIjoiN3ZvZG5XeGNIMCIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NjE1NTAwLCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoiRXlIWXIwSTExSmdiSDFac1cyUU9qUSIsInNfaGFzaCI6IlV4ellLV08tUmRQbG1NX0F6WXlCbXciLCJzdWIiOiI2MTYwMDE3TjY3In0.pMD7b4eRtIsVBVKmjaD-t-QnHvfeTMya5PhA2N-xx2WBcASJtLEhThGphydv2SNZF2WaQNE0Yt9goUtA06wG4YyLzE9eYsqbepUpL1qEX0_Vlpzp3ut0-W8nXTWKAQNt031WHSmiNGLbv4MFTku0ZE2XQuVBV58SLZMOR-PeKyGHhYFzjRQc4LEz5udYcuOP98ADSaMGZliG3ic6qEJtReJuFq2CuXKRK7NeuO1lOqM-wyN_KWBSUOSTb_GJE8lmsJMRPeevetwKY_6x1bVmLfzvsrkNkMusp_q_wn1qB6xXk_b-eP0vO3vOx0fL9ST9AZCSweOCPQRlJYtkLTWvYg","refresh_token":"O1aZGn5ml83juP79yPbIbB6emHmw8J-hPlNwdf6JP-k.0OmMjpgUoIsRMv6rH9xmnP1qr769VUSsdhdawEjuCOjhQkRjsKF1ppp1zZ4BuZSWcxRYP3Fxmo73H1YFSgWPIg.M18xNjY5NjE1NTA0XzE4","scope":"openid","token_type":"bearer"}
2022-11-28 06:05:04 SUCCESS
CallTokenEndpoint
Parsed token endpoint response
access_token
LHNfQWhdrRD-2EDWPsXoagcduOv6hRdVehBW44vvWxw.Ze6ssN21irkG5QDOSoh9_eFMrQE12WQ9tDSgCXz7C2k3QL3R24DyU-QkYC6BPXRQuB2iSt92ilB_Y7swbDoSJg.M18xNjY5NjE1NTA0XzE4
expires_in
7200
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJGLUlvYmpVcS1ybU8wS1lDZEFzMzFBIiwiYXVkIjpbIjVhMWY3MjIzLTAyZGQtNGUwNi05NWQ1LTBkOGVkYWY3ZWE2NyJdLCJhdXRoX3RpbWUiOjE2Njk2MTUyMTMsImV4cCI6MTY2OTYyMjcwNCwiaWF0IjoxNjY5NjE1NTA0LCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiJjNjU4MGM5MS1jMmUyLTQ2OWMtYjkwNi1hNjJhZTBiZjYzNWEiLCJuYW1lIjoiSVNWIERldiIsIm5vbmNlIjoiN3ZvZG5XeGNIMCIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NjE1NTAwLCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoiRXlIWXIwSTExSmdiSDFac1cyUU9qUSIsInNfaGFzaCI6IlV4ellLV08tUmRQbG1NX0F6WXlCbXciLCJzdWIiOiI2MTYwMDE3TjY3In0.pMD7b4eRtIsVBVKmjaD-t-QnHvfeTMya5PhA2N-xx2WBcASJtLEhThGphydv2SNZF2WaQNE0Yt9goUtA06wG4YyLzE9eYsqbepUpL1qEX0_Vlpzp3ut0-W8nXTWKAQNt031WHSmiNGLbv4MFTku0ZE2XQuVBV58SLZMOR-PeKyGHhYFzjRQc4LEz5udYcuOP98ADSaMGZliG3ic6qEJtReJuFq2CuXKRK7NeuO1lOqM-wyN_KWBSUOSTb_GJE8lmsJMRPeevetwKY_6x1bVmLfzvsrkNkMusp_q_wn1qB6xXk_b-eP0vO3vOx0fL9ST9AZCSweOCPQRlJYtkLTWvYg
refresh_token
O1aZGn5ml83juP79yPbIbB6emHmw8J-hPlNwdf6JP-k.0OmMjpgUoIsRMv6rH9xmnP1qr769VUSsdhdawEjuCOjhQkRjsKF1ppp1zZ4BuZSWcxRYP3Fxmo73H1YFSgWPIg.M18xNjY5NjE1NTA0XzE4
scope
openid
token_type
bearer
2022-11-28 06:05:04 SUCCESS
CheckIfTokenEndpointResponseError
No error from token endpoint
2022-11-28 06:05:04 SUCCESS
CheckForAccessTokenValue
Found an access token
access_token
LHNfQWhdrRD-2EDWPsXoagcduOv6hRdVehBW44vvWxw.Ze6ssN21irkG5QDOSoh9_eFMrQE12WQ9tDSgCXz7C2k3QL3R24DyU-QkYC6BPXRQuB2iSt92ilB_Y7swbDoSJg.M18xNjY5NjE1NTA0XzE4
2022-11-28 06:05:04 SUCCESS
ExtractAccessTokenFromTokenResponse
Extracted the access token
value
LHNfQWhdrRD-2EDWPsXoagcduOv6hRdVehBW44vvWxw.Ze6ssN21irkG5QDOSoh9_eFMrQE12WQ9tDSgCXz7C2k3QL3R24DyU-QkYC6BPXRQuB2iSt92ilB_Y7swbDoSJg.M18xNjY5NjE1NTA0XzE4
type
bearer
2022-11-28 06:05:04 SUCCESS
ExtractExpiresInFromTokenEndpointResponse
Extracted 'expires_in'
expires_in
7200
2022-11-28 06:05:04 SUCCESS
ValidateExpiresIn
expires_in passed all validation checks
expires_in
7200
2022-11-28 06:05:04 SUCCESS
CheckForRefreshTokenValue
Found a refresh token
refresh_token
O1aZGn5ml83juP79yPbIbB6emHmw8J-hPlNwdf6JP-k.0OmMjpgUoIsRMv6rH9xmnP1qr769VUSsdhdawEjuCOjhQkRjsKF1ppp1zZ4BuZSWcxRYP3Fxmo73H1YFSgWPIg.M18xNjY5NjE1NTA0XzE4
2022-11-28 06:05:04 SUCCESS
ExtractIdTokenFromTokenResponse
Found and parsed the id_token from token_endpoint_response
value
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJGLUlvYmpVcS1ybU8wS1lDZEFzMzFBIiwiYXVkIjpbIjVhMWY3MjIzLTAyZGQtNGUwNi05NWQ1LTBkOGVkYWY3ZWE2NyJdLCJhdXRoX3RpbWUiOjE2Njk2MTUyMTMsImV4cCI6MTY2OTYyMjcwNCwiaWF0IjoxNjY5NjE1NTA0LCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiJjNjU4MGM5MS1jMmUyLTQ2OWMtYjkwNi1hNjJhZTBiZjYzNWEiLCJuYW1lIjoiSVNWIERldiIsIm5vbmNlIjoiN3ZvZG5XeGNIMCIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NjE1NTAwLCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoiRXlIWXIwSTExSmdiSDFac1cyUU9qUSIsInNfaGFzaCI6IlV4ellLV08tUmRQbG1NX0F6WXlCbXciLCJzdWIiOiI2MTYwMDE3TjY3In0.pMD7b4eRtIsVBVKmjaD-t-QnHvfeTMya5PhA2N-xx2WBcASJtLEhThGphydv2SNZF2WaQNE0Yt9goUtA06wG4YyLzE9eYsqbepUpL1qEX0_Vlpzp3ut0-W8nXTWKAQNt031WHSmiNGLbv4MFTku0ZE2XQuVBV58SLZMOR-PeKyGHhYFzjRQc4LEz5udYcuOP98ADSaMGZliG3ic6qEJtReJuFq2CuXKRK7NeuO1lOqM-wyN_KWBSUOSTb_GJE8lmsJMRPeevetwKY_6x1bVmLfzvsrkNkMusp_q_wn1qB6xXk_b-eP0vO3vOx0fL9ST9AZCSweOCPQRlJYtkLTWvYg
header
{
  "kid": "server",
  "alg": "RS256"
}
claims
{
  "at_hash": "F-IobjUq-rmO0KYCdAs31A",
  "sub": "6160017N67",
