Test Summary

Test Results

Expand All Collapse All
All times are UTC
2022-11-28 04:41:51 INFO
TEST-RUNNER
Test instance 6ZF2SOP4RriVh3E created
baseUrl
https://www.certification.openid.net/test/a/isv_op_oidc_core_test
variant
{
  "client_auth_type": "private_key_jwt",
  "response_type": "code",
  "server_metadata": "discovery",
  "client_registration": "dynamic_client",
  "response_mode": "default"
}
alias
isv_op_oidc_core_test
description
isv_op_oidc_core_test_dynamic_client
planId
SoSRIsRewAttb
config
{
  "server": {
    "discoveryUrl": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/.well-known/openid-configuration",
    "login_hint": "isvdev@ibm.com"
  },
  "client": {
    "client_name": "Ristretto Core Conformance Test Dynamic Client One"
  },
  "client2": {
    "client_name": "Ristretto Core Conformance Test Dynamic Client Two"
  },
  "consent": {},
  "alias": "isv_op_oidc_core_test",
  "description": "isv_op_oidc_core_test_dynamic_client"
}
testName
oidcc-refresh-token
2022-11-28 04:41:51 SUCCESS
CreateRedirectUri
Created redirect URI
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
2022-11-28 04:41:51
GetDynamicServerConfiguration
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/.well-known/openid-configuration
request_method
GET
request_headers
{
  "accept": "text/plain, application/json, application/*+json, */*",
  "content-length": "0"
}
request_body

                                
2022-11-28 04:41:52 RESPONSE
GetDynamicServerConfiguration
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK1b8e2dbf-58d6-4b29-aafa-bae30c075637",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c28163843c10371bb071",
  "vary": "Accept-Encoding",
  "date": "Mon, 28 Nov 2022 04:41:52 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:r9jacnkRQ509kmRjinr9vWg6jSmz/mfiBsp9VXcrX4k\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:54725591; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d4B15A6F631264F45C54C3A2E1816AF85~-1~YAAQJHYGF91a+oSEAQAA8p+KvAgMO/DMyrdFCKOYpiM/FX2OkK0/tjkJFwqBNWRfMnRZtS1euykHiF93Ba/pZT/nfesrmqYTZ3EYZkkEyOImDV7KUSLmgjUKZ1aT2f8JutTIyCs2xld0diC13Ec+pi5LI0FaYtDMNxGvb9JzpdZpYtRj5st54hQ7kZa4C2C2Cmk0bjxn2l6q1ApIq9L+qSnM4/2vhOlskjKHZuQo586AJWUuC/tNrZ2YLJ7e6qQUU8o4bOyT4gmC/jkv8vlUwGaIa2ZroWNxAcHDVPy0yJDN5rTMsh7flO+HsJtLW4sJm4medx0wap4FVacAycJI5xFUnQHjx4ml/T2aYY+/kNGVGxfTcfkSOtZC0cKKUWWGdcFO3DM\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 04:41:52 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d9F960352F3453730F4DB580D6C9236E9~YAAQJHYGF95a+oSEAQAA8p+KvBFn4AiSR4Y5frxcECwIz7aQY4QilP9TMk4q/2eBGKGxN8kaEniwG3s9nX5eFE7oEN/G9bhm+bJZbN27gMJKIlFi/ujoSxMoq/RvZ+l1YohwbRZhIPlj/WgNV4/wvaVDTWDleYfg+NNEYnSz5aUjW3RzvrHIcqzCYkTrvi1ZFbqsh9IUII1NfeDG5rzmYykET4mTvChaXN6q0SQzsSzu/3kGcXQThjdWmag0vgWvjnZ2cPZJp7REpjTTcxLuqYdqPC3wW8RVEOnN2U106EHbZod4ubFIHo93u6As~4471106~3487029; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 08:41:52 GMT; Max-Age\u003d14400; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d100",
    "origin; dur\u003d206"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"issuer":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2","authorization_endpoint":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/authorize","token_endpoint":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/token","introspection_endpoint":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/introspect","userinfo_endpoint":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/userinfo","revocation_endpoint":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/revoke","pushed_authorization_request_endpoint":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/par","registration_endpoint":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register","jwks_uri":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/jwks","response_types_supported":["none","code","token","id_token","code token","code id_token","token id_token","code token id_token"],"response_modes_supported":["query","fragment","form_post","jwt","query.jwt","fragment.jwt","form_post.jwt"],"grant_types_supported":["authorization_code","implicit","password","refresh_token","client_credentials"],"token_endpoint_auth_methods_supported":["client_secret_basic","client_secret_post","private_key_jwt","tls_client_auth"],"authorization_signing_alg_values_supported":["RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512"],"authorization_encryption_alg_values_supported":["none","RSA-OAEP","RSA-OAEP-256"],"authorization_encryption_enc_values_supported":["none","A128GCM","A192GCM","A256GCM"],"id_token_signing_alg_values_supported":["RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512"],"id_token_encryption_alg_values_supported":["none","RSA-OAEP","RSA-OAEP-256"],"id_token_encryption_enc_values_supported":["none","A128GCM","A192GCM","A256GCM"],"userinfo_signing_alg_values_supported":["RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512"],"userinfo_encryption_alg_values_supported":["none","RSA-OAEP","RSA-OAEP-256"],"userinfo_encryption_enc_values_supported":["none","A128GCM","A192GCM","A256GCM"],"token_endpoint_auth_signing_alg_values_supported":["RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512"],"request_object_signing_alg_values_supported":["RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512"],"request_object_encryption_alg_values_supported":["none","RSA-OAEP","RSA-OAEP-256"],"request_object_encryption_enc_values_supported":["none","A128GCM","A192GCM","A256GCM"],"subject_types_supported":["public"],"scopes_supported":["openid","profile","email","phone","address"],"claims_supported":["email","name","mobile_number","department","upn","preferred_username","given_name","tenantId","employee_id","realmName","groupIds","family_name","job_title","uid","iss","acr"],"claim_types_supported":["normal"],"claims_parameter_supported":true,"request_parameter_supported":true,"request_uri_parameter_supported":true,"require_request_uri_registration":true,"tls_client_certificate_bound_access_tokens":true,"mtls_endpoint_aliases":{"introspection_endpoint":"https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/introspect","pushed_authorization_request_endpoint":"https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/par","revocation_endpoint":"https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/revoke","token_endpoint":"https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/token"},"dpop_signing_alg_values_supported":["RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512"]}
2022-11-28 04:41:52 SUCCESS
GetDynamicServerConfiguration
Successfully parsed server configuration
issuer
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2
authorization_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/authorize
token_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/token
introspection_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/introspect
userinfo_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/userinfo
revocation_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/revoke
pushed_authorization_request_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/par
registration_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register
jwks_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/jwks
response_types_supported
[
  "none",
  "code",
  "token",
  "id_token",
  "code token",
  "code id_token",
  "token id_token",
  "code token id_token"
]
response_modes_supported
[
  "query",
  "fragment",
  "form_post",
  "jwt",
  "query.jwt",
  "fragment.jwt",
  "form_post.jwt"
]
grant_types_supported
[
  "authorization_code",
  "implicit",
  "password",
  "refresh_token",
  "client_credentials"
]
token_endpoint_auth_methods_supported
[
  "client_secret_basic",
  "client_secret_post",
  "private_key_jwt",
  "tls_client_auth"
]
authorization_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "PS256",
  "PS384",
  "PS512",
  "ES256",
  "ES384",
  "ES512"
]
authorization_encryption_alg_values_supported
[
  "none",
  "RSA-OAEP",
  "RSA-OAEP-256"
]
authorization_encryption_enc_values_supported
[
  "none",
  "A128GCM",
  "A192GCM",
  "A256GCM"
]
id_token_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "PS256",
  "PS384",
  "PS512",
  "ES256",
  "ES384",
  "ES512"
]
id_token_encryption_alg_values_supported
[
  "none",
  "RSA-OAEP",
  "RSA-OAEP-256"
]
id_token_encryption_enc_values_supported
[
  "none",
  "A128GCM",
  "A192GCM",
  "A256GCM"
]
userinfo_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "PS256",
  "PS384",
  "PS512",
  "ES256",
  "ES384",
  "ES512"
]
userinfo_encryption_alg_values_supported
[
  "none",
  "RSA-OAEP",
  "RSA-OAEP-256"
]
userinfo_encryption_enc_values_supported
[
  "none",
  "A128GCM",
  "A192GCM",
  "A256GCM"
]
token_endpoint_auth_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "PS256",
  "PS384",
  "PS512",
  "ES256",
  "ES384",
  "ES512"
]
request_object_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "PS256",
  "PS384",
  "PS512",
  "ES256",
  "ES384",
  "ES512"
]
request_object_encryption_alg_values_supported
[
  "none",
  "RSA-OAEP",
  "RSA-OAEP-256"
]
request_object_encryption_enc_values_supported
[
  "none",
  "A128GCM",
  "A192GCM",
  "A256GCM"
]
subject_types_supported
[
  "public"
]
scopes_supported
[
  "openid",
  "profile",
  "email",
  "phone",
  "address"
]
claims_supported
[
  "email",
  "name",
  "mobile_number",
  "department",
  "upn",
  "preferred_username",
  "given_name",
  "tenantId",
  "employee_id",
  "realmName",
  "groupIds",
  "family_name",
  "job_title",
  "uid",
  "iss",
  "acr"
]
claim_types_supported
[
  "normal"
]
claims_parameter_supported
true
request_parameter_supported
true
request_uri_parameter_supported
true
require_request_uri_registration
true
tls_client_certificate_bound_access_tokens
true
mtls_endpoint_aliases
{
  "introspection_endpoint": "https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/introspect",
  "pushed_authorization_request_endpoint": "https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/par",
  "revocation_endpoint": "https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/revoke",
  "token_endpoint": "https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/token"
}
dpop_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "PS256",
  "PS384",
  "PS512",
  "ES256",
  "ES384",
  "ES512"
]
2022-11-28 04:41:52 SUCCESS
CheckServerConfiguration
Found required server configuration keys
required
[
  "authorization_endpoint",
  "token_endpoint",
  "issuer"
]
2022-11-28 04:41:52 SUCCESS
ExtractTLSTestValuesFromServerConfiguration
Extracted TLS information from authorization server configuration
registration_endpoint
{
  "testHost": "oidc-conformance.rel.verify.ibmcloudsecurity.com",
  "testPort": 443
}
authorization_endpoint
{
  "testHost": "oidc-conformance.rel.verify.ibmcloudsecurity.com",
  "testPort": 443
}
token_endpoint
{
  "testHost": "oidc-conformance.rel.verify.ibmcloudsecurity.com",
  "testPort": 443
}
userinfo_endpoint
{
  "testHost": "oidc-conformance.rel.verify.ibmcloudsecurity.com",
  "testPort": 443
}
2022-11-28 04:41:52
FetchServerKeys
Fetching server key
jwks_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/jwks
2022-11-28 04:41:52
FetchServerKeys
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/jwks
request_method
GET
request_headers
{
  "accept": "text/plain, application/json, application/*+json, */*",
  "content-length": "0"
}
request_body

                                
2022-11-28 04:41:52 RESPONSE
FetchServerKeys
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK4e61a195-32a7-453f-9c65-71cd52d76f31",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c28163843c10371bb1c1",
  "vary": "Accept-Encoding",
  "date": "Mon, 28 Nov 2022 04:41:52 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:Iur01hYIxyn6hOr/JGVVz9azUlSiw1lEzvYQJQQq0sw\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:57871319; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003dEF62F570B0502EF8C0A5A3D40F5F8365~-1~YAAQJHYGF99a+oSEAQAAZqGKvAjcWLaU4ZWx71HfgsXSKfIac3hr7PgWBs7rBlTnRm9zjDmkiIjxXCTr3/XGWgvvgRuR/cyUkPnDo+JVF7z6D3IvCrxBwSMA4N+tPV42Jc5Nkty+Wff64mb2c3UuNG5sEJYpJ358goHDbkE1qlOe1r7JMzKuv7KEor5zu46sYG0wZWe1/aqFwyuXiSw/mUp4N79oYsoYK0zXGFFrBkf5kEjb4DV6HgpcDiz3vAr8EmYbdRGG/9uskEKVZyQDrrpjFOkyAMKcVzM17lHwWRBAWUxzjN1p19CEejzhclHWRQ2WkdsSoJ/cNi9mM8nZ2EcyBX4lIbfgTuXuYZgYqPlUGB5L+oM9Tx9RG1owkbanennsAjk\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 04:41:52 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d66F6BD44890250B86E8F3FA3150FE94D~YAAQJHYGF+Ba+oSEAQAAZqGKvBG4P/hy/3ZIdjVEjtl2pAsT2crm/YrrTKNrzPdtYS7cwUbirsCswkOBxiug2Ko3eDmCycNiRVqp1hM7yREoyb78qg5WNaIvYWJpvnCNMZVjiIQJC5ydakn7UNEOF9Tl5BgB2/kqGcJFbOX2g32TG50VO9DlGYTf8GYODf53JAg0K8Cjho4BeDLjMJevYlCN8QVaQes7SZVJv+KmQ4hrX9Y2D9WJxWqo0Ofag8OQ0rNeRLJAibliZdCaFOOAA1EIw+4rP2IH9lZqdlWx695fsorbPn3sn3srJ7t2~4471106~3487029; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 08:41:52 GMT; Max-Age\u003d14400; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d99",
    "origin; dur\u003d208"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"keys":[{"kid":"server","kty":"RSA","use":"sig","x5c":["MIIDYDCCAkigAwIBAgIEIFW8uDANBgkqhkiG9w0BAQsFADByMQkwBwYDVQQGEwAxCTAHBgNVBAgTADEJMAcGA1UEBxMAMQkwBwYDVQQKEwAxCTAHBgNVBAsTADE5MDcGA1UEAxMwb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tMB4XDTIyMTExNDA0NDI0MFoXDTMyMTExMTA0NDI0MFowcjEJMAcGA1UEBhMAMQkwBwYDVQQIEwAxCTAHBgNVBAcTADEJMAcGA1UEChMAMQkwBwYDVQQLEwAxOTA3BgNVBAMTMG9pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALBtmxl55OH/ceueSG0bRucWkdCLybhWwz+x9J6IOb8Q89d4lcd7xhdkN+9nYEjqQMDrUEFDj2ajikKlxrJk7tZSkbu5skFuxHUETDhjHBqnNQb1jwhAdYzBPFTyQ9Ii7lm0uYTthnBJKvpvjKPoz7H9Vuu15RNDujq7RF6sDGSIJUTaxbx7EM2Xv37iqfSAjaMCvfLelacNHUfCAoyGeJYXCIOnlg2/KdfoN4QHKw9Dwq12Br2vau/TcvbD8Na4b+Mm/NEf00wFjt+MtbMCDyUFMQbsAuAk2eFS3eABb1VOQ9ZZOOcsXwB4nRewWIVVhJyMEixDXxm73G9oJBUpI6sCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAhvvrczfcb1xsYJeEiVtctWlLfHXyKkfyJpIU1nTGdKpd18tPv4OeLMyuJsOFenhJD95UauFwz3AT1zdHShp04JHWTtkb7aezFN4C9fpb97BUR0BheoYzkC6pgZ7M4QkkKE/AKYZfWLahqcbZ6ICmUfXyDJ2mWpXLpLm+l6jh32NF74ho8h4b65cMpDk5mFEp9vf1WgnmaWGtFjVuhAgaS8IrYcDy3DzVrZX/0kCPa0EXng7Xx1IkhUaKz0ajx3ZCmC6HmNa6U+oDKboGq7w1ZfscjOr8nB9M0f5BUAQN1m0nGAR1Ac96BMjfwwS/05lpPLF3Dv5CzOGLuIi0Cws7xA=="],"x5t#S256":"PVCDmVgwC-YE7Q8Bfe_9jJ8izpYjwStjUEYZEe-58Y4","n":"sG2bGXnk4f9x655IbRtG5xaR0IvJuFbDP7H0nog5vxDz13iVx3vGF2Q372dgSOpAwOtQQUOPZqOKQqXGsmTu1lKRu7myQW7EdQRMOGMcGqc1BvWPCEB1jME8VPJD0iLuWbS5hO2GcEkq-m-Mo-jPsf1W67XlE0O6OrtEXqwMZIglRNrFvHsQzZe_fuKp9ICNowK98t6Vpw0dR8ICjIZ4lhcIg6eWDb8p1-g3hAcrD0PCrXYGva9q79Ny9sPw1rhv4yb80R_TTAWO34y1swIPJQUxBuwC4CTZ4VLd4AFvVU5D1lk45yxfAHidF7BYhVWEnIwSLENfGbvcb2gkFSkjqw","e":"AQAB"}]}
2022-11-28 04:41:52
FetchServerKeys
Found JWK set string
jwk_string
{"keys":[{"kid":"server","kty":"RSA","use":"sig","x5c":["MIIDYDCCAkigAwIBAgIEIFW8uDANBgkqhkiG9w0BAQsFADByMQkwBwYDVQQGEwAxCTAHBgNVBAgTADEJMAcGA1UEBxMAMQkwBwYDVQQKEwAxCTAHBgNVBAsTADE5MDcGA1UEAxMwb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tMB4XDTIyMTExNDA0NDI0MFoXDTMyMTExMTA0NDI0MFowcjEJMAcGA1UEBhMAMQkwBwYDVQQIEwAxCTAHBgNVBAcTADEJMAcGA1UEChMAMQkwBwYDVQQLEwAxOTA3BgNVBAMTMG9pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALBtmxl55OH/ceueSG0bRucWkdCLybhWwz+x9J6IOb8Q89d4lcd7xhdkN+9nYEjqQMDrUEFDj2ajikKlxrJk7tZSkbu5skFuxHUETDhjHBqnNQb1jwhAdYzBPFTyQ9Ii7lm0uYTthnBJKvpvjKPoz7H9Vuu15RNDujq7RF6sDGSIJUTaxbx7EM2Xv37iqfSAjaMCvfLelacNHUfCAoyGeJYXCIOnlg2/KdfoN4QHKw9Dwq12Br2vau/TcvbD8Na4b+Mm/NEf00wFjt+MtbMCDyUFMQbsAuAk2eFS3eABb1VOQ9ZZOOcsXwB4nRewWIVVhJyMEixDXxm73G9oJBUpI6sCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAhvvrczfcb1xsYJeEiVtctWlLfHXyKkfyJpIU1nTGdKpd18tPv4OeLMyuJsOFenhJD95UauFwz3AT1zdHShp04JHWTtkb7aezFN4C9fpb97BUR0BheoYzkC6pgZ7M4QkkKE/AKYZfWLahqcbZ6ICmUfXyDJ2mWpXLpLm+l6jh32NF74ho8h4b65cMpDk5mFEp9vf1WgnmaWGtFjVuhAgaS8IrYcDy3DzVrZX/0kCPa0EXng7Xx1IkhUaKz0ajx3ZCmC6HmNa6U+oDKboGq7w1ZfscjOr8nB9M0f5BUAQN1m0nGAR1Ac96BMjfwwS/05lpPLF3Dv5CzOGLuIi0Cws7xA=="],"x5t#S256":"PVCDmVgwC-YE7Q8Bfe_9jJ8izpYjwStjUEYZEe-58Y4","n":"sG2bGXnk4f9x655IbRtG5xaR0IvJuFbDP7H0nog5vxDz13iVx3vGF2Q372dgSOpAwOtQQUOPZqOKQqXGsmTu1lKRu7myQW7EdQRMOGMcGqc1BvWPCEB1jME8VPJD0iLuWbS5hO2GcEkq-m-Mo-jPsf1W67XlE0O6OrtEXqwMZIglRNrFvHsQzZe_fuKp9ICNowK98t6Vpw0dR8ICjIZ4lhcIg6eWDb8p1-g3hAcrD0PCrXYGva9q79Ny9sPw1rhv4yb80R_TTAWO34y1swIPJQUxBuwC4CTZ4VLd4AFvVU5D1lk45yxfAHidF7BYhVWEnIwSLENfGbvcb2gkFSkjqw","e":"AQAB"}]}
2022-11-28 04:41:52 SUCCESS
FetchServerKeys
Found server JWK set
server_jwks
{
  "keys": [
    {
      "kid": "server",
      "kty": "RSA",
      "use": "sig",
      "x5c": [
        "MIIDYDCCAkigAwIBAgIEIFW8uDANBgkqhkiG9w0BAQsFADByMQkwBwYDVQQGEwAxCTAHBgNVBAgTADEJMAcGA1UEBxMAMQkwBwYDVQQKEwAxCTAHBgNVBAsTADE5MDcGA1UEAxMwb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tMB4XDTIyMTExNDA0NDI0MFoXDTMyMTExMTA0NDI0MFowcjEJMAcGA1UEBhMAMQkwBwYDVQQIEwAxCTAHBgNVBAcTADEJMAcGA1UEChMAMQkwBwYDVQQLEwAxOTA3BgNVBAMTMG9pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALBtmxl55OH/ceueSG0bRucWkdCLybhWwz+x9J6IOb8Q89d4lcd7xhdkN+9nYEjqQMDrUEFDj2ajikKlxrJk7tZSkbu5skFuxHUETDhjHBqnNQb1jwhAdYzBPFTyQ9Ii7lm0uYTthnBJKvpvjKPoz7H9Vuu15RNDujq7RF6sDGSIJUTaxbx7EM2Xv37iqfSAjaMCvfLelacNHUfCAoyGeJYXCIOnlg2/KdfoN4QHKw9Dwq12Br2vau/TcvbD8Na4b+Mm/NEf00wFjt+MtbMCDyUFMQbsAuAk2eFS3eABb1VOQ9ZZOOcsXwB4nRewWIVVhJyMEixDXxm73G9oJBUpI6sCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAhvvrczfcb1xsYJeEiVtctWlLfHXyKkfyJpIU1nTGdKpd18tPv4OeLMyuJsOFenhJD95UauFwz3AT1zdHShp04JHWTtkb7aezFN4C9fpb97BUR0BheoYzkC6pgZ7M4QkkKE/AKYZfWLahqcbZ6ICmUfXyDJ2mWpXLpLm+l6jh32NF74ho8h4b65cMpDk5mFEp9vf1WgnmaWGtFjVuhAgaS8IrYcDy3DzVrZX/0kCPa0EXng7Xx1IkhUaKz0ajx3ZCmC6HmNa6U+oDKboGq7w1ZfscjOr8nB9M0f5BUAQN1m0nGAR1Ac96BMjfwwS/05lpPLF3Dv5CzOGLuIi0Cws7xA\u003d\u003d"
      ],
      "x5t#S256": "PVCDmVgwC-YE7Q8Bfe_9jJ8izpYjwStjUEYZEe-58Y4",
      "n": "sG2bGXnk4f9x655IbRtG5xaR0IvJuFbDP7H0nog5vxDz13iVx3vGF2Q372dgSOpAwOtQQUOPZqOKQqXGsmTu1lKRu7myQW7EdQRMOGMcGqc1BvWPCEB1jME8VPJD0iLuWbS5hO2GcEkq-m-Mo-jPsf1W67XlE0O6OrtEXqwMZIglRNrFvHsQzZe_fuKp9ICNowK98t6Vpw0dR8ICjIZ4lhcIg6eWDb8p1-g3hAcrD0PCrXYGva9q79Ny9sPw1rhv4yb80R_TTAWO34y1swIPJQUxBuwC4CTZ4VLd4AFvVU5D1lk45yxfAHidF7BYhVWEnIwSLENfGbvcb2gkFSkjqw",
      "e": "AQAB"
    }
  ]
}
2022-11-28 04:41:52 SUCCESS
CheckServerKeysIsValid
Server JWKs is valid
server_jwks
{
  "keys": [
    {
      "kid": "server",
      "kty": "RSA",
      "use": "sig",
      "x5c": [
        "MIIDYDCCAkigAwIBAgIEIFW8uDANBgkqhkiG9w0BAQsFADByMQkwBwYDVQQGEwAxCTAHBgNVBAgTADEJMAcGA1UEBxMAMQkwBwYDVQQKEwAxCTAHBgNVBAsTADE5MDcGA1UEAxMwb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tMB4XDTIyMTExNDA0NDI0MFoXDTMyMTExMTA0NDI0MFowcjEJMAcGA1UEBhMAMQkwBwYDVQQIEwAxCTAHBgNVBAcTADEJMAcGA1UEChMAMQkwBwYDVQQLEwAxOTA3BgNVBAMTMG9pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALBtmxl55OH/ceueSG0bRucWkdCLybhWwz+x9J6IOb8Q89d4lcd7xhdkN+9nYEjqQMDrUEFDj2ajikKlxrJk7tZSkbu5skFuxHUETDhjHBqnNQb1jwhAdYzBPFTyQ9Ii7lm0uYTthnBJKvpvjKPoz7H9Vuu15RNDujq7RF6sDGSIJUTaxbx7EM2Xv37iqfSAjaMCvfLelacNHUfCAoyGeJYXCIOnlg2/KdfoN4QHKw9Dwq12Br2vau/TcvbD8Na4b+Mm/NEf00wFjt+MtbMCDyUFMQbsAuAk2eFS3eABb1VOQ9ZZOOcsXwB4nRewWIVVhJyMEixDXxm73G9oJBUpI6sCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAhvvrczfcb1xsYJeEiVtctWlLfHXyKkfyJpIU1nTGdKpd18tPv4OeLMyuJsOFenhJD95UauFwz3AT1zdHShp04JHWTtkb7aezFN4C9fpb97BUR0BheoYzkC6pgZ7M4QkkKE/AKYZfWLahqcbZ6ICmUfXyDJ2mWpXLpLm+l6jh32NF74ho8h4b65cMpDk5mFEp9vf1WgnmaWGtFjVuhAgaS8IrYcDy3DzVrZX/0kCPa0EXng7Xx1IkhUaKz0ajx3ZCmC6HmNa6U+oDKboGq7w1ZfscjOr8nB9M0f5BUAQN1m0nGAR1Ac96BMjfwwS/05lpPLF3Dv5CzOGLuIi0Cws7xA\u003d\u003d"
      ],
      "x5t#S256": "PVCDmVgwC-YE7Q8Bfe_9jJ8izpYjwStjUEYZEe-58Y4",
      "n": "sG2bGXnk4f9x655IbRtG5xaR0IvJuFbDP7H0nog5vxDz13iVx3vGF2Q372dgSOpAwOtQQUOPZqOKQqXGsmTu1lKRu7myQW7EdQRMOGMcGqc1BvWPCEB1jME8VPJD0iLuWbS5hO2GcEkq-m-Mo-jPsf1W67XlE0O6OrtEXqwMZIglRNrFvHsQzZe_fuKp9ICNowK98t6Vpw0dR8ICjIZ4lhcIg6eWDb8p1-g3hAcrD0PCrXYGva9q79Ny9sPw1rhv4yb80R_TTAWO34y1swIPJQUxBuwC4CTZ4VLd4AFvVU5D1lk45yxfAHidF7BYhVWEnIwSLENfGbvcb2gkFSkjqw",
      "e": "AQAB"
    }
  ]
}
2022-11-28 04:41:52 SUCCESS
ValidateServerJWKs
Valid server JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2022-11-28 04:41:52 SUCCESS
CheckForKeyIdInServerJWKs
All keys contain kids
2022-11-28 04:41:52 SUCCESS
CheckDistinctKeyIdValueInServerJWKs
Distinct 'kid' value in all keys of server_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2022-11-28 04:41:52 SUCCESS
EnsureServerJwksDoesNotContainPrivateOrSymmetricKeys
Jwks does not contain any private or symmetric keys
2022-11-28 04:41:52
StoreOriginalClientConfiguration
Created original_client_config object from the client configuration.