  "rat": 1669615500,
  "realmName": "cloudIdentityRealm",
  "amr": [
    "password"
  ],
  "iss": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "preferred_username": "isvdev@ibm.com",
  "nonce": "7vodnWxcH0",
  "rt_hash": "EyHYr0I11JgbH1ZsW2QOjQ",
  "acr": "urn:ibm:security:policy:id:1",
  "aud": "5a1f7223-02dd-4e06-95d5-0d8edaf7ea67",
  "s_hash": "UxzYKWO-RdPlmM_AzYyBmw",
  "auth_time": 1669615213,
  "name": "ISV Dev",
  "exp": 1669622704,
  "iat": 1669615504,
  "jti": "c6580c91-c2e2-469c-b906-a62ae0bf635a"
}
2022-11-28 06:05:04 SUCCESS
ValidateIdToken
ID token iss, aud, exp, iat, auth_time, acr & nbf claims passed validation checks
2022-11-28 06:05:04
ValidateIdTokenStandardClaims
sub is a string with content
2022-11-28 06:05:04
ValidateIdTokenStandardClaims
Skipping unknown claim: rat
2022-11-28 06:05:04
ValidateIdTokenStandardClaims
Skipping unknown claim: realmName
2022-11-28 06:05:04
ValidateIdTokenStandardClaims
preferred_username is a string with content
2022-11-28 06:05:04
ValidateIdTokenStandardClaims
Skipping unknown claim: rt_hash
2022-11-28 06:05:04
ValidateIdTokenStandardClaims
name is a string with content
2022-11-28 06:05:04 SUCCESS
ValidateIdTokenStandardClaims
id_token claims are valid
2022-11-28 06:05:04 SUCCESS
ValidateIdTokenNonce
Nonce values match
nonce
7vodnWxcH0
2022-11-28 06:05:04 SUCCESS
ValidateIdTokenACRClaimAgainstRequest
Nothing to check; the conformance suite did not request an acr claim in request object
2022-11-28 06:05:04 SUCCESS
ValidateIdTokenSignature
id_token signature validated
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJGLUlvYmpVcS1ybU8wS1lDZEFzMzFBIiwiYXVkIjpbIjVhMWY3MjIzLTAyZGQtNGUwNi05NWQ1LTBkOGVkYWY3ZWE2NyJdLCJhdXRoX3RpbWUiOjE2Njk2MTUyMTMsImV4cCI6MTY2OTYyMjcwNCwiaWF0IjoxNjY5NjE1NTA0LCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiJjNjU4MGM5MS1jMmUyLTQ2OWMtYjkwNi1hNjJhZTBiZjYzNWEiLCJuYW1lIjoiSVNWIERldiIsIm5vbmNlIjoiN3ZvZG5XeGNIMCIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NjE1NTAwLCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoiRXlIWXIwSTExSmdiSDFac1cyUU9qUSIsInNfaGFzaCI6IlV4ellLV08tUmRQbG1NX0F6WXlCbXciLCJzdWIiOiI2MTYwMDE3TjY3In0.pMD7b4eRtIsVBVKmjaD-t-QnHvfeTMya5PhA2N-xx2WBcASJtLEhThGphydv2SNZF2WaQNE0Yt9goUtA06wG4YyLzE9eYsqbepUpL1qEX0_Vlpzp3ut0-W8nXTWKAQNt031WHSmiNGLbv4MFTku0ZE2XQuVBV58SLZMOR-PeKyGHhYFzjRQc4LEz5udYcuOP98ADSaMGZliG3ic6qEJtReJuFq2CuXKRK7NeuO1lOqM-wyN_KWBSUOSTb_GJE8lmsJMRPeevetwKY_6x1bVmLfzvsrkNkMusp_q_wn1qB6xXk_b-eP0vO3vOx0fL9ST9AZCSweOCPQRlJYtkLTWvYg
2022-11-28 06:05:04 SUCCESS
ValidateIdTokenSignatureUsingKid
id_token signature validated
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJGLUlvYmpVcS1ybU8wS1lDZEFzMzFBIiwiYXVkIjpbIjVhMWY3MjIzLTAyZGQtNGUwNi05NWQ1LTBkOGVkYWY3ZWE2NyJdLCJhdXRoX3RpbWUiOjE2Njk2MTUyMTMsImV4cCI6MTY2OTYyMjcwNCwiaWF0IjoxNjY5NjE1NTA0LCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiJjNjU4MGM5MS1jMmUyLTQ2OWMtYjkwNi1hNjJhZTBiZjYzNWEiLCJuYW1lIjoiSVNWIERldiIsIm5vbmNlIjoiN3ZvZG5XeGNIMCIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NjE1NTAwLCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoiRXlIWXIwSTExSmdiSDFac1cyUU9qUSIsInNfaGFzaCI6IlV4ellLV08tUmRQbG1NX0F6WXlCbXciLCJzdWIiOiI2MTYwMDE3TjY3In0.pMD7b4eRtIsVBVKmjaD-t-QnHvfeTMya5PhA2N-xx2WBcASJtLEhThGphydv2SNZF2WaQNE0Yt9goUtA06wG4YyLzE9eYsqbepUpL1qEX0_Vlpzp3ut0-W8nXTWKAQNt031WHSmiNGLbv4MFTku0ZE2XQuVBV58SLZMOR-PeKyGHhYFzjRQc4LEz5udYcuOP98ADSaMGZliG3ic6qEJtReJuFq2CuXKRK7NeuO1lOqM-wyN_KWBSUOSTb_GJE8lmsJMRPeevetwKY_6x1bVmLfzvsrkNkMusp_q_wn1qB6xXk_b-eP0vO3vOx0fL9ST9AZCSweOCPQRlJYtkLTWvYg
2022-11-28 06:05:04 SUCCESS
CheckForSubjectInIdToken
Found 'sub' in id_token
sub
6160017N67
2022-11-28 06:05:04
EnsureIdTokenUpdatedAtValid
id_token response does not contain 'updated_at'
2022-11-28 06:05:04 INFO
ValidateEncryptedIdTokenHasKid
Skipped evaluation due to missing required element: id_token jwe_header
path
jwe_header
mapped
object
id_token
2022-11-28 06:05:04 SUCCESS
VerifyIdTokenSubConsistentHybridFlow
authorization endpoint and token endpoint id_token have same sub
sub_auth_endpoint
6160017N67
sub_token_endpoint
6160017N67
2022-11-28 06:05:04 SUCCESS
ExtractRefreshTokenFromTokenResponse
Extracted refresh token from response
refresh_token
O1aZGn5ml83juP79yPbIbB6emHmw8J-hPlNwdf6JP-k.0OmMjpgUoIsRMv6rH9xmnP1qr769VUSsdhdawEjuCOjhQkRjsKF1ppp1zZ4BuZSWcxRYP3Fxmo73H1YFSgWPIg.M18xNjY5NjE1NTA0XzE4
2022-11-28 06:05:04 SUCCESS
EnsureServerConfigurationSupportsRefreshToken