client_name
Ristretto Core Conformance Test Dynamic Client One
2022-11-28 04:41:52
ExtractClientNameFromStoredConfig
Extracted client_name from stored client configuration.
client_name
Ristretto Core Conformance Test Dynamic Client One
2022-11-28 04:41:52 SUCCESS
GenerateRS256ClientJWKs
Generated client JWKs
client_jwks
{
  "keys": [
    {
      "p": "9-ZrFQhS3jxJ4rswsz9Bz8cZIUuTAls53ivpHFh-gye6dK3jGdIx8MJcaB8PY-nQudpFcdlxcrKzHOoDn0P2m8uzdVJw-yKdNQ3IP_HJoJ03uzwf3UWKp6NyBSwU6_ujk6QwitU6FdpOdrO2GKYw3Ge2i06dv2D5lputiHm35J8",
      "kty": "RSA",
      "q": "sl1s6n1m1f1kLmNczq3zzAyEYPUWzKPcSD5nAv9nZ4Na0t9FtJ3onr9fiyRXsuJKYRBoI9pDAFkQRAAY0H2f11tqVHvfW7JtTwy23prvrlLelJn2NrF1rI0DPoAp9L8cnUfQ_LqhLbvcvNbsI-EWwBTnKpnrynp0DFVYBV08WFk",
      "d": "AwJ82Ijy4DNMo_NRUaZysDTwiLJu8vDQCWpCFHRsJ3_91lR_Cv4Mi2DCa575CsPpAs-cgz9F_SAuJlZwWSdqDXQZJIFqf38s9dUp7r9WbmRSycb84XNd6Ft_I_4gpS0AsDv2NpUE6I2s2BRGpm72DWQ2dj7csuFJSgFSXAdQrbhDZCNJJVzfcF5qK1KU9lLuAHOR22DOtBCRIi-dRhKxFWF-z4WcSz_oXynRXaKyD8Ymsk_rqNSiYn0IpQ1tqwcuzSZKlXbBU0eK3kMByjxQkKmnhuP_IhQ_jyeZwoH1HRw53CJe-UUxeMv5Tx48aCtXiUfWtRFLWLlpjrhg_Npo4Q",
      "e": "AQAB",
      "use": "sig",
      "qi": "1azEPSwKNrMitZGyQtQ613J3iyuF_nHWqmkySbgiW2yxHcTqcX3T3cUaiEQujXW6C8IXwMwdoDhEDxgQfjxEm-RI23l64TaYbg9JG1JnkP9NFhrqqTz_OymvOaP39qOWyooKUvnNA_NljkcSPp3SCYpunO0IGCNcRxM7QkxLJ6o",
      "dp": "OMyqrF8D3beiljidp_ROd_T-ZQqT3G5ai_UzrDL6icKIjkNpTXlDyA5Abfrv48ym7m58iuFvhQA82dskiVFhJ8E8lR0WlfQQYR-PSld0A0ECi_vysRhF9LMWZOj8wjUd_a4ZETZZ4LfsUnZKussZVubMhI62xirKBSAWWrbI07E",
      "alg": "RS256",
      "dq": "osGxkz-eyQGRmuq8UzRUVQvO-BJtHYsghSO8J_Yay1AHXoiyOKAnFkSW0Ib3J5pqOKwZ-y09GmIq_4H_IrCfXIpkOndWV3w3VnzJmdNThoTD6mGbVEkWkb-TCEM3BcgmOjbAMv2x-eOFByQvEoZgliH81tjhWj_nCSIPUcXEPPE",
      "n": "rLiuoc2nfK0_DBh-pdUJHQ72Dh2Cxhx23DL_Q1zxMAEySSdQIzcKobF-9uWyYQ3ZKAqbw9__MVrZjya17uj0_HJ1mXTK2kQ_48hai0TcEo0KyFso5ZqIO37EQb3KCyElfTtH2xB5Zz-HV604pj7gP0ZbHXBLtgVq_lf0pVz20SRvn3TBWVglfAA7pwPuoIUJh8AZje0TyZIo02QtK_QTCOpIOk_FNzXS_0-STNTdETKGLEYDQ6_KRl1pc8RGnJEIEy-peIiO4cn9HEMNyp4jqxezCm9NXm2kTsGvvwMqDDMuws-QcsCHu0GkUZfRd4gbDqIw9KSIEWYT87KL38kjRw"
    }
  ]
}
public_client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "alg": "RS256",
      "n": "rLiuoc2nfK0_DBh-pdUJHQ72Dh2Cxhx23DL_Q1zxMAEySSdQIzcKobF-9uWyYQ3ZKAqbw9__MVrZjya17uj0_HJ1mXTK2kQ_48hai0TcEo0KyFso5ZqIO37EQb3KCyElfTtH2xB5Zz-HV604pj7gP0ZbHXBLtgVq_lf0pVz20SRvn3TBWVglfAA7pwPuoIUJh8AZje0TyZIo02QtK_QTCOpIOk_FNzXS_0-STNTdETKGLEYDQ6_KRl1pc8RGnJEIEy-peIiO4cn9HEMNyp4jqxezCm9NXm2kTsGvvwMqDDMuws-QcsCHu0GkUZfRd4gbDqIw9KSIEWYT87KL38kjRw"
    }
  ]
}
2022-11-28 04:41:52 SUCCESS
CheckDistinctKeyIdValueInClientJWKs
Distinct 'kid' value in all keys of client_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2022-11-28 04:41:52
CreateEmptyDynamicRegistrationRequest
Created empty dynamic registration request
2022-11-28 04:41:52
AddClientNameToDynamicRegistrationRequest
Added client_name to registration request
client_name
Ristretto Core Conformance Test Dynamic Client One 6ZF2SOP4RriVh3E
2022-11-28 04:41:52
AddAuthorizationCodeGrantTypeToDynamicRegistrationRequest
Added 'authorization_code' to 'grant_types'
grant_types
[
  "authorization_code"
]
2022-11-28 04:41:52
AddPublicJwksToDynamicRegistrationRequest
Added client public JWKS to dynamic registration request
dynamic_registration_request
{
  "client_name": "Ristretto Core Conformance Test Dynamic Client One 6ZF2SOP4RriVh3E",
  "grant_types": [
    "authorization_code"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "rLiuoc2nfK0_DBh-pdUJHQ72Dh2Cxhx23DL_Q1zxMAEySSdQIzcKobF-9uWyYQ3ZKAqbw9__MVrZjya17uj0_HJ1mXTK2kQ_48hai0TcEo0KyFso5ZqIO37EQb3KCyElfTtH2xB5Zz-HV604pj7gP0ZbHXBLtgVq_lf0pVz20SRvn3TBWVglfAA7pwPuoIUJh8AZje0TyZIo02QtK_QTCOpIOk_FNzXS_0-STNTdETKGLEYDQ6_KRl1pc8RGnJEIEy-peIiO4cn9HEMNyp4jqxezCm9NXm2kTsGvvwMqDDMuws-QcsCHu0GkUZfRd4gbDqIw9KSIEWYT87KL38kjRw"
      }
    ]
  }
}
2022-11-28 04:41:52
AddTokenEndpointAuthMethodToDynamicRegistrationRequestFromEnvironment
Added token endpoint auth method to dynamic registration request
dynamic_registration_request
{
  "client_name": "Ristretto Core Conformance Test Dynamic Client One 6ZF2SOP4RriVh3E",
  "grant_types": [
    "authorization_code"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "rLiuoc2nfK0_DBh-pdUJHQ72Dh2Cxhx23DL_Q1zxMAEySSdQIzcKobF-9uWyYQ3ZKAqbw9__MVrZjya17uj0_HJ1mXTK2kQ_48hai0TcEo0KyFso5ZqIO37EQb3KCyElfTtH2xB5Zz-HV604pj7gP0ZbHXBLtgVq_lf0pVz20SRvn3TBWVglfAA7pwPuoIUJh8AZje0TyZIo02QtK_QTCOpIOk_FNzXS_0-STNTdETKGLEYDQ6_KRl1pc8RGnJEIEy-peIiO4cn9HEMNyp4jqxezCm9NXm2kTsGvvwMqDDMuws-QcsCHu0GkUZfRd4gbDqIw9KSIEWYT87KL38kjRw"
      }
    ]
  },
  "token_endpoint_auth_method": "private_key_jwt"
}
2022-11-28 04:41:52
AddResponseTypesArrayToDynamicRegistrationRequestFromEnvironment
Added response_types array to dynamic registration request
dynamic_registration_request
{
  "client_name": "Ristretto Core Conformance Test Dynamic Client One 6ZF2SOP4RriVh3E",
  "grant_types": [
    "authorization_code"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "rLiuoc2nfK0_DBh-pdUJHQ72Dh2Cxhx23DL_Q1zxMAEySSdQIzcKobF-9uWyYQ3ZKAqbw9__MVrZjya17uj0_HJ1mXTK2kQ_48hai0TcEo0KyFso5ZqIO37EQb3KCyElfTtH2xB5Zz-HV604pj7gP0ZbHXBLtgVq_lf0pVz20SRvn3TBWVglfAA7pwPuoIUJh8AZje0TyZIo02QtK_QTCOpIOk_FNzXS_0-STNTdETKGLEYDQ6_KRl1pc8RGnJEIEy-peIiO4cn9HEMNyp4jqxezCm9NXm2kTsGvvwMqDDMuws-QcsCHu0GkUZfRd4gbDqIw9KSIEWYT87KL38kjRw"
      }
    ]
  },
  "token_endpoint_auth_method": "private_key_jwt",
  "response_types": [
    "code"
  ]
}
2022-11-28 04:41:52
AddRedirectUriToDynamicRegistrationRequest
Added redirect_uris array to dynamic registration request
dynamic_registration_request
{
  "client_name": "Ristretto Core Conformance Test Dynamic Client One 6ZF2SOP4RriVh3E",
  "grant_types": [
    "authorization_code"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "rLiuoc2nfK0_DBh-pdUJHQ72Dh2Cxhx23DL_Q1zxMAEySSdQIzcKobF-9uWyYQ3ZKAqbw9__MVrZjya17uj0_HJ1mXTK2kQ_48hai0TcEo0KyFso5ZqIO37EQb3KCyElfTtH2xB5Zz-HV604pj7gP0ZbHXBLtgVq_lf0pVz20SRvn3TBWVglfAA7pwPuoIUJh8AZje0TyZIo02QtK_QTCOpIOk_FNzXS_0-STNTdETKGLEYDQ6_KRl1pc8RGnJEIEy-peIiO4cn9HEMNyp4jqxezCm9NXm2kTsGvvwMqDDMuws-QcsCHu0GkUZfRd4gbDqIw9KSIEWYT87KL38kjRw"
      }
    ]
  },
  "token_endpoint_auth_method": "private_key_jwt",
  "response_types": [
    "code"
  ],
  "redirect_uris": [
    "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"
  ]
}
2022-11-28 04:41:52
AddContactsToDynamicRegistrationRequest
Added contacts array to dynamic registration request
dynamic_registration_request
{
  "client_name": "Ristretto Core Conformance Test Dynamic Client One 6ZF2SOP4RriVh3E",
  "grant_types": [
    "authorization_code"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "rLiuoc2nfK0_DBh-pdUJHQ72Dh2Cxhx23DL_Q1zxMAEySSdQIzcKobF-9uWyYQ3ZKAqbw9__MVrZjya17uj0_HJ1mXTK2kQ_48hai0TcEo0KyFso5ZqIO37EQb3KCyElfTtH2xB5Zz-HV604pj7gP0ZbHXBLtgVq_lf0pVz20SRvn3TBWVglfAA7pwPuoIUJh8AZje0TyZIo02QtK_QTCOpIOk_FNzXS_0-STNTdETKGLEYDQ6_KRl1pc8RGnJEIEy-peIiO4cn9HEMNyp4jqxezCm9NXm2kTsGvvwMqDDMuws-QcsCHu0GkUZfRd4gbDqIw9KSIEWYT87KL38kjRw"
      }
    ]
  },
  "token_endpoint_auth_method": "private_key_jwt",
  "response_types": [
    "code"
  ],
  "redirect_uris": [
    "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"
  ],
  "contacts": [
    "certification@oidf.org"
  ]
}
2022-11-28 04:41:52
AddRefreshTokenGrantTypeToDynamicRegistrationRequest
Added 'refresh_token' to 'grant_types'
grant_types
[
  "authorization_code",
  "refresh_token"
]
2022-11-28 04:41:52
CallDynamicRegistrationEndpoint
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register
request_method
POST
request_headers
{
  "accept": "application/json",
  "accept-charset": "utf-8",
  "content-type": "application/json",
  "content-length": "761"
}
request_body
{"client_name":"Ristretto Core Conformance Test Dynamic Client One 6ZF2SOP4RriVh3E","grant_types":["authorization_code","refresh_token"],"jwks":{"keys":[{"kty":"RSA","e":"AQAB","use":"sig","alg":"RS256","n":"rLiuoc2nfK0_DBh-pdUJHQ72Dh2Cxhx23DL_Q1zxMAEySSdQIzcKobF-9uWyYQ3ZKAqbw9__MVrZjya17uj0_HJ1mXTK2kQ_48hai0TcEo0KyFso5ZqIO37EQb3KCyElfTtH2xB5Zz-HV604pj7gP0ZbHXBLtgVq_lf0pVz20SRvn3TBWVglfAA7pwPuoIUJh8AZje0TyZIo02QtK_QTCOpIOk_FNzXS_0-STNTdETKGLEYDQ6_KRl1pc8RGnJEIEy-peIiO4cn9HEMNyp4jqxezCm9NXm2kTsGvvwMqDDMuws-QcsCHu0GkUZfRd4gbDqIw9KSIEWYT87KL38kjRw"}]},"token_endpoint_auth_method":"private_key_jwt","response_types":["code"],"redirect_uris":["https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"],"contacts":["certification@oidf.org"]}
2022-11-28 04:42:07 RESPONSE
CallDynamicRegistrationEndpoint
HTTP response
response_status_code
201 CREATED
response_status_text
Created
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AKfbd0ad23-ba6f-48b6-98ac-c8ca61eeac0f",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c28163843c10218a7175",
  "content-length": "1429",
  "date": "Mon, 28 Nov 2022 04:42:07 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:31c6zV/UyXkRrEzZjeijE1sYsdIgzSfNlqF2zjr1OBI\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:57871319; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d7105BCEA8693AE0BAF0FD9F488A695F2~-1~YAAQJHYGFwNd+oSEAQAAT9qKvAj+5HIyFSuF/sAasVYXWitSCMupHB8+0ThRNlRSi7qbDAUATOQlagN2aBhHQgzq+CMoSwPk/I3fRfgewNt8ikS8eWTXZ4EgfaJB0U9tkVGCON3utXtTylPv0coq6/BtzWXpeQ68T3653R694CzlXkzQZkpEE3qkBpl5dSFCCWTFoI+toSQC/wAeV4JhDaZc9fUxp68HHvwKHyWVAbsYBqdcHQLpmy4gE3N6hmCGQdkXd0Q3JWTQYTLbGy5dteuWRYos4SP2PDfxZe/1lZyv46EVJIl4d4q6uJpGSZAUX1CFLlu6iueBLwwaTpGoecSTKoce62ib9JfVZ3bU7wCKYbOb9qWYuLwGz35tZl7dv4XXMgE\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 04:42:07 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d715302C7B6DC61605BA731A8402E7424~YAAQJHYGFwRd+oSEAQAAT9qKvBH1UvwoUgQdMSFN5O1PCXOM8MBq4QzZQaGk5CHfXbJZvxcKvajsIv56tE9DV4f7uCWImrJFh4s0KQwE5NsxvIZJE9NdTY7Abzf5TenkAVSE6R4cghBe7ScLaZXQgcdkoRahrCPEU7HeBIeJsGBZo4QJP6x9J0Q2iUQYFw8lqShrzHnWnk2Uizgn0OdIWpRQKccV45giXIozKXgaVpl1ELeZz1krQ3LqGQpuAscC7N1g8kxkrL8iDlRJWklfoRA3ab2Kuidf4UApAcG/MRfxkkgmImuIjzEjdLe7~4471106~3487029; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 08:41:52 GMT; Max-Age\u003d14385; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d342",
    "origin; dur\u003d14065"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"all_users_entitled":true,"client_id":"8be5f65f-bf8c-4d8e-84bf-c8263cdcb364","client_id_issued_at":"2022-11-28T04:41:54Z","client_name":"Ristretto Core Conformance Test Dynamic Client One 6ZF2SOP4RriVh3E","client_secret":"nOpwk8o7dv","client_secret_expires_at":0,"consent_action":"always_prompt","enforce_pkce":false,"grant_types":["authorization_code","refresh_token"],"id_token_map":[],"id_token_signed_response_alg":"RS256","initiate_login_uri":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com","jwks":{"keys":[{"use":"sig","kty":"RSA","alg":"RS256","n":"rLiuoc2nfK0_DBh-pdUJHQ72Dh2Cxhx23DL_Q1zxMAEySSdQIzcKobF-9uWyYQ3ZKAqbw9__MVrZjya17uj0_HJ1mXTK2kQ_48hai0TcEo0KyFso5ZqIO37EQb3KCyElfTtH2xB5Zz-HV604pj7gP0ZbHXBLtgVq_lf0pVz20SRvn3TBWVglfAA7pwPuoIUJh8AZje0TyZIo02QtK_QTCOpIOk_FNzXS_0-STNTdETKGLEYDQ6_KRl1pc8RGnJEIEy-peIiO4cn9HEMNyp4jqxezCm9NXm2kTsGvvwMqDDMuws-QcsCHu0GkUZfRd4gbDqIw9KSIEWYT87KL38kjRw","e":"AQAB"}]},"redirect_uris":["https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"],"registration_access_token":"ZmlgtNvqRYagzJmS0HH2dHO9US37zMllQY8ONYSBnWQ.eHX-nyA5vnmqdZtmbMHckwF_927V8yeYoDqLMq1iA1CrxMcdmyuuhwi4LtfhcDmYYjcWfPa2gGMjwo3Qnyw31A.M18xNjY5NjEwNTI2XzE4","registration_client_uri":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register/8be5f65f-bf8c-4d8e-84bf-c8263cdcb364","response_types":["code"],"token_endpoint_auth_method":"private_key_jwt","token_map":[]}
2022-11-28 04:42:07
CallDynamicRegistrationEndpoint
Parsed registration endpoint response
status
201
endpoint_name
dynamic registration
headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AKfbd0ad23-ba6f-48b6-98ac-c8ca61eeac0f",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c28163843c10218a7175",
  "content-length": "1429",
  "date": "Mon, 28 Nov 2022 04:42:07 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:31c6zV/UyXkRrEzZjeijE1sYsdIgzSfNlqF2zjr1OBI\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:57871319; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d7105BCEA8693AE0BAF0FD9F488A695F2~-1~YAAQJHYGFwNd+oSEAQAAT9qKvAj+5HIyFSuF/sAasVYXWitSCMupHB8+0ThRNlRSi7qbDAUATOQlagN2aBhHQgzq+CMoSwPk/I3fRfgewNt8ikS8eWTXZ4EgfaJB0U9tkVGCON3utXtTylPv0coq6/BtzWXpeQ68T3653R694CzlXkzQZkpEE3qkBpl5dSFCCWTFoI+toSQC/wAeV4JhDaZc9fUxp68HHvwKHyWVAbsYBqdcHQLpmy4gE3N6hmCGQdkXd0Q3JWTQYTLbGy5dteuWRYos4SP2PDfxZe/1lZyv46EVJIl4d4q6uJpGSZAUX1CFLlu6iueBLwwaTpGoecSTKoce62ib9JfVZ3bU7wCKYbOb9qWYuLwGz35tZl7dv4XXMgE\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 04:42:07 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d715302C7B6DC61605BA731A8402E7424~YAAQJHYGFwRd+oSEAQAAT9qKvBH1UvwoUgQdMSFN5O1PCXOM8MBq4QzZQaGk5CHfXbJZvxcKvajsIv56tE9DV4f7uCWImrJFh4s0KQwE5NsxvIZJE9NdTY7Abzf5TenkAVSE6R4cghBe7ScLaZXQgcdkoRahrCPEU7HeBIeJsGBZo4QJP6x9J0Q2iUQYFw8lqShrzHnWnk2Uizgn0OdIWpRQKccV45giXIozKXgaVpl1ELeZz1krQ3LqGQpuAscC7N1g8kxkrL8iDlRJWklfoRA3ab2Kuidf4UApAcG/MRfxkkgmImuIjzEjdLe7~4471106~3487029; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 08:41:52 GMT; Max-Age\u003d14385; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d342",
    "origin; dur\u003d14065"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
body
{"all_users_entitled":true,"client_id":"8be5f65f-bf8c-4d8e-84bf-c8263cdcb364","client_id_issued_at":"2022-11-28T04:41:54Z","client_name":"Ristretto Core Conformance Test Dynamic Client One 6ZF2SOP4RriVh3E","client_secret":"nOpwk8o7dv","client_secret_expires_at":0,"consent_action":"always_prompt","enforce_pkce":false,"grant_types":["authorization_code","refresh_token"],"id_token_map":[],"id_token_signed_response_alg":"RS256","initiate_login_uri":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com","jwks":{"keys":[{"use":"sig","kty":"RSA","alg":"RS256","n":"rLiuoc2nfK0_DBh-pdUJHQ72Dh2Cxhx23DL_Q1zxMAEySSdQIzcKobF-9uWyYQ3ZKAqbw9__MVrZjya17uj0_HJ1mXTK2kQ_48hai0TcEo0KyFso5ZqIO37EQb3KCyElfTtH2xB5Zz-HV604pj7gP0ZbHXBLtgVq_lf0pVz20SRvn3TBWVglfAA7pwPuoIUJh8AZje0TyZIo02QtK_QTCOpIOk_FNzXS_0-STNTdETKGLEYDQ6_KRl1pc8RGnJEIEy-peIiO4cn9HEMNyp4jqxezCm9NXm2kTsGvvwMqDDMuws-QcsCHu0GkUZfRd4gbDqIw9KSIEWYT87KL38kjRw","e":"AQAB"}]},"redirect_uris":["https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"],"registration_access_token":"ZmlgtNvqRYagzJmS0HH2dHO9US37zMllQY8ONYSBnWQ.eHX-nyA5vnmqdZtmbMHckwF_927V8yeYoDqLMq1iA1CrxMcdmyuuhwi4LtfhcDmYYjcWfPa2gGMjwo3Qnyw31A.M18xNjY5NjEwNTI2XzE4","registration_client_uri":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register/8be5f65f-bf8c-4d8e-84bf-c8263cdcb364","response_types":["code"],"token_endpoint_auth_method":"private_key_jwt","token_map":[]}
body_json
{
  "all_users_entitled": true,
  "client_id": "8be5f65f-bf8c-4d8e-84bf-c8263cdcb364",
  "client_id_issued_at": "2022-11-28T04:41:54Z",
  "client_name": "Ristretto Core Conformance Test Dynamic Client One 6ZF2SOP4RriVh3E",
  "client_secret": "nOpwk8o7dv",
  "client_secret_expires_at": 0,
  "consent_action": "always_prompt",
  "enforce_pkce": false,
  "grant_types": [
    "authorization_code",
    "refresh_token"
  ],
  "id_token_map": [],
  "id_token_signed_response_alg": "RS256",
  "initiate_login_uri": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com",
  "jwks": {
    "keys": [
      {
        "use": "sig",
        "kty": "RSA",
        "alg": "RS256",
        "n": "rLiuoc2nfK0_DBh-pdUJHQ72Dh2Cxhx23DL_Q1zxMAEySSdQIzcKobF-9uWyYQ3ZKAqbw9__MVrZjya17uj0_HJ1mXTK2kQ_48hai0TcEo0KyFso5ZqIO37EQb3KCyElfTtH2xB5Zz-HV604pj7gP0ZbHXBLtgVq_lf0pVz20SRvn3TBWVglfAA7pwPuoIUJh8AZje0TyZIo02QtK_QTCOpIOk_FNzXS_0-STNTdETKGLEYDQ6_KRl1pc8RGnJEIEy-peIiO4cn9HEMNyp4jqxezCm9NXm2kTsGvvwMqDDMuws-QcsCHu0GkUZfRd4gbDqIw9KSIEWYT87KL38kjRw",
        "e": "AQAB"
      }
    ]
  },
  "redirect_uris": [
    "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"
  ],
  "registration_access_token": "ZmlgtNvqRYagzJmS0HH2dHO9US37zMllQY8ONYSBnWQ.eHX-nyA5vnmqdZtmbMHckwF_927V8yeYoDqLMq1iA1CrxMcdmyuuhwi4LtfhcDmYYjcWfPa2gGMjwo3Qnyw31A.M18xNjY5NjEwNTI2XzE4",
  "registration_client_uri": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register/8be5f65f-bf8c-4d8e-84bf-c8263cdcb364",
  "response_types": [
    "code"
  ],
  "token_endpoint_auth_method": "private_key_jwt",
  "token_map": []
}
2022-11-28 04:42:07 SUCCESS
EnsureContentTypeJson
endpoint_response Content-Type: header is application/json
2022-11-28 04:42:07 SUCCESS
EnsureHttpStatusCodeIs201
dynamic registration endpoint returned the expected http status
expected_status
201
http_status
201
2022-11-28 04:42:07 SUCCESS
CheckNoErrorFromDynamicRegistrationEndpoint
Dynamic registration endpoint did not return an error.