The server configuration indicates support for refresh tokens
supported_grant_types
[
  "authorization_code",
  "implicit",
  "password",
  "refresh_token",
  "client_credentials"
]
2022-11-28 06:05:04 SUCCESS
EnsureRefreshTokenContainsAllowedCharactersOnly
Refresh token does not contain any illegal characters
Second client: Refresh Token Request
2022-11-28 06:05:04 SUCCESS
CreateRefreshTokenRequest
Created token endpoint request parameters
grant_type
refresh_token
refresh_token
O1aZGn5ml83juP79yPbIbB6emHmw8J-hPlNwdf6JP-k.0OmMjpgUoIsRMv6rH9xmnP1qr769VUSsdhdawEjuCOjhQkRjsKF1ppp1zZ4BuZSWcxRYP3Fxmo73H1YFSgWPIg.M18xNjY5NjE1NTA0XzE4
2022-11-28 06:05:04 SUCCESS
CreateClientAuthenticationAssertionClaims
Created client assertion claims
iss
5a1f7223-02dd-4e06-95d5-0d8edaf7ea67
sub
5a1f7223-02dd-4e06-95d5-0d8edaf7ea67
aud
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/token
jti
cbfFBJweQ5hDHmDPeXqq
iat
1669615504
exp
1669615564
2022-11-28 06:05:04 SUCCESS
SignClientAuthenticationAssertion
Signed the client assertion
client_assertion
eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiI1YTFmNzIyMy0wMmRkLTRlMDYtOTVkNS0wZDhlZGFmN2VhNjciLCJhdWQiOiJodHRwczpcL1wvb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tXC9vYXV0aDJcL3Rva2VuIiwiaXNzIjoiNWExZjcyMjMtMDJkZC00ZTA2LTk1ZDUtMGQ4ZWRhZjdlYTY3IiwiZXhwIjoxNjY5NjE1NTY0LCJpYXQiOjE2Njk2MTU1MDQsImp0aSI6ImNiZkZCSndlUTVoREhtRFBlWHFxIn0.bk3C6vSVzTo8yAAN-ULYoKnpws4ee-3tvLS3-YKj54KnroXwDgNKw7val91HrO6AKCld-K5Y6GPnN0J34BdfO1IxD01aNhRKSo-b7ofDPThiUdmMvgEo1XNmPCcFiiK1Ip8jGt_maJYmHq3NT6EvcRczqkzx_kT0n5CQNvsBRwEMLaonR6Mv7b7W8XeV3wm2EEmexpQ6wsVYLQOpfmY7q0NG1I_5xfTu39kAGSw4D6bwwlAN4ydBnywzsekDihtB4xPu6rxRi8Fp-iNaeBw4_YeAeFOO8cf5L2Qg2EIXlnQq-hPoDQjQrCDjC8Ii1KOHsaaLvKyLujSjrbC0EgGkKQ
2022-11-28 06:05:04
AddClientAssertionToTokenEndpointRequest
Added client assertion
grant_type
refresh_token
refresh_token
O1aZGn5ml83juP79yPbIbB6emHmw8J-hPlNwdf6JP-k.0OmMjpgUoIsRMv6rH9xmnP1qr769VUSsdhdawEjuCOjhQkRjsKF1ppp1zZ4BuZSWcxRYP3Fxmo73H1YFSgWPIg.M18xNjY5NjE1NTA0XzE4
client_assertion
eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiI1YTFmNzIyMy0wMmRkLTRlMDYtOTVkNS0wZDhlZGFmN2VhNjciLCJhdWQiOiJodHRwczpcL1wvb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tXC9vYXV0aDJcL3Rva2VuIiwiaXNzIjoiNWExZjcyMjMtMDJkZC00ZTA2LTk1ZDUtMGQ4ZWRhZjdlYTY3IiwiZXhwIjoxNjY5NjE1NTY0LCJpYXQiOjE2Njk2MTU1MDQsImp0aSI6ImNiZkZCSndlUTVoREhtRFBlWHFxIn0.bk3C6vSVzTo8yAAN-ULYoKnpws4ee-3tvLS3-YKj54KnroXwDgNKw7val91HrO6AKCld-K5Y6GPnN0J34BdfO1IxD01aNhRKSo-b7ofDPThiUdmMvgEo1XNmPCcFiiK1Ip8jGt_maJYmHq3NT6EvcRczqkzx_kT0n5CQNvsBRwEMLaonR6Mv7b7W8XeV3wm2EEmexpQ6wsVYLQOpfmY7q0NG1I_5xfTu39kAGSw4D6bwwlAN4ydBnywzsekDihtB4xPu6rxRi8Fp-iNaeBw4_YeAeFOO8cf5L2Qg2EIXlnQq-hPoDQjQrCDjC8Ii1KOHsaaLvKyLujSjrbC0EgGkKQ
client_assertion_type
urn:ietf:params:oauth:client-assertion-type:jwt-bearer
2022-11-28 06:05:04 SUCCESS
WaitForOneSecond
Pausing for 1 seconds
2022-11-28 06:05:05 SUCCESS
WaitForOneSecond
Woke up after 1 seconds sleep
2022-11-28 06:05:05
CallTokenEndpointAndReturnFullResponse
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/token
request_method
POST
request_headers
{
  "accept": "application/json",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "974"
}
request_body
grant_type=refresh_token&refresh_token=O1aZGn5ml83juP79yPbIbB6emHmw8J-hPlNwdf6JP-k.0OmMjpgUoIsRMv6rH9xmnP1qr769VUSsdhdawEjuCOjhQkRjsKF1ppp1zZ4BuZSWcxRYP3Fxmo73H1YFSgWPIg.M18xNjY5NjE1NTA0XzE4&client_assertion=eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiI1YTFmNzIyMy0wMmRkLTRlMDYtOTVkNS0wZDhlZGFmN2VhNjciLCJhdWQiOiJodHRwczpcL1wvb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tXC9vYXV0aDJcL3Rva2VuIiwiaXNzIjoiNWExZjcyMjMtMDJkZC00ZTA2LTk1ZDUtMGQ4ZWRhZjdlYTY3IiwiZXhwIjoxNjY5NjE1NTY0LCJpYXQiOjE2Njk2MTU1MDQsImp0aSI6ImNiZkZCSndlUTVoREhtRFBlWHFxIn0.bk3C6vSVzTo8yAAN-ULYoKnpws4ee-3tvLS3-YKj54KnroXwDgNKw7val91HrO6AKCld-K5Y6GPnN0J34BdfO1IxD01aNhRKSo-b7ofDPThiUdmMvgEo1XNmPCcFiiK1Ip8jGt_maJYmHq3NT6EvcRczqkzx_kT0n5CQNvsBRwEMLaonR6Mv7b7W8XeV3wm2EEmexpQ6wsVYLQOpfmY7q0NG1I_5xfTu39kAGSw4D6bwwlAN4ydBnywzsekDihtB4xPu6rxRi8Fp-iNaeBw4_YeAeFOO8cf5L2Qg2EIXlnQq-hPoDQjQrCDjC8Ii1KOHsaaLvKyLujSjrbC0EgGkKQ&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer
2022-11-28 06:05:06 RESPONSE
CallTokenEndpointAndReturnFullResponse
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK39c967f7-66ad-468d-a90c-8b561ff13e8d",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c28163844f9137611861",