2022-11-28 04:42:07 SUCCESS
ExtractDynamicRegistrationResponse
Extracted client from dynamic registration response
client_id
8be5f65f-bf8c-4d8e-84bf-c8263cdcb364
2022-11-28 04:42:07 SUCCESS
VerifyClientManagementCredentials
Verified dynamic registration management credentials
registration_client_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register/8be5f65f-bf8c-4d8e-84bf-c8263cdcb364
registration_access_token
ZmlgtNvqRYagzJmS0HH2dHO9US37zMllQY8ONYSBnWQ.eHX-nyA5vnmqdZtmbMHckwF_927V8yeYoDqLMq1iA1CrxMcdmyuuhwi4LtfhcDmYYjcWfPa2gGMjwo3Qnyw31A.M18xNjY5NjEwNTI2XzE4
2022-11-28 04:42:07
SetScopeInClientConfigurationToOpenId
Set scope in client configuration to "openid"
scope
openid
2022-11-28 04:42:07
SetScopeInClientConfigurationToOpenIdOfflineAccessIfServerSupportsOfflineAccess
scopes supported does not contain 'offline_access' so not adding it to the list of scopes to be requested
scopes_supported
[
  "openid",
  "profile",
  "email",
  "phone",
  "address"
]
2022-11-28 04:42:07 SUCCESS
EnsureServerConfigurationSupportsPrivateKeyJwt
Found supported private_key_jwt method
method
private_key_jwt
2022-11-28 04:42:07
StoreOriginalClient2Configuration
Created original_client_config object from the client configuration.
client_name
Ristretto Core Conformance Test Dynamic Client Two
2022-11-28 04:42:07
ExtractClientNameFromStoredConfig
Extracted client_name from stored client configuration.
client_name
Ristretto Core Conformance Test Dynamic Client Two
2022-11-28 04:42:07 SUCCESS
GenerateRS256ClientJWKs
Generated client JWKs
client_jwks
{
  "keys": [
    {
      "p": "u34GXyFc1-HOQxA7l6vZExCwFCVqhHsHk9tkz1pp7LduswVt4YzufGPUCQlJxuGIUFyZXxj0K7veKqnqFmXyu0LXaOnNpbZYeKLMKxAXOwcO1JnNA2ZxDuP9WK9IY_KBHoT6Nm_JEdSu4c43D4SRmG3GYaeB-8sf7Los0JwMb3U",
      "kty": "RSA",
      "q": "tGoLud2XotpX5KUttSfM-jtuanZRAgMBAH6cQ7BRJy42WQVNHXLnxc6_TlMdFKWx33O-bD_vjynm2q3_D7IVbbiSpaZGFP8y_ftU9dP64S2JjDKUokfnGQf7-8lRpESCXVZDj_yEmZwaesqSn10qk9Bfh2P9dqpXx2JJ1Vps888",
      "d": "SkH1ZuUs9b05n8lzbSUJ-VN-wD3j4PGASQbINLl9BypvA7i998v9SjbDEHuaO2sjWLvSZwGJXbkxYGgf_HcdZac23SNMtikpH5Ld0RmO-xGfEbzhcIx9jJZRGTfFJx6oCgUq18IWskPs17uAl6sknd3EiUgyQGe36dx-20KvyeqF63jDYkUiHleQZwXiF3kMilj3kFi8aq8UvoKm9DIWUAJusmJ7f0_IQOyhXTYWPJwm75TOd0zUdvdEUHteZC2wm5Le_qnMJPlnQTNArdiKTlHvs2ncWUp7LRv2ryCTOiV8Ks5okN-IO8gyrfCSoWbTOG4ri4NgXPLon07zJGJJqQ",
      "e": "AQAB",
      "use": "sig",
      "qi": "oDbMZt5iBBqc9nq0529pTampMWAqTcKBdyxPcAOjskPbl7ANBrwYx5586hhZZOzOMFl9zAXJP70It2Jq02OiDRi7V3_RWmnwKcd06Ho8y_RBYk08EN7Wxp2LNEuZQqvYf-WORYo-apZyNQEn-09zqGYV5Jj23Lj5O2Uk2YlRPsg",
      "dp": "mha_280Kha3hm4Iqx8MHG0EaxOPfP9Pw7VZg6n0PEunKQ7zRio4NrhNJPsfwZ1ARfKIttldGzO6QbxXH-fJ9Y-NSL7n_NhK_cR2ymC2YOf3Z9WYVdJbrkeZT31_nKaUy8scs8DI82LenppKY89rq4ZBOexF0pWBR83cqv6OQIMU",
      "alg": "RS256",
      "dq": "SEa_odt7Vxuf4JKn6A4k2Q6cInx54ZNwgFE4qwlkyYyC61DrXuPcpGs6SteTK-VhiAJnhBhtEW6Y9HyGVTRjz0wFO-WL5_eA5y0cEUu2EyXaF9dfok-p7mY7ddhmI6fqjhf0AygHuz5FgXHMIZoCZ6svyh6tuS9u8QqYR6ftRBM",
      "n": "hCJHQBF8o4XNiALbs2gp3AUIZsp5R_Epc1Nv-o_9AHnRkhSZgJSAaHR5aLPYtUFOjHB7zBBvGCS_teN2mnOTIU4NeQwH0px7egvzbtaDFHzgay3OXkdCSDdsJGZUjdkOeBL-xrK_GqVu_ikUqJfxjLR72rGkUyvlSukBVvwCupdq38wVI3anes26GcfrmnIU93hxSTy1dDVvZF0KuI2m1bZGlEO4ygw05h4OxicBP1URnIDKKM6SEymc5NxxLcRlhGwVXwge0WnvV1AGFv4rdhCzhUs-WLYB0Lw5p_OQ6y4JuLbi1t8noyPj8PAcQd2t6oqOSbEdnwxh3Y6VIzYumw"
    }
  ]
}
public_client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "alg": "RS256",
      "n": "hCJHQBF8o4XNiALbs2gp3AUIZsp5R_Epc1Nv-o_9AHnRkhSZgJSAaHR5aLPYtUFOjHB7zBBvGCS_teN2mnOTIU4NeQwH0px7egvzbtaDFHzgay3OXkdCSDdsJGZUjdkOeBL-xrK_GqVu_ikUqJfxjLR72rGkUyvlSukBVvwCupdq38wVI3anes26GcfrmnIU93hxSTy1dDVvZF0KuI2m1bZGlEO4ygw05h4OxicBP1URnIDKKM6SEymc5NxxLcRlhGwVXwge0WnvV1AGFv4rdhCzhUs-WLYB0Lw5p_OQ6y4JuLbi1t8noyPj8PAcQd2t6oqOSbEdnwxh3Y6VIzYumw"
    }
  ]
}
2022-11-28 04:42:07 SUCCESS
CheckDistinctKeyIdValueInClientJWKs
Distinct 'kid' value in all keys of client_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2022-11-28 04:42:07
CreateEmptyDynamicRegistrationRequest
Created empty dynamic registration request
2022-11-28 04:42:07
AddClientNameToDynamicRegistrationRequest
Added client_name to registration request
client_name
Ristretto Core Conformance Test Dynamic Client Two 6ZF2SOP4RriVh3E
2022-11-28 04:42:07
AddAuthorizationCodeGrantTypeToDynamicRegistrationRequest
Added 'authorization_code' to 'grant_types'
grant_types
[
  "authorization_code"
]
2022-11-28 04:42:07
AddPublicJwksToDynamicRegistrationRequest
Added client public JWKS to dynamic registration request
dynamic_registration_request
{
  "client_name": "Ristretto Core Conformance Test Dynamic Client Two 6ZF2SOP4RriVh3E",
  "grant_types": [
    "authorization_code"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "hCJHQBF8o4XNiALbs2gp3AUIZsp5R_Epc1Nv-o_9AHnRkhSZgJSAaHR5aLPYtUFOjHB7zBBvGCS_teN2mnOTIU4NeQwH0px7egvzbtaDFHzgay3OXkdCSDdsJGZUjdkOeBL-xrK_GqVu_ikUqJfxjLR72rGkUyvlSukBVvwCupdq38wVI3anes26GcfrmnIU93hxSTy1dDVvZF0KuI2m1bZGlEO4ygw05h4OxicBP1URnIDKKM6SEymc5NxxLcRlhGwVXwge0WnvV1AGFv4rdhCzhUs-WLYB0Lw5p_OQ6y4JuLbi1t8noyPj8PAcQd2t6oqOSbEdnwxh3Y6VIzYumw"
      }
    ]
  }
}
2022-11-28 04:42:07
AddTokenEndpointAuthMethodToDynamicRegistrationRequestFromEnvironment
Added token endpoint auth method to dynamic registration request
dynamic_registration_request
{
  "client_name": "Ristretto Core Conformance Test Dynamic Client Two 6ZF2SOP4RriVh3E",
  "grant_types": [
    "authorization_code"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "hCJHQBF8o4XNiALbs2gp3AUIZsp5R_Epc1Nv-o_9AHnRkhSZgJSAaHR5aLPYtUFOjHB7zBBvGCS_teN2mnOTIU4NeQwH0px7egvzbtaDFHzgay3OXkdCSDdsJGZUjdkOeBL-xrK_GqVu_ikUqJfxjLR72rGkUyvlSukBVvwCupdq38wVI3anes26GcfrmnIU93hxSTy1dDVvZF0KuI2m1bZGlEO4ygw05h4OxicBP1URnIDKKM6SEymc5NxxLcRlhGwVXwge0WnvV1AGFv4rdhCzhUs-WLYB0Lw5p_OQ6y4JuLbi1t8noyPj8PAcQd2t6oqOSbEdnwxh3Y6VIzYumw"
      }
    ]
  },
  "token_endpoint_auth_method": "private_key_jwt"
}
2022-11-28 04:42:07
AddResponseTypesArrayToDynamicRegistrationRequestFromEnvironment
Added response_types array to dynamic registration request
dynamic_registration_request
{
  "client_name": "Ristretto Core Conformance Test Dynamic Client Two 6ZF2SOP4RriVh3E",
  "grant_types": [
    "authorization_code"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "hCJHQBF8o4XNiALbs2gp3AUIZsp5R_Epc1Nv-o_9AHnRkhSZgJSAaHR5aLPYtUFOjHB7zBBvGCS_teN2mnOTIU4NeQwH0px7egvzbtaDFHzgay3OXkdCSDdsJGZUjdkOeBL-xrK_GqVu_ikUqJfxjLR72rGkUyvlSukBVvwCupdq38wVI3anes26GcfrmnIU93hxSTy1dDVvZF0KuI2m1bZGlEO4ygw05h4OxicBP1URnIDKKM6SEymc5NxxLcRlhGwVXwge0WnvV1AGFv4rdhCzhUs-WLYB0Lw5p_OQ6y4JuLbi1t8noyPj8PAcQd2t6oqOSbEdnwxh3Y6VIzYumw"
      }
    ]
  },
  "token_endpoint_auth_method": "private_key_jwt",
  "response_types": [
    "code"
  ]
}
2022-11-28 04:42:07
AddRedirectUriToDynamicRegistrationRequest
Added redirect_uris array to dynamic registration request
dynamic_registration_request
{
  "client_name": "Ristretto Core Conformance Test Dynamic Client Two 6ZF2SOP4RriVh3E",
  "grant_types": [
    "authorization_code"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "hCJHQBF8o4XNiALbs2gp3AUIZsp5R_Epc1Nv-o_9AHnRkhSZgJSAaHR5aLPYtUFOjHB7zBBvGCS_teN2mnOTIU4NeQwH0px7egvzbtaDFHzgay3OXkdCSDdsJGZUjdkOeBL-xrK_GqVu_ikUqJfxjLR72rGkUyvlSukBVvwCupdq38wVI3anes26GcfrmnIU93hxSTy1dDVvZF0KuI2m1bZGlEO4ygw05h4OxicBP1URnIDKKM6SEymc5NxxLcRlhGwVXwge0WnvV1AGFv4rdhCzhUs-WLYB0Lw5p_OQ6y4JuLbi1t8noyPj8PAcQd2t6oqOSbEdnwxh3Y6VIzYumw"
      }
    ]
  },
  "token_endpoint_auth_method": "private_key_jwt",
  "response_types": [
    "code"
  ],
  "redirect_uris": [
    "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"
  ]
}
2022-11-28 04:42:07
AddContactsToDynamicRegistrationRequest
Added contacts array to dynamic registration request
dynamic_registration_request
{
  "client_name": "Ristretto Core Conformance Test Dynamic Client Two 6ZF2SOP4RriVh3E",
  "grant_types": [
    "authorization_code"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "hCJHQBF8o4XNiALbs2gp3AUIZsp5R_Epc1Nv-o_9AHnRkhSZgJSAaHR5aLPYtUFOjHB7zBBvGCS_teN2mnOTIU4NeQwH0px7egvzbtaDFHzgay3OXkdCSDdsJGZUjdkOeBL-xrK_GqVu_ikUqJfxjLR72rGkUyvlSukBVvwCupdq38wVI3anes26GcfrmnIU93hxSTy1dDVvZF0KuI2m1bZGlEO4ygw05h4OxicBP1URnIDKKM6SEymc5NxxLcRlhGwVXwge0WnvV1AGFv4rdhCzhUs-WLYB0Lw5p_OQ6y4JuLbi1t8noyPj8PAcQd2t6oqOSbEdnwxh3Y6VIzYumw"
      }
    ]
  },
  "token_endpoint_auth_method": "private_key_jwt",
  "response_types": [
    "code"
  ],
  "redirect_uris": [
    "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"
  ],
  "contacts": [
    "certification@oidf.org"
  ]
}
2022-11-28 04:42:07
AddRefreshTokenGrantTypeToDynamicRegistrationRequest
Added 'refresh_token' to 'grant_types'
grant_types
[
  "authorization_code",
  "refresh_token"
]
2022-11-28 04:42:07
CallDynamicRegistrationEndpoint
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register
request_method
POST
request_headers
{
  "accept": "application/json",
  "accept-charset": "utf-8",
  "content-type": "application/json",
  "content-length": "761"
}
request_body
{"client_name":"Ristretto Core Conformance Test Dynamic Client Two 6ZF2SOP4RriVh3E","grant_types":["authorization_code","refresh_token"],"jwks":{"keys":[{"kty":"RSA","e":"AQAB","use":"sig","alg":"RS256","n":"hCJHQBF8o4XNiALbs2gp3AUIZsp5R_Epc1Nv-o_9AHnRkhSZgJSAaHR5aLPYtUFOjHB7zBBvGCS_teN2mnOTIU4NeQwH0px7egvzbtaDFHzgay3OXkdCSDdsJGZUjdkOeBL-xrK_GqVu_ikUqJfxjLR72rGkUyvlSukBVvwCupdq38wVI3anes26GcfrmnIU93hxSTy1dDVvZF0KuI2m1bZGlEO4ygw05h4OxicBP1URnIDKKM6SEymc5NxxLcRlhGwVXwge0WnvV1AGFv4rdhCzhUs-WLYB0Lw5p_OQ6y4JuLbi1t8noyPj8PAcQd2t6oqOSbEdnwxh3Y6VIzYumw"}]},"token_endpoint_auth_method":"private_key_jwt","response_types":["code"],"redirect_uris":["https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"],"contacts":["certification@oidf.org"]}
2022-11-28 04:42:19 RESPONSE
CallDynamicRegistrationEndpoint
HTTP response
response_status_code
201 CREATED
response_status_text
Created
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK1794c875-ffa9-4dfb-9bb4-a0ffe16eed90",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c28163843c20371be671",
  "content-length": "1429",
  "date": "Mon, 28 Nov 2022 04:42:19 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:0RUz+jn/Wo0zmBjaIV1LBJK5dCj9ruzDwIPHQ0y+ZgA\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:61017047; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003dBC31C6285CBB2A5431CC5058C0D081DE~-1~YAAQJHYGF+Fe+oSEAQAAmwqLvAhdqovRwBVbgGBCuJda6/dFWMjz4sCV4ypExA9VpQ50+dF6WjLEVfPWYagL2CqAGqUYIMyxHyrlXVTtndlcVbwXEQmnt7rNhCFPVYI2+sm7a0n8kB6Q7PdG5M5bqsHgjMIiYmm58JBJizpUkdpM5+LVnRtmR7la7VSDfHnoGr9VlkADwY+FFEsTDHPQN3YAg2WJD9FFyoU8HaTsO8L6QtoKWLTqM8dLNXLUIvD8vgbpWsFxOuIQicmwozButndfviNiNbaljI7Xr9JzaIhvJxtqO7ddRocwyXl7GB8AyOPzZWl6UL12NiuTwWsHuUI2uHKE1iFm8vdyI5NZ6OXKR0DzYajxj0vVu/ILRg4oloegknk\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 04:42:19 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003dE58FD6C9850F7BA8768B62D4BE4B237B~YAAQJHYGF+Je+oSEAQAAmwqLvBH+LhU3eV0+Y97TrRn8aOMF9JVVBsjio3oWWzPFoZFqAqBoMYOsr+dfT2+GIJUEXyOUDF66EhA5R3p9oFhFYnQuu/VFD2M/8uYJu0MmB/lE8+SmBp9cWF7m7MQv1+syy/TykoxkCNgeo/s9emKzIDN4PJIK+gXo44T81Nxlv9k85MsGtc9EPzVWy+6YZdm8MJGb8dQUl2Uag412XfrwfiR/xpgqQ9nZtKutGkRpWvGa7TYNsfZoZJgLAMbt+BSynk5O1nDohcSyqzx8OYtpDC/AO/8YbS0RnBW0~3228997~3159861; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 08:42:08 GMT; Max-Age\u003d14389; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d108",
    "origin; dur\u003d10820"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"all_users_entitled":true,"client_id":"2a9314cf-58a2-485a-ad1e-dacae9e30d1e","client_id_issued_at":"2022-11-28T04:42:09Z","client_name":"Ristretto Core Conformance Test Dynamic Client Two 6ZF2SOP4RriVh3E","client_secret":"04qjMeGJqH","client_secret_expires_at":0,"consent_action":"always_prompt","enforce_pkce":false,"grant_types":["authorization_code","refresh_token"],"id_token_map":[],"id_token_signed_response_alg":"RS256","initiate_login_uri":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com","jwks":{"keys":[{"use":"sig","kty":"RSA","alg":"RS256","n":"hCJHQBF8o4XNiALbs2gp3AUIZsp5R_Epc1Nv-o_9AHnRkhSZgJSAaHR5aLPYtUFOjHB7zBBvGCS_teN2mnOTIU4NeQwH0px7egvzbtaDFHzgay3OXkdCSDdsJGZUjdkOeBL-xrK_GqVu_ikUqJfxjLR72rGkUyvlSukBVvwCupdq38wVI3anes26GcfrmnIU93hxSTy1dDVvZF0KuI2m1bZGlEO4ygw05h4OxicBP1URnIDKKM6SEymc5NxxLcRlhGwVXwge0WnvV1AGFv4rdhCzhUs-WLYB0Lw5p_OQ6y4JuLbi1t8noyPj8PAcQd2t6oqOSbEdnwxh3Y6VIzYumw","e":"AQAB"}]},"redirect_uris":["https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"],"registration_access_token":"IKqavTJPMDIhhmVZAgmDek5Q19-honKdMuv6iHrJs3s.qvsCtGZ_HhtPPkXQ3zm_vDTVjzNis0s51Trgy_KVAgRoO4aWlZuZyLPcJdeZpCBLNEPFmEBk5vTXSg5lTZJyXg.M18xNjY5NjEwNTM5XzE4","registration_client_uri":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register/2a9314cf-58a2-485a-ad1e-dacae9e30d1e","response_types":["code"],"token_endpoint_auth_method":"private_key_jwt","token_map":[]}
2022-11-28 04:42:19
CallDynamicRegistrationEndpoint
Parsed registration endpoint response
status
201
endpoint_name
dynamic registration
headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK1794c875-ffa9-4dfb-9bb4-a0ffe16eed90",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c28163843c20371be671",
  "content-length": "1429",
  "date": "Mon, 28 Nov 2022 04:42:19 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:0RUz+jn/Wo0zmBjaIV1LBJK5dCj9ruzDwIPHQ0y+ZgA\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:61017047; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003dBC31C6285CBB2A5431CC5058C0D081DE~-1~YAAQJHYGF+Fe+oSEAQAAmwqLvAhdqovRwBVbgGBCuJda6/dFWMjz4sCV4ypExA9VpQ50+dF6WjLEVfPWYagL2CqAGqUYIMyxHyrlXVTtndlcVbwXEQmnt7rNhCFPVYI2+sm7a0n8kB6Q7PdG5M5bqsHgjMIiYmm58JBJizpUkdpM5+LVnRtmR7la7VSDfHnoGr9VlkADwY+FFEsTDHPQN3YAg2WJD9FFyoU8HaTsO8L6QtoKWLTqM8dLNXLUIvD8vgbpWsFxOuIQicmwozButndfviNiNbaljI7Xr9JzaIhvJxtqO7ddRocwyXl7GB8AyOPzZWl6UL12NiuTwWsHuUI2uHKE1iFm8vdyI5NZ6OXKR0DzYajxj0vVu/ILRg4oloegknk\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 04:42:19 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003dE58FD6C9850F7BA8768B62D4BE4B237B~YAAQJHYGF+Je+oSEAQAAmwqLvBH+LhU3eV0+Y97TrRn8aOMF9JVVBsjio3oWWzPFoZFqAqBoMYOsr+dfT2+GIJUEXyOUDF66EhA5R3p9oFhFYnQuu/VFD2M/8uYJu0MmB/lE8+SmBp9cWF7m7MQv1+syy/TykoxkCNgeo/s9emKzIDN4PJIK+gXo44T81Nxlv9k85MsGtc9EPzVWy+6YZdm8MJGb8dQUl2Uag412XfrwfiR/xpgqQ9nZtKutGkRpWvGa7TYNsfZoZJgLAMbt+BSynk5O1nDohcSyqzx8OYtpDC/AO/8YbS0RnBW0~3228997~3159861; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 08:42:08 GMT; Max-Age\u003d14389; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d108",
    "origin; dur\u003d10820"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
body
{"all_users_entitled":true,"client_id":"2a9314cf-58a2-485a-ad1e-dacae9e30d1e","client_id_issued_at":"2022-11-28T04:42:09Z","client_name":"Ristretto Core Conformance Test Dynamic Client Two 6ZF2SOP4RriVh3E","client_secret":"04qjMeGJqH","client_secret_expires_at":0,"consent_action":"always_prompt","enforce_pkce":false,"grant_types":["authorization_code","refresh_token"],"id_token_map":[],"id_token_signed_response_alg":"RS256","initiate_login_uri":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com","jwks":{"keys":[{"use":"sig","kty":"RSA","alg":"RS256","n":"hCJHQBF8o4XNiALbs2gp3AUIZsp5R_Epc1Nv-o_9AHnRkhSZgJSAaHR5aLPYtUFOjHB7zBBvGCS_teN2mnOTIU4NeQwH0px7egvzbtaDFHzgay3OXkdCSDdsJGZUjdkOeBL-xrK_GqVu_ikUqJfxjLR72rGkUyvlSukBVvwCupdq38wVI3anes26GcfrmnIU93hxSTy1dDVvZF0KuI2m1bZGlEO4ygw05h4OxicBP1URnIDKKM6SEymc5NxxLcRlhGwVXwge0WnvV1AGFv4rdhCzhUs-WLYB0Lw5p_OQ6y4JuLbi1t8noyPj8PAcQd2t6oqOSbEdnwxh3Y6VIzYumw","e":"AQAB"}]},"redirect_uris":["https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"],"registration_access_token":"IKqavTJPMDIhhmVZAgmDek5Q19-honKdMuv6iHrJs3s.qvsCtGZ_HhtPPkXQ3zm_vDTVjzNis0s51Trgy_KVAgRoO4aWlZuZyLPcJdeZpCBLNEPFmEBk5vTXSg5lTZJyXg.M18xNjY5NjEwNTM5XzE4","registration_client_uri":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register/2a9314cf-58a2-485a-ad1e-dacae9e30d1e","response_types":["code"],"token_endpoint_auth_method":"private_key_jwt","token_map":[]}
body_json
{
  "all_users_entitled": true,
  "client_id": "2a9314cf-58a2-485a-ad1e-dacae9e30d1e",
  "client_id_issued_at": "2022-11-28T04:42:09Z",
  "client_name": "Ristretto Core Conformance Test Dynamic Client Two 6ZF2SOP4RriVh3E",
  "client_secret": "04qjMeGJqH",
  "client_secret_expires_at": 0,
  "consent_action": "always_prompt",
  "enforce_pkce": false,
  "grant_types": [
    "authorization_code",
    "refresh_token"
  ],
  "id_token_map": [],
  "id_token_signed_response_alg": "RS256",
  "initiate_login_uri": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com",