  "content-length": "1425",
  "date": "Mon, 28 Nov 2022 06:05:06 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:VYTBPO+z8bmI3yInngklxv2/Dpxn0HjbN7UzHjz3EKU\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:57871319; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d4C2423A742E2824686E75E53D1E5C613~-1~YAAQJHYGF6vi/ISEAQAAkdLWvAhb6N6L4eEaedlcAeUpbfG2DAadWL1Ql+7SIYQuYK8KTdSCh0Vfj9OG23+VgcXbWNMvBSltuWBDe2Rm97tojq/Yd6ZK9btSES/DfI9xBzkCfjKu28uxZOMa4llwxN2ldHMri0DKSDqlfHfWYCZaJm95kyjTjGwL5u0//9FoyfoTEnJIRgME8fqyfT03+D3wvL4pz2xqQc+yvUPbxhFOeftUROeKtYvrSKlyd+vi8An9JG+RP7io1tWRVJ81r44INTomHqujKZuEgXx5+Jy7iix8XR8x3pEXbWaurV85ZNG2eoVpkw72O7ruar/Kw0r6vEv4g1BpfsHvQoJM0o/ldqJLdS0lOeC+pjDRszz0667B2Vo\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 06:05:06 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d0289B372C03B5B07B66136DD7AC82B87~YAAQJHYGF6zi/ISEAQAAkdLWvBEe2oTQBomylz9Q2TApaMndAe7eloOklz698aG7ihzilJn76aorAvy/pKnXj3DReSueMWbyH41OUXV0KGF7TnKcLQRzMuxRBR6Lm7BZThCtFYJXMVGTsDqTFo5/Sxn+OEU/QHTxRZNI2NMVCcYNuRldxdB5/4TLIGn98kSnFm2CgrIrjpSnUGsPh1p4wOgQJU1sHcgtQvPZTRS09vwDcC2eRplOnq4RfGHR4YF2XbMRlQorFRZHxkPpVyd+8I76KWFnQ7qoZGZP0uPOtVZg7/R+eMj9i7WdkMKg~4600389~3486006; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 10:05:05 GMT; Max-Age\u003d14399; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d154",
    "origin; dur\u003d130"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"access_token":"E6rW901-NlqIQAg9U0D6sAjVc0mcUwOOliLhiBKlnX8.ot9mKTbSyDVVB820Jw04QLeiTaG3D6oaIOHIxZbjoYnjkwIaMZdsuRvunzFTqk1NAbMi_ID5Te0PoeRKP81l9w.M18xNjY5NjE1NTA1XzE4","expires_in":7200,"id_token":"eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJDUmI0ZkZEcHJFdzdrM240ZU1zVzl3IiwiYXVkIjpbIjVhMWY3MjIzLTAyZGQtNGUwNi05NWQ1LTBkOGVkYWY3ZWE2NyJdLCJhdXRoX3RpbWUiOjE2Njk2MTUyMTMsImV4cCI6MTY2OTYyMjcwNSwiaWF0IjoxNjY5NjE1NTA1LCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiI5YTUxZjlhMC1lMDUxLTRkOTQtODU3Ny0wZDE1OTI0NTVkNDkiLCJuYW1lIjoiSVNWIERldiIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NjE1NTAwLCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoiYUdzZ3JGaXluWVFDcVFCcFFLZV83QSIsInN1YiI6IjYxNjAwMTdONjcifQ.l2y5e4ID1ixpfcq7p-LRSslKmD6bDERlfO1p3cFE1Jsbl7PSQSggDAr1RY_EnyXaYPo12CNwna7gHIRCZNVF0GXAhdqGZoCmWQAhNUlhHmk1IEDeseMMubQTDRTNaEGG8jiEmrhLmreGJvd3jAKQF2t_TpJqIYp9v9ZNrNY6qN5-P3C_Wm34xx_1krLHjc98NXFjPNFQA7oy_ib8f20AXVIfwdkNnUAjK38oHC1qTEgpqWZ7mBu-PXmMEUgJ0cGgZALIX8-mGymPEOjzHGafMWDPVEF3JQIPtl_wlevDei4ibhatESZn7FTMeUbJLVxmJ7qOviDM-aamRGEznbhROQ","refresh_token":"Pt16xe3yjUaBer5NsJ_oA8yjOksQdwj5MMJRhVr--K0.RiBEw1tJXwzoRAm1tGZaZYH9pECflXqOzDmlpF9rsvsjrsWl90PYUr6CCGm234KR6HW-UhVNvXfrD2H5HELlCw.M18xNjY5NjE1NTA1XzE4","scope":"openid","token_type":"bearer"}
2022-11-28 06:05:06 SUCCESS
CallTokenEndpointAndReturnFullResponse
Parsed token endpoint response
access_token
E6rW901-NlqIQAg9U0D6sAjVc0mcUwOOliLhiBKlnX8.ot9mKTbSyDVVB820Jw04QLeiTaG3D6oaIOHIxZbjoYnjkwIaMZdsuRvunzFTqk1NAbMi_ID5Te0PoeRKP81l9w.M18xNjY5NjE1NTA1XzE4
expires_in
7200
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJDUmI0ZkZEcHJFdzdrM240ZU1zVzl3IiwiYXVkIjpbIjVhMWY3MjIzLTAyZGQtNGUwNi05NWQ1LTBkOGVkYWY3ZWE2NyJdLCJhdXRoX3RpbWUiOjE2Njk2MTUyMTMsImV4cCI6MTY2OTYyMjcwNSwiaWF0IjoxNjY5NjE1NTA1LCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiI5YTUxZjlhMC1lMDUxLTRkOTQtODU3Ny0wZDE1OTI0NTVkNDkiLCJuYW1lIjoiSVNWIERldiIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NjE1NTAwLCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoiYUdzZ3JGaXluWVFDcVFCcFFLZV83QSIsInN1YiI6IjYxNjAwMTdONjcifQ.l2y5e4ID1ixpfcq7p-LRSslKmD6bDERlfO1p3cFE1Jsbl7PSQSggDAr1RY_EnyXaYPo12CNwna7gHIRCZNVF0GXAhdqGZoCmWQAhNUlhHmk1IEDeseMMubQTDRTNaEGG8jiEmrhLmreGJvd3jAKQF2t_TpJqIYp9v9ZNrNY6qN5-P3C_Wm34xx_1krLHjc98NXFjPNFQA7oy_ib8f20AXVIfwdkNnUAjK38oHC1qTEgpqWZ7mBu-PXmMEUgJ0cGgZALIX8-mGymPEOjzHGafMWDPVEF3JQIPtl_wlevDei4ibhatESZn7FTMeUbJLVxmJ7qOviDM-aamRGEznbhROQ
refresh_token
Pt16xe3yjUaBer5NsJ_oA8yjOksQdwj5MMJRhVr--K0.RiBEw1tJXwzoRAm1tGZaZYH9pECflXqOzDmlpF9rsvsjrsWl90PYUr6CCGm234KR6HW-UhVNvXfrD2H5HELlCw.M18xNjY5NjE1NTA1XzE4
scope
openid
token_type
bearer
2022-11-28 06:05:06 SUCCESS
CheckTokenEndpointHttpStatus200
Token endpoint http status code was 200
2022-11-28 06:05:06 SUCCESS
CheckTokenEndpointReturnedJsonContentType
token_endpoint_response_headers Content-Type: header is application/json
2022-11-28 06:05:06 SUCCESS
CheckTokenEndpointCacheHeaders
'cache-control' header in token endpoint response contains expected value.
cache_control_header
no-store
2022-11-28 06:05:06 SUCCESS
CheckIfTokenEndpointResponseError
No error from token endpoint
2022-11-28 06:05:06 SUCCESS
ExtractAccessTokenFromTokenResponse
Extracted the access token
value
E6rW901-NlqIQAg9U0D6sAjVc0mcUwOOliLhiBKlnX8.ot9mKTbSyDVVB820Jw04QLeiTaG3D6oaIOHIxZbjoYnjkwIaMZdsuRvunzFTqk1NAbMi_ID5Te0PoeRKP81l9w.M18xNjY5NjE1NTA1XzE4
type
bearer
2022-11-28 06:05:06 SUCCESS
CheckTokenTypeIsBearer
Token type is bearer
2022-11-28 06:05:06 SUCCESS
EnsureMinimumAccessTokenEntropy
Calculated shannon entropy seems sufficient
actual
863.9921287100508
expected
96.0
value
E6rW901-NlqIQAg9U0D6sAjVc0mcUwOOliLhiBKlnX8.ot9mKTbSyDVVB820Jw04QLeiTaG3D6oaIOHIxZbjoYnjkwIaMZdsuRvunzFTqk1NAbMi_ID5Te0PoeRKP81l9w.M18xNjY5NjE1NTA1XzE4
2022-11-28 06:05:06 SUCCESS
EnsureAccessTokenContainsAllowedCharactersOnly
Access token does not contain any illegal characters
2022-11-28 06:05:06 SUCCESS
ExtractExpiresInFromTokenEndpointResponse
Extracted 'expires_in'
expires_in
7200
2022-11-28 06:05:06 SUCCESS
ValidateExpiresIn
expires_in passed all validation checks
expires_in
7200
2022-11-28 06:05:06 SUCCESS
EnsureAccessTokenValuesAreDifferent
Access token values are not the same
first_access_token
LHNfQWhdrRD-2EDWPsXoagcduOv6hRdVehBW44vvWxw.Ze6ssN21irkG5QDOSoh9_eFMrQE12WQ9tDSgCXz7C2k3QL3R24DyU-QkYC6BPXRQuB2iSt92ilB_Y7swbDoSJg.M18xNjY5NjE1NTA0XzE4
second_access_token
E6rW901-NlqIQAg9U0D6sAjVc0mcUwOOliLhiBKlnX8.ot9mKTbSyDVVB820Jw04QLeiTaG3D6oaIOHIxZbjoYnjkwIaMZdsuRvunzFTqk1NAbMi_ID5Te0PoeRKP81l9w.M18xNjY5NjE1NTA1XzE4
2022-11-28 06:05:06 SUCCESS
ExtractIdTokenFromTokenResponse
Found and parsed the id_token from token_endpoint_response
value
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJDUmI0ZkZEcHJFdzdrM240ZU1zVzl3IiwiYXVkIjpbIjVhMWY3MjIzLTAyZGQtNGUwNi05NWQ1LTBkOGVkYWY3ZWE2NyJdLCJhdXRoX3RpbWUiOjE2Njk2MTUyMTMsImV4cCI6MTY2OTYyMjcwNSwiaWF0IjoxNjY5NjE1NTA1LCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiI5YTUxZjlhMC1lMDUxLTRkOTQtODU3Ny0wZDE1OTI0NTVkNDkiLCJuYW1lIjoiSVNWIERldiIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NjE1NTAwLCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoiYUdzZ3JGaXluWVFDcVFCcFFLZV83QSIsInN1YiI6IjYxNjAwMTdONjcifQ.l2y5e4ID1ixpfcq7p-LRSslKmD6bDERlfO1p3cFE1Jsbl7PSQSggDAr1RY_EnyXaYPo12CNwna7gHIRCZNVF0GXAhdqGZoCmWQAhNUlhHmk1IEDeseMMubQTDRTNaEGG8jiEmrhLmreGJvd3jAKQF2t_TpJqIYp9v9ZNrNY6qN5-P3C_Wm34xx_1krLHjc98NXFjPNFQA7oy_ib8f20AXVIfwdkNnUAjK38oHC1qTEgpqWZ7mBu-PXmMEUgJ0cGgZALIX8-mGymPEOjzHGafMWDPVEF3JQIPtl_wlevDei4ibhatESZn7FTMeUbJLVxmJ7qOviDM-aamRGEznbhROQ
header
{
  "kid": "server",
  "alg": "RS256"
}
claims
{
  "at_hash": "CRb4fFDprEw7k3n4eMsW9w",
  "sub": "6160017N67",
  "rat": 1669615500,
  "realmName": "cloudIdentityRealm",
  "amr": [
    "password"
  ],
  "iss": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "preferred_username": "isvdev@ibm.com",
  "rt_hash": "aGsgrFiynYQCqQBpQKe_7A",
  "acr": "urn:ibm:security:policy:id:1",
  "aud": "5a1f7223-02dd-4e06-95d5-0d8edaf7ea67",
  "auth_time": 1669615213,
  "name": "ISV Dev",
  "exp": 1669622705,
  "iat": 1669615505,
  "jti": "9a51f9a0-e051-4d94-8577-0d1592455d49"
}
2022-11-28 06:05:06 SUCCESS
ExtractRefreshTokenFromTokenResponse
Extracted refresh token from response
refresh_token
Pt16xe3yjUaBer5NsJ_oA8yjOksQdwj5MMJRhVr--K0.RiBEw1tJXwzoRAm1tGZaZYH9pECflXqOzDmlpF9rsvsjrsWl90PYUr6CCGm234KR6HW-UhVNvXfrD2H5HELlCw.M18xNjY5NjE1NTA1XzE4
2022-11-28 06:05:06 SUCCESS
EnsureMinimumRefreshTokenLength
Refresh token is of sufficient length
actual
1208
required
128
2022-11-28 06:05:06 SUCCESS
EnsureMinimumRefreshTokenEntropy
Calculated shannon entropy seems sufficient
actual
855.3371066779974
expected
96.0
value
Pt16xe3yjUaBer5NsJ_oA8yjOksQdwj5MMJRhVr--K0.RiBEw1tJXwzoRAm1tGZaZYH9pECflXqOzDmlpF9rsvsjrsWl90PYUr6CCGm234KR6HW-UhVNvXfrD2H5HELlCw.M18xNjY5NjE1NTA1XzE4
2022-11-28 06:05:06 SUCCESS
CompareIdTokenClaims
Validated id token claims successfully
iss
{
  "first": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "second": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "note": "Values are expected to be equal"
}
sub
{
  "first": "6160017N67",
  "second": "6160017N67",
  "note": "Values are expected to be equal"
}
iat
{
  "first": 1669615504,
  "second": 1669615505,
  "note": "Values are expected to be different"
}
aud
{
  "first": "5a1f7223-02dd-4e06-95d5-0d8edaf7ea67",
  "second": "5a1f7223-02dd-4e06-95d5-0d8edaf7ea67",
  "note": "Values are expected to be equal"
}
auth_time
{
  "first": 1669615213,
  "second": 1669615213,
  "note": "Values are expected to be equal"
}
azp
Id tokens do not contain azp claims
Second client: Userinfo endpoint tests
2022-11-28 06:05:06
CallProtectedResource
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/userinfo
request_method
GET
request_headers
{
  "accept": "application/json",
  "authorization": "bearer E6rW901-NlqIQAg9U0D6sAjVc0mcUwOOliLhiBKlnX8.ot9mKTbSyDVVB820Jw04QLeiTaG3D6oaIOHIxZbjoYnjkwIaMZdsuRvunzFTqk1NAbMi_ID5Te0PoeRKP81l9w.M18xNjY5NjE1NTA1XzE4",
  "content-length": "0"
}
request_body

                                
2022-11-28 06:05:06 RESPONSE
CallProtectedResource