  "jwks": {
    "keys": [
      {
        "use": "sig",
        "kty": "RSA",
        "alg": "RS256",
        "n": "hCJHQBF8o4XNiALbs2gp3AUIZsp5R_Epc1Nv-o_9AHnRkhSZgJSAaHR5aLPYtUFOjHB7zBBvGCS_teN2mnOTIU4NeQwH0px7egvzbtaDFHzgay3OXkdCSDdsJGZUjdkOeBL-xrK_GqVu_ikUqJfxjLR72rGkUyvlSukBVvwCupdq38wVI3anes26GcfrmnIU93hxSTy1dDVvZF0KuI2m1bZGlEO4ygw05h4OxicBP1URnIDKKM6SEymc5NxxLcRlhGwVXwge0WnvV1AGFv4rdhCzhUs-WLYB0Lw5p_OQ6y4JuLbi1t8noyPj8PAcQd2t6oqOSbEdnwxh3Y6VIzYumw",
        "e": "AQAB"
      }
    ]
  },
  "redirect_uris": [
    "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"
  ],
  "registration_access_token": "IKqavTJPMDIhhmVZAgmDek5Q19-honKdMuv6iHrJs3s.qvsCtGZ_HhtPPkXQ3zm_vDTVjzNis0s51Trgy_KVAgRoO4aWlZuZyLPcJdeZpCBLNEPFmEBk5vTXSg5lTZJyXg.M18xNjY5NjEwNTM5XzE4",
  "registration_client_uri": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register/2a9314cf-58a2-485a-ad1e-dacae9e30d1e",
  "response_types": [
    "code"
  ],
  "token_endpoint_auth_method": "private_key_jwt",
  "token_map": []
}
2022-11-28 04:42:19 SUCCESS
EnsureContentTypeJson
endpoint_response Content-Type: header is application/json
2022-11-28 04:42:19 SUCCESS
EnsureHttpStatusCodeIs201
dynamic registration endpoint returned the expected http status
expected_status
201
http_status
201
2022-11-28 04:42:19 SUCCESS
CheckNoErrorFromDynamicRegistrationEndpoint
Dynamic registration endpoint did not return an error.
2022-11-28 04:42:19 SUCCESS
ExtractDynamicRegistrationResponse
Extracted client from dynamic registration response
client_id
2a9314cf-58a2-485a-ad1e-dacae9e30d1e
2022-11-28 04:42:19 SUCCESS
VerifyClientManagementCredentials
Verified dynamic registration management credentials
registration_client_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register/2a9314cf-58a2-485a-ad1e-dacae9e30d1e
registration_access_token
IKqavTJPMDIhhmVZAgmDek5Q19-honKdMuv6iHrJs3s.qvsCtGZ_HhtPPkXQ3zm_vDTVjzNis0s51Trgy_KVAgRoO4aWlZuZyLPcJdeZpCBLNEPFmEBk5vTXSg5lTZJyXg.M18xNjY5NjEwNTM5XzE4
2022-11-28 04:42:19
SetScopeInClientConfigurationToOpenId
Set scope in client configuration to "openid"
scope
openid
2022-11-28 04:42:19
SetScopeInClientConfigurationToOpenIdOfflineAccessIfServerSupportsOfflineAccess
scopes supported does not contain 'offline_access' so not adding it to the list of scopes to be requested
scopes_supported
[
  "openid",
  "profile",
  "email",
  "phone",
  "address"
]
2022-11-28 04:42:19 SUCCESS
EnsureServerConfigurationSupportsPrivateKeyJwt
Found supported private_key_jwt method
method
private_key_jwt
2022-11-28 04:42:19 SUCCESS
SetProtectedResourceUrlToUserInfoEndpoint
userinfo_endpoint will be used to test access token. The user info is not a mandatory to implement feature in the OpenID Connect specification, but is mandatory for certification.
protected_resource_url
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/userinfo
2022-11-28 04:42:19
oidcc-refresh-token
Setup Done
Make request to authorization endpoint
2022-11-28 04:42:19 SUCCESS
CreateAuthorizationEndpointRequestFromClientInformation
Created authorization endpoint request
client_id
8be5f65f-bf8c-4d8e-84bf-c8263cdcb364
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
scope
openid
2022-11-28 04:42:19
CreateRandomStateValue
Created state value
requested_state_length
10
state
vKLwbI2i7J
2022-11-28 04:42:19 SUCCESS
AddStateToAuthorizationEndpointRequest
Added state parameter to request
client_id
8be5f65f-bf8c-4d8e-84bf-c8263cdcb364
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
scope
openid
state
vKLwbI2i7J
2022-11-28 04:42:19
CreateRandomNonceValue
Created nonce value
requested_nonce_length
10
nonce
IttHOlMC7w
2022-11-28 04:42:19 SUCCESS
AddNonceToAuthorizationEndpointRequest
Added nonce parameter to request
client_id
8be5f65f-bf8c-4d8e-84bf-c8263cdcb364
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
scope
openid
state
vKLwbI2i7J
nonce
IttHOlMC7w
2022-11-28 04:42:19 SUCCESS
SetAuthorizationEndpointRequestResponseTypeFromEnvironment
Added response_type parameter to request
client_id
8be5f65f-bf8c-4d8e-84bf-c8263cdcb364
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
scope
openid
state
vKLwbI2i7J
nonce
IttHOlMC7w
response_type
code
2022-11-28 04:42:19 SUCCESS
AddPromptConsentToAuthorizationEndpointRequestIfScopeContainsOfflineAccess
Not adding prompt=consent as the scope in the configuration does not contain offline_access
2022-11-28 04:42:19 SUCCESS
BuildPlainRedirectToAuthorizationEndpoint
Sending to authorization endpoint
auth_request
{
  "client_id": "8be5f65f-bf8c-4d8e-84bf-c8263cdcb364",
  "redirect_uri": "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback",
  "scope": "openid",
  "state": "vKLwbI2i7J",
  "nonce": "IttHOlMC7w",
  "response_type": "code"
}
redirect_to_authorization_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/authorize?client_id=8be5f65f-bf8c-4d8e-84bf-c8263cdcb364&redirect_uri=https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback&scope=openid&state=vKLwbI2i7J&nonce=IttHOlMC7w&response_type=code
2022-11-28 04:42:19 REDIRECT
oidcc-refresh-token
Redirecting to authorization endpoint
redirect_to
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/authorize?client_id=8be5f65f-bf8c-4d8e-84bf-c8263cdcb364&redirect_uri=https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback&scope=openid&state=vKLwbI2i7J&nonce=IttHOlMC7w&response_type=code
2022-11-28 04:42:30 INCOMING
oidcc-refresh-token
Incoming HTTP request to /test/a/isv_op_oidc_core_test/callback
incoming_headers
{
  "host": "www.certification.openid.net",
  "cache-control": "max-age\u003d0",
  "upgrade-insecure-requests": "1",
  "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,image/avif,image/webp,image/apng,*/*;q\u003d0.8,application/signed-exchange;v\u003db3;q\u003d0.9",
  "sec-fetch-site": "cross-site",
  "sec-fetch-mode": "navigate",
  "sec-fetch-user": "?1",
  "sec-fetch-dest": "document",
  "sec-ch-ua": "\"Google Chrome\";v\u003d\"107\", \"Chromium\";v\u003d\"107\", \"Not\u003dA?Brand\";v\u003d\"24\"",
  "sec-ch-ua-mobile": "?0",
  "sec-ch-ua-platform": "\"Windows\"",
  "referer": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-US,en;q\u003d0.9,zh-CN;q\u003d0.8,zh;q\u003d0.7",
  "cookie": "__utmc\u003d201319536; __utma\u003d201319536.1094656506.1667372526.1669192421.1669574146.18; __utmz\u003d201319536.1669574146.18.4.utmcsr\u003dgoogle|utmccn\u003d(organic)|utmcmd\u003dorganic|utmctr\u003d(not%20provided); JSESSIONID\u003d3F138883B59A4562B9987C6E0F96FA4F",
  "connection": "close"
}
incoming_path
/test/a/isv_op_oidc_core_test/callback
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cert
incoming_query_string_params
{
  "code": "4PsxXbcbnz_JSlyQO3qXEipOxQHCZns5a0YLVB_yk6E.7H37jimEj5NXbaa6hZH6Soyyefc5iW4udFzymFkO2It9lU2cjgqncnR0j9ffspOL4DtpyEBVcfbBW1ewj4O08g",
  "iss": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "state": "vKLwbI2i7J"
}
incoming_body
incoming_tls_chain
[
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL"
]
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_body_json
2022-11-28 04:42:30 SUCCESS
CreateRandomImplicitSubmitUrl
Created random implicit submission URL
implicit_submit
{
  "path": "implicit/Bh1vEsbb5Q0rqZg0wGPj",
  "fullUrl": "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/implicit/Bh1vEsbb5Q0rqZg0wGPj"
}
2022-11-28 04:42:30 OUTGOING
oidcc-refresh-token
Response to HTTP request to test instance 6ZF2SOP4RriVh3E
outgoing
ModelAndView [view="implicitCallback"; model={implicitSubmitUrl=https://www.certification.openid.net/test/a/isv_op_oidc_core_test/implicit/Bh1vEsbb5Q0rqZg0wGPj, returnUrl=/log-detail.html?log=6ZF2SOP4RriVh3E}]
outgoing_path
callback
2022-11-28 04:42:45 INCOMING
oidcc-refresh-token
Incoming HTTP request to /test/a/isv_op_oidc_core_test/implicit/Bh1vEsbb5Q0rqZg0wGPj
incoming_headers
{
  "host": "www.certification.openid.net",
  "sec-ch-ua": "\"Google Chrome\";v\u003d\"107\", \"Chromium\";v\u003d\"107\", \"Not\u003dA?Brand\";v\u003d\"24\"",
  "accept": "*/*",
  "content-type": "text/plain",
  "x-requested-with": "XMLHttpRequest",
  "sec-ch-ua-mobile": "?0",
  "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36",
  "sec-ch-ua-platform": "\"Windows\"",
  "origin": "https://www.certification.openid.net",
  "sec-fetch-site": "same-origin",