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AKcea4965a-3438-4796-b80d-95a1f4ac22cb",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c28163844f9207f0df53",
  "content-length": "324",
  "date": "Mon, 28 Nov 2022 06:05:06 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:PyWulKURR5v/j2GawFXTUb83xf5hznMGfh8U/Bg5hDQ\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:57871319; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003dCD2FB6CEE968D6D4FAEF27B7814DDF91~-1~YAAQJHYGF/ji/ISEAQAAytTWvAivhzeNQQu5D5eNRxvU7yx1/TAu/bKCV370lWjyJp5U6JHVzL3dTqFC8C0Y/d485n83ncp118JKroH+8bs5lVOmqOX+8Kvkq7eaDYJyddQCDAJgvLH4Fdc3SB6o7OwNTfWd2X/kdY2CTEY1bBOeYCw13ylIj/ylYuMNWRARPc0+x4YEDzT8dGmFo3Fz7ROZzo6AqkBxNnpuWOvcphAOu71PhIpatg0lLFrOR4BU/ReC8P4CmNIpAKQZk0s3ZVLzP3zWO/ctPhJiUopEks9syEEdtGDZcw4mJuQUwiH1jejSsxFKQ7NVW0ajxNVHu7pVwKgIuXHp5+BHopTuY2z5WVWNn/G124f18+xWlybZyFU+6BM\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 06:05:06 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003dD0812937AA4DB6C181FF0C0B85982A6E~YAAQJHYGF/ni/ISEAQAAytTWvBGsuADN46C9zi/myP/Uz1XsWMpUXIMjG9D70IYwqWFJvljuS7j2mPx1abQ4T691YQzfuyIx3HdkmAQiWH27xdAZ5jv1UF8WEf0onsLXiWmWyoxTMntrnDbGqNXVkJxJSpc6gaXOTqhgL71VWzwGY9yOm2+J57lp/SAO3UScfDkOIte3nZ2fJnzWP8A0tZq8j5BJ3e+r+gDyOjAfEh4ROr1ZxBDCP1IE94xVd070xbsv8Znq2PHXiEDokELx0f649S+puvyZJ8ng63N6ML2D6Dc6OGsJQ59GijNN~4601908~3486789; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 10:05:06 GMT; Max-Age\u003d14400; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d196",
    "origin; dur\u003d105"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"acr":"urn:ibm:security:policy:id:1","amr":["password"],"aud":["5a1f7223-02dd-4e06-95d5-0d8edaf7ea67"],"auth_time":1669615213,"iss":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2","name":"ISV Dev","preferred_username":"isvdev@ibm.com","rat":1669615500,"realmName":"cloudIdentityRealm","sub":"6160017N67"}
2022-11-28 06:05:06 SUCCESS
CallProtectedResource
Got a response from the resource endpoint
status
200
endpoint_name
resource
headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AKcea4965a-3438-4796-b80d-95a1f4ac22cb",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c28163844f9207f0df53",
  "content-length": "324",
  "date": "Mon, 28 Nov 2022 06:05:06 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:PyWulKURR5v/j2GawFXTUb83xf5hznMGfh8U/Bg5hDQ\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:57871319; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003dCD2FB6CEE968D6D4FAEF27B7814DDF91~-1~YAAQJHYGF/ji/ISEAQAAytTWvAivhzeNQQu5D5eNRxvU7yx1/TAu/bKCV370lWjyJp5U6JHVzL3dTqFC8C0Y/d485n83ncp118JKroH+8bs5lVOmqOX+8Kvkq7eaDYJyddQCDAJgvLH4Fdc3SB6o7OwNTfWd2X/kdY2CTEY1bBOeYCw13ylIj/ylYuMNWRARPc0+x4YEDzT8dGmFo3Fz7ROZzo6AqkBxNnpuWOvcphAOu71PhIpatg0lLFrOR4BU/ReC8P4CmNIpAKQZk0s3ZVLzP3zWO/ctPhJiUopEks9syEEdtGDZcw4mJuQUwiH1jejSsxFKQ7NVW0ajxNVHu7pVwKgIuXHp5+BHopTuY2z5WVWNn/G124f18+xWlybZyFU+6BM\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 06:05:06 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003dD0812937AA4DB6C181FF0C0B85982A6E~YAAQJHYGF/ni/ISEAQAAytTWvBGsuADN46C9zi/myP/Uz1XsWMpUXIMjG9D70IYwqWFJvljuS7j2mPx1abQ4T691YQzfuyIx3HdkmAQiWH27xdAZ5jv1UF8WEf0onsLXiWmWyoxTMntrnDbGqNXVkJxJSpc6gaXOTqhgL71VWzwGY9yOm2+J57lp/SAO3UScfDkOIte3nZ2fJnzWP8A0tZq8j5BJ3e+r+gDyOjAfEh4ROr1ZxBDCP1IE94xVd070xbsv8Znq2PHXiEDokELx0f649S+puvyZJ8ng63N6ML2D6Dc6OGsJQ59GijNN~4601908~3486789; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 10:05:06 GMT; Max-Age\u003d14400; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d196",
    "origin; dur\u003d105"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
body
{"acr":"urn:ibm:security:policy:id:1","amr":["password"],"aud":["5a1f7223-02dd-4e06-95d5-0d8edaf7ea67"],"auth_time":1669615213,"iss":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2","name":"ISV Dev","preferred_username":"isvdev@ibm.com","rat":1669615500,"realmName":"cloudIdentityRealm","sub":"6160017N67"}
2022-11-28 06:05:06 SUCCESS
EnsureHttpStatusCodeIs200
resource endpoint returned the expected http status
expected_status
200
http_status
200
Attempting to use refresh_token issued to client 2 with client 1
2022-11-28 06:05:06 SUCCESS
CreateRefreshTokenRequest
Created token endpoint request parameters
grant_type
refresh_token
refresh_token
Pt16xe3yjUaBer5NsJ_oA8yjOksQdwj5MMJRhVr--K0.RiBEw1tJXwzoRAm1tGZaZYH9pECflXqOzDmlpF9rsvsjrsWl90PYUr6CCGm234KR6HW-UhVNvXfrD2H5HELlCw.M18xNjY5NjE1NTA1XzE4
2022-11-28 06:05:06 SUCCESS
AddScopeToTokenEndpointRequest
Added scope of 'openid' to token endpoint request
grant_type
refresh_token
refresh_token
Pt16xe3yjUaBer5NsJ_oA8yjOksQdwj5MMJRhVr--K0.RiBEw1tJXwzoRAm1tGZaZYH9pECflXqOzDmlpF9rsvsjrsWl90PYUr6CCGm234KR6HW-UhVNvXfrD2H5HELlCw.M18xNjY5NjE1NTA1XzE4
scope
openid
2022-11-28 06:05:06 SUCCESS
CreateClientAuthenticationAssertionClaims
Created client assertion claims
iss
95fc743f-0686-4dd9-aa89-44be83f60057
sub
95fc743f-0686-4dd9-aa89-44be83f60057
aud
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/token
jti
FoRmlKSumzU1Mu0w1X9y
iat
1669615506
exp
1669615566
2022-11-28 06:05:06 SUCCESS
SignClientAuthenticationAssertion
Signed the client assertion
client_assertion
eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiI5NWZjNzQzZi0wNjg2LTRkZDktYWE4OS00NGJlODNmNjAwNTciLCJhdWQiOiJodHRwczpcL1wvb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tXC9vYXV0aDJcL3Rva2VuIiwiaXNzIjoiOTVmYzc0M2YtMDY4Ni00ZGQ5LWFhODktNDRiZTgzZjYwMDU3IiwiZXhwIjoxNjY5NjE1NTY2LCJpYXQiOjE2Njk2MTU1MDYsImp0aSI6IkZvUm1sS1N1bXpVMU11MHcxWDl5In0.jxCkT7ymmrnaTErUXcgd2OlFNwNhIv8e-w0fIyHV_cBFlb8kUElCMREapl4D1fHCQxLMS3WdEnlGfBYCXU2hcQYKvqlqnN3QPCcCAh71iOhtdLfZXFHXE0vzfJ0nstPlJUd7jzHZksBKhmrQ9WTh1ZhdQjiIIE46CWoz1LVB5chOGC1AMOsH2gwYsxtNKMWYVIPBhw5sCMeiRRNe_HRyItxdCWEUDdbTCHyN6nprgDoRAqYoFtlo-Pk0qFo0Eut2ZTVJrYY7THgM6_zCzPROLN3Ni-R2X7xP4WKEMhbfXDZblN5Ak2eVz8EzzEpb-OCMx9eicckuWVACRDMkWkm8vg
2022-11-28 06:05:06
AddClientAssertionToTokenEndpointRequest
Added client assertion
grant_type
refresh_token
refresh_token
Pt16xe3yjUaBer5NsJ_oA8yjOksQdwj5MMJRhVr--K0.RiBEw1tJXwzoRAm1tGZaZYH9pECflXqOzDmlpF9rsvsjrsWl90PYUr6CCGm234KR6HW-UhVNvXfrD2H5HELlCw.M18xNjY5NjE1NTA1XzE4
scope
openid
client_assertion
eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiI5NWZjNzQzZi0wNjg2LTRkZDktYWE4OS00NGJlODNmNjAwNTciLCJhdWQiOiJodHRwczpcL1wvb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tXC9vYXV0aDJcL3Rva2VuIiwiaXNzIjoiOTVmYzc0M2YtMDY4Ni00ZGQ5LWFhODktNDRiZTgzZjYwMDU3IiwiZXhwIjoxNjY5NjE1NTY2LCJpYXQiOjE2Njk2MTU1MDYsImp0aSI6IkZvUm1sS1N1bXpVMU11MHcxWDl5In0.jxCkT7ymmrnaTErUXcgd2OlFNwNhIv8e-w0fIyHV_cBFlb8kUElCMREapl4D1fHCQxLMS3WdEnlGfBYCXU2hcQYKvqlqnN3QPCcCAh71iOhtdLfZXFHXE0vzfJ0nstPlJUd7jzHZksBKhmrQ9WTh1ZhdQjiIIE46CWoz1LVB5chOGC1AMOsH2gwYsxtNKMWYVIPBhw5sCMeiRRNe_HRyItxdCWEUDdbTCHyN6nprgDoRAqYoFtlo-Pk0qFo0Eut2ZTVJrYY7THgM6_zCzPROLN3Ni-R2X7xP4WKEMhbfXDZblN5Ak2eVz8EzzEpb-OCMx9eicckuWVACRDMkWkm8vg
client_assertion_type
urn:ietf:params:oauth:client-assertion-type:jwt-bearer
2022-11-28 06:05:06
CallTokenEndpointAndReturnFullResponse
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/token
request_method
POST
request_headers
{
  "accept": "application/json",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "987"
}
request_body
grant_type=refresh_token&refresh_token=Pt16xe3yjUaBer5NsJ_oA8yjOksQdwj5MMJRhVr--K0.RiBEw1tJXwzoRAm1tGZaZYH9pECflXqOzDmlpF9rsvsjrsWl90PYUr6CCGm234KR6HW-UhVNvXfrD2H5HELlCw.M18xNjY5NjE1NTA1XzE4&scope=openid&client_assertion=eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiI5NWZjNzQzZi0wNjg2LTRkZDktYWE4OS00NGJlODNmNjAwNTciLCJhdWQiOiJodHRwczpcL1wvb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tXC9vYXV0aDJcL3Rva2VuIiwiaXNzIjoiOTVmYzc0M2YtMDY4Ni00ZGQ5LWFhODktNDRiZTgzZjYwMDU3IiwiZXhwIjoxNjY5NjE1NTY2LCJpYXQiOjE2Njk2MTU1MDYsImp0aSI6IkZvUm1sS1N1bXpVMU11MHcxWDl5In0.jxCkT7ymmrnaTErUXcgd2OlFNwNhIv8e-w0fIyHV_cBFlb8kUElCMREapl4D1fHCQxLMS3WdEnlGfBYCXU2hcQYKvqlqnN3QPCcCAh71iOhtdLfZXFHXE0vzfJ0nstPlJUd7jzHZksBKhmrQ9WTh1ZhdQjiIIE46CWoz1LVB5chOGC1AMOsH2gwYsxtNKMWYVIPBhw5sCMeiRRNe_HRyItxdCWEUDdbTCHyN6nprgDoRAqYoFtlo-Pk0qFo0Eut2ZTVJrYY7THgM6_zCzPROLN3Ni-R2X7xP4WKEMhbfXDZblN5Ak2eVz8EzzEpb-OCMx9eicckuWVACRDMkWkm8vg&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer
2022-11-28 06:05:07 RESPONSE
CallTokenEndpointAndReturnFullResponse
HTTP response
response_status_code
400 BAD_REQUEST
response_status_text
Bad Request
response_headers
{
  "x-backside-transport": "FAIL FAIL",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AKecfd8235-ebc6-4efc-a956-d5abfd2a9e01",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c28163844f933760ea11",
  "content-length": "157",
  "date": "Mon, 28 Nov 2022 06:05:07 GMT",
  "connection": "close",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:93pN8ATL/nbp8cAhCTn0Al5UsQjbA2qWEvqZlrZtNQA\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:61017047; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d2CC4660FACEFA27A4A2CE6C1ECDDC172~-1~YAAQJHYGF0Hj/ISEAQAAqNfWvAiBK8DwI8QDFDDy3vFXwPw2cqY9Y1I+VEzneIQYMLwRSwqJyFMIkg8lg7yscyGwNjVXGL70FMBdCpFCk0s8YAF1M5FMjIZ853G98EOdZOUzEkOpBfIz2GPISbmcfBbyHGHRjU/yTFcBwHgCAcT+eSCDsQuLpg8NdJwmsBBMYRzwRqKWLzt9RK/uiX6r97eyzjHNRTAi6CHp/SysA7fnQ3SSWaDYzCAsfmm8qk+feInspEAQm9MHyCjKDBtoqtj7ZkHoznjJE7QTjY/ov415JPQLi+I3aFthcocja4Np1H/Im61+Ds8/gwRB9e0ldj6xhdbSNv3TdQ3Ww4e0btjoMyeBh7fD92pnYeI6WKUZUV5HOUY\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 06:05:07 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003dD6B117317F91F0C34B5ABDFE873F1554~YAAQJHYGF0Lj/ISEAQAAqNfWvBHm+lTITsEn2Z+HCA+/rLqzKeBXvDuuAuXa3ctKL9CCgCvmj81Av8IKeBctjhujARv3ko4YFBEIo2Y4gexfDhuzgD8wNyMw/2pa3kxe+ahqbMpd6CK4uFBK7ELUTRUm11RXvp8fJzdxvHjP6xtqD9f1i3K5P76dNRdzz20HLktjoqIvDCzc1j7A+m7onPg0Y+TxmSilWj9X8tZwFR1RO5ytQ15PJKhkNtx2x+cJS/lhiOOZchyoUkckvxvOjaOxlHNjle3Y+Vk6Pz6rMGT1SSUvVJrP7o8POp5T~3160129~4538678; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 10:05:07 GMT; Max-Age\u003d14400; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d161",
    "origin; dur\u003d104"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"error":"invalid_grant","error_description":"CSIAQ5087E The OAuth 2.0 Client ID from this request does not match the ID during the initial token issuance."}
2022-11-28 06:05:07 SUCCESS
CallTokenEndpointAndReturnFullResponse
Parsed token endpoint response
error
invalid_grant
error_description
CSIAQ5087E The OAuth 2.0 Client ID from this request does not match the ID during the initial token issuance.
2022-11-28 06:05:07 SUCCESS
ValidateErrorFromTokenEndpointResponseError
Token endpoint response error returned valid 'error' field
error
invalid_grant
2022-11-28 06:05:07 SUCCESS
CheckTokenEndpointHttpStatus400
Token endpoint http status code was 400
2022-11-28 06:05:07 SUCCESS
CheckTokenEndpointReturnedJsonContentType
token_endpoint_response_headers Content-Type: header is application/json
2022-11-28 06:05:07 SUCCESS
CheckErrorFromTokenEndpointResponseErrorInvalidGrant
Token Endpoint response error returned expected 'error' of 'invalid_grant'
expected
[
  "invalid_grant"
]
2022-11-28 06:05:07 FINISHED
oidcc-refresh-token
Test has run to completion
testmodule_result
PASSED
Unregister dynamically registered client
2022-11-28 06:05:07
UnregisterDynamicallyRegisteredClient
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register/95fc743f-0686-4dd9-aa89-44be83f60057
request_method
DELETE
request_headers
{
  "accept": "application/json",
  "authorization": "Bearer nj_VBoyOGTTKl_P1KPtXszkYZj7yG3_X5hcpzbTCKIE.IbNRvpooiZ-m9nLCgduou1O1gokh8dMZNDSNH1Yd8KeE7qLJ11bFnmbfAgH4SJrIl_6Z01kXb6AGwOn9ET10hA.M18xNjY5NjE1NDcyXzE4",
  "content-length": "0"
}
request_body

                                
2022-11-28 06:05:09 RESPONSE
UnregisterDynamicallyRegisteredClient
HTTP response
response_status_code
204 NO_CONTENT
response_status_text
No Content
response_headers
{
  "x-backside-transport": "OK OK",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AKb2083aa2-2fbf-4178-b1c2-d3199719ece5",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c28163844f933760eb21",
  "date": "Mon, 28 Nov 2022 06:05:09 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:UGfB1Y6puSVaqt7Wg8/t4uhsmb0vZjNAOUUTfbogFZs\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:57871319; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d29A984A42947C981C7AD8B70DA0A2BD4~-1~YAAQJHYGFxnk/ISEAQAAsd/WvAgil/SYUwslvxuoW+wXQ/avYRyg7ctmnXjHtfZo2qGx1U6TqnfoTFCbaGvxtx20pEEr00XLUwkwsN1GX/nBb/CbACNHoo3wGPzSjYqxkI9KRWVUQwlWx5mrlId8k1oUrgK6QJEVMQBWnXM+a6stwoFUz5Ukajb+fgD0AZ5p4dk7sTJpr2PqGtQeI5cO9eZ/CeLkFSzQrfwGslgmxFBE7A0mhLyKmgOwTD+LP1BVdujuHysQLe1OHesIJn7MwOm1mfw2UIZVquSCvNDRiueVlUSLOdRAaXlgy6FMBqs9j4voGcFeAMN7F8RvFfwurxRPv6Fb94cKfIWSIghnFpbFJpDPVixI2ZyM/q6FIH3ZWI9fqI0\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 06:05:09 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d7F5D89EC27964B6D28C0F71F5F55071B~YAAQJHYGFxrk/ISEAQAAsd/WvBHVujKL16XbVTtQNVAr2zV55qrfwd7kOm9WMzQFam5PPe/Ka5cRLPp7+TLPrpkNKSk+iSncGVB2vinqzfJWGIiecNjXxMTF4gv43ttgObti49d3ojhFbH5ikS3Iiif/vDF7iG4VbRMaiqrI66LMx/KmnS92WclKY7FQCk/bO94XVqe7h3uk/AejYF056U4GasHWeva6GPAAX/ngFym1zZ8qesIAH3Y8w/6yr53OsTWF56bYcBDptE7ZLA1WCmAvUujMudL6QknY4dURHR9TWgekGHAtOSCDICUb~3160129~4538678; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 10:05:07 GMT; Max-Age\u003d14398; Secure"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body

                                
2022-11-28 06:05:09 SUCCESS
UnregisterDynamicallyRegisteredClient
Client successfully unregistered
Second client: Unregister dynamically registered client
2022-11-28 06:05:09
UnregisterDynamicallyRegisteredClient
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register/5a1f7223-02dd-4e06-95d5-0d8edaf7ea67
request_method
DELETE
request_headers
{
  "accept": "application/json",
  "authorization": "Bearer awaRMhACOaMsGS7bx9sr_wuoHw5Fp5XX2J7KgDvtY3w.5mWvaw48a4XQAA-6f8ye-sdYz0khERLGP50o5BdAttneueuePLwdjQU8CHWLB1sLLoMcr0ZKZ3heWhgg7QzRbA.M18xNjY5NjE1NDc0XzE4",
  "content-length": "0"
}
request_body

                                
2022-11-28 06:05:11 RESPONSE
UnregisterDynamicallyRegisteredClient
HTTP response
response_status_code
204 NO_CONTENT
response_status_text
No Content
response_headers
{
  "x-backside-transport": "OK OK",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK85db2e12-9e29-4d2f-9123-5b5688a26327",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c28163844f9508353a9d",
  "date": "Mon, 28 Nov 2022 06:05:11 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:r/SIB2ITNCm9cXLalCJvQ/3V5HKCaJjLN6d1bQxrXkY\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:61017047; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d87D012E33EB0E6CCAD904B9F008AE46F~-1~YAAQJHYGF4rk/ISEAQAAF+bWvAhxuMPDzqgUbRuHfiUVyRJDz3sFkzsbsEHT4ysmCexeKOCoHaLc2C+XyF2bAiN1EdJuo/HUmINHTe43wgqwRe2Xxof/8Fp0C917dNPSq2LPotYbsLAEMUkdfPJANDtfJpcoHYHbKJsNKuGm6R9jpJfeath0PZiHFljrcVJ5BiS+18YQqVEM1Hv04SCiecTUyzNwkrH14Rs9085hAxmM2ynnqDUzKXjo7F19WGH5GNbVrj8mFzAJmFmOkBathLh0vNIKX3Y3YmxVogHGNynZe18noSZvaNUPOgxHOmmvkZ9xhChrxdsVh+vdxoYMC6c/tSjtiRE5y8Sn+t5KJvVW3KQko2C0cM+pv0a5UIDig6jAoqg\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 06:05:11 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d5DE8026BC59FC1A63E69D4D814D11770~YAAQJHYGF4vk/ISEAQAAF+bWvBHxlnj+z4aPthAipJEEuPHI0USQkWnHP+5oV/w7azMLqSMyA6IOg03f3UnL5v12q0gnL7kEDmd7tvgCIX7P7a0+ha/vwjzUEIjTWPbfIiJCTq6MlN2nFSiw5fFDrhbAQU/y6t7dNmyXnHFCbADo7Hy+SA3FUWwVRf36i9IRTXlDynglVE6xkTshDTIyKYJ2CgZyAgoUMuSY8k7LhisbF6GEgKOaItaGz8mFeYzk3E1Xu+AE6DYrM81hz8cZSEGj8ptQcdxwgiclwcdFESbavBxwzm2wmvHG+umm~4339782~3749187; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 10:05:09 GMT; Max-Age\u003d14398; Secure"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body

                                
2022-11-28 06:05:11 SUCCESS
UnregisterDynamicallyRegisteredClient
Client successfully unregistered
Test Results