  "sec-fetch-mode": "cors",
  "sec-fetch-dest": "empty",
  "referer": "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback?code\u003d4PsxXbcbnz_JSlyQO3qXEipOxQHCZns5a0YLVB_yk6E.7H37jimEj5NXbaa6hZH6Soyyefc5iW4udFzymFkO2It9lU2cjgqncnR0j9ffspOL4DtpyEBVcfbBW1ewj4O08g\u0026iss\u003dhttps%3A%2F%2Foidc-conformance.rel.verify.ibmcloudsecurity.com%2Foauth2\u0026state\u003dvKLwbI2i7J",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-US,en;q\u003d0.9,zh-CN;q\u003d0.8,zh;q\u003d0.7",
  "cookie": "__utmc\u003d201319536; __utma\u003d201319536.1094656506.1667372526.1669192421.1669574146.18; __utmz\u003d201319536.1669574146.18.4.utmcsr\u003dgoogle|utmccn\u003d(organic)|utmcmd\u003dorganic|utmctr\u003d(not%20provided); JSESSIONID\u003d3F138883B59A4562B9987C6E0F96FA4F",
  "connection": "close",
  "content-length": "0"
}
incoming_path
/test/a/isv_op_oidc_core_test/implicit/Bh1vEsbb5Q0rqZg0wGPj
incoming_body_form_params
incoming_method
POST
incoming_tls_version
TLSv1.2
incoming_tls_cert
incoming_query_string_params
{}
incoming_body
incoming_tls_chain
[
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL"
]
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_body_json
2022-11-28 04:42:45 OUTGOING
oidcc-refresh-token
Response to HTTP request to test instance 6ZF2SOP4RriVh3E
outgoing_status_code
204
outgoing_headers
{}
outgoing_body

                                
outgoing_path
implicit/Bh1vEsbb5Q0rqZg0wGPj
2022-11-28 04:42:45 SUCCESS
ExtractImplicitHashToCallbackResponse
implicit_hash is empty
2022-11-28 04:42:45 REDIRECT-IN
oidcc-refresh-token
Authorization endpoint response captured
url_query
{
  "code": "4PsxXbcbnz_JSlyQO3qXEipOxQHCZns5a0YLVB_yk6E.7H37jimEj5NXbaa6hZH6Soyyefc5iW4udFzymFkO2It9lU2cjgqncnR0j9ffspOL4DtpyEBVcfbBW1ewj4O08g",
  "iss": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "state": "vKLwbI2i7J"
}
headers
{
  "host": "www.certification.openid.net",
  "cache-control": "max-age\u003d0",
  "upgrade-insecure-requests": "1",
  "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,image/avif,image/webp,image/apng,*/*;q\u003d0.8,application/signed-exchange;v\u003db3;q\u003d0.9",
  "sec-fetch-site": "cross-site",
  "sec-fetch-mode": "navigate",
  "sec-fetch-user": "?1",
  "sec-fetch-dest": "document",
  "sec-ch-ua": "\"Google Chrome\";v\u003d\"107\", \"Chromium\";v\u003d\"107\", \"Not\u003dA?Brand\";v\u003d\"24\"",
  "sec-ch-ua-mobile": "?0",
  "sec-ch-ua-platform": "\"Windows\"",
  "referer": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-US,en;q\u003d0.9,zh-CN;q\u003d0.8,zh;q\u003d0.7",
  "cookie": "__utmc\u003d201319536; __utma\u003d201319536.1094656506.1667372526.1669192421.1669574146.18; __utmz\u003d201319536.1669574146.18.4.utmcsr\u003dgoogle|utmccn\u003d(organic)|utmcmd\u003dorganic|utmctr\u003d(not%20provided); JSESSIONID\u003d3F138883B59A4562B9987C6E0F96FA4F",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "x-forwarded-proto": "https",
  "x-forwarded-port": "443",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
http_method
GET
url_fragment
{}
post_body
Verify authorization endpoint response
2022-11-28 04:42:45 SUCCESS
CheckMatchingCallbackParameters
Callback parameters successfully verified
2022-11-28 04:42:45 SUCCESS
ValidateIssInAuthorizationResponse
'iss' parameter in authorization response matches server's issuer value.
2022-11-28 04:42:45 SUCCESS
CheckIfAuthorizationEndpointError
No error from authorization endpoint
2022-11-28 04:42:45 SUCCESS
CheckStateInAuthorizationResponse
State in response correctly returned
state
vKLwbI2i7J
2022-11-28 04:42:45 SUCCESS
ExtractAuthorizationCodeFromAuthorizationResponse
Found authorization code
code
4PsxXbcbnz_JSlyQO3qXEipOxQHCZns5a0YLVB_yk6E.7H37jimEj5NXbaa6hZH6Soyyefc5iW4udFzymFkO2It9lU2cjgqncnR0j9ffspOL4DtpyEBVcfbBW1ewj4O08g
2022-11-28 04:42:45 SUCCESS
CreateTokenEndpointRequestForAuthorizationCodeGrant
Created token endpoint request
grant_type
authorization_code
code
4PsxXbcbnz_JSlyQO3qXEipOxQHCZns5a0YLVB_yk6E.7H37jimEj5NXbaa6hZH6Soyyefc5iW4udFzymFkO2It9lU2cjgqncnR0j9ffspOL4DtpyEBVcfbBW1ewj4O08g
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
2022-11-28 04:42:45 SUCCESS
CreateClientAuthenticationAssertionClaims
Created client assertion claims
iss
8be5f65f-bf8c-4d8e-84bf-c8263cdcb364
sub
8be5f65f-bf8c-4d8e-84bf-c8263cdcb364
aud
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/token
jti
0hSN5JFXT6MJSlrgKMzQ
iat
1669610565
exp
1669610625
2022-11-28 04:42:45 SUCCESS
SignClientAuthenticationAssertion
Signed the client assertion
client_assertion
eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiI4YmU1ZjY1Zi1iZjhjLTRkOGUtODRiZi1jODI2M2NkY2IzNjQiLCJhdWQiOiJodHRwczpcL1wvb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tXC9vYXV0aDJcL3Rva2VuIiwiaXNzIjoiOGJlNWY2NWYtYmY4Yy00ZDhlLTg0YmYtYzgyNjNjZGNiMzY0IiwiZXhwIjoxNjY5NjEwNjI1LCJpYXQiOjE2Njk2MTA1NjUsImp0aSI6IjBoU041SkZYVDZNSlNscmdLTXpRIn0.IdnRvHLkBUVf8UyrigWj-AilCJsLGgUIxOHgIwrjuQhq-VxIU5Yg9iADPiaz43WyKogzqeQLlFO4KhvDeB_QQ4MmthWBQEbUYBbxobWLBosfT8NqXjl6wKEUdgiiLFj27KNHfWz2q6glhX5SeHDY_WEeN2sjD7k6uRS8IwLeXyLJ7hCCOd0hamjvN3viJIdvKgRI1NguBzW3MLoxl7gjhHnEbasTaPWokOOU4z8xlItUgFzIp7lIy1l7S1l_zJ5WCIPEu8S11lnGgMBP7YdMd7zSpfObEU7rGQh4XS2hdQJc61kN4qAdwhehOc32A8M9UGVWaV8vSulk2s07G_58vg
2022-11-28 04:42:45
AddClientAssertionToTokenEndpointRequest
Added client assertion
grant_type
authorization_code
code
4PsxXbcbnz_JSlyQO3qXEipOxQHCZns5a0YLVB_yk6E.7H37jimEj5NXbaa6hZH6Soyyefc5iW4udFzymFkO2It9lU2cjgqncnR0j9ffspOL4DtpyEBVcfbBW1ewj4O08g
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
client_assertion
eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiI4YmU1ZjY1Zi1iZjhjLTRkOGUtODRiZi1jODI2M2NkY2IzNjQiLCJhdWQiOiJodHRwczpcL1wvb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tXC9vYXV0aDJcL3Rva2VuIiwiaXNzIjoiOGJlNWY2NWYtYmY4Yy00ZDhlLTg0YmYtYzgyNjNjZGNiMzY0IiwiZXhwIjoxNjY5NjEwNjI1LCJpYXQiOjE2Njk2MTA1NjUsImp0aSI6IjBoU041SkZYVDZNSlNscmdLTXpRIn0.IdnRvHLkBUVf8UyrigWj-AilCJsLGgUIxOHgIwrjuQhq-VxIU5Yg9iADPiaz43WyKogzqeQLlFO4KhvDeB_QQ4MmthWBQEbUYBbxobWLBosfT8NqXjl6wKEUdgiiLFj27KNHfWz2q6glhX5SeHDY_WEeN2sjD7k6uRS8IwLeXyLJ7hCCOd0hamjvN3viJIdvKgRI1NguBzW3MLoxl7gjhHnEbasTaPWokOOU4z8xlItUgFzIp7lIy1l7S1l_zJ5WCIPEu8S11lnGgMBP7YdMd7zSpfObEU7rGQh4XS2hdQJc61kN4qAdwhehOc32A8M9UGVWaV8vSulk2s07G_58vg
client_assertion_type
urn:ietf:params:oauth:client-assertion-type:jwt-bearer
2022-11-28 04:42:45
CallTokenEndpoint
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/token
request_method
POST
request_headers
{
  "accept": "application/json",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "1051"
}
request_body
grant_type=authorization_code&code=4PsxXbcbnz_JSlyQO3qXEipOxQHCZns5a0YLVB_yk6E.7H37jimEj5NXbaa6hZH6Soyyefc5iW4udFzymFkO2It9lU2cjgqncnR0j9ffspOL4DtpyEBVcfbBW1ewj4O08g&redirect_uri=https%3A%2F%2Fwww.certification.openid.net%2Ftest%2Fa%2Fisv_op_oidc_core_test%2Fcallback&client_assertion=eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiI4YmU1ZjY1Zi1iZjhjLTRkOGUtODRiZi1jODI2M2NkY2IzNjQiLCJhdWQiOiJodHRwczpcL1wvb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tXC9vYXV0aDJcL3Rva2VuIiwiaXNzIjoiOGJlNWY2NWYtYmY4Yy00ZDhlLTg0YmYtYzgyNjNjZGNiMzY0IiwiZXhwIjoxNjY5NjEwNjI1LCJpYXQiOjE2Njk2MTA1NjUsImp0aSI6IjBoU041SkZYVDZNSlNscmdLTXpRIn0.IdnRvHLkBUVf8UyrigWj-AilCJsLGgUIxOHgIwrjuQhq-VxIU5Yg9iADPiaz43WyKogzqeQLlFO4KhvDeB_QQ4MmthWBQEbUYBbxobWLBosfT8NqXjl6wKEUdgiiLFj27KNHfWz2q6glhX5SeHDY_WEeN2sjD7k6uRS8IwLeXyLJ7hCCOd0hamjvN3viJIdvKgRI1NguBzW3MLoxl7gjhHnEbasTaPWokOOU4z8xlItUgFzIp7lIy1l7S1l_zJ5WCIPEu8S11lnGgMBP7YdMd7zSpfObEU7rGQh4XS2hdQJc61kN4qAdwhehOc32A8M9UGVWaV8vSulk2s07G_58vg&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer
2022-11-28 04:42:48 RESPONSE
CallTokenEndpoint
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK01e939f9-b3ea-4cf7-91b4-f78e2c5920b2",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c28163843c46371c4671",
  "content-length": "1498",
  "date": "Mon, 28 Nov 2022 04:42:48 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:ru+IPDH0PnNOj8u3wo0km+SfTMUsJ9YfP7l+DgnH7XY\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:54725591; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003dC7243D21EA562F53413945CD9809B129~-1~YAAQFmvcF80NJH6EAQAAlHmLvAidy6YqaVNY1HGog0LJXM/AfovvlBqwW+2I8B99P0N9H8xI8Wj982WQHyJicTeC0WMAFK6WfA3dYDR2ChdZQO2/Kcthaga6l0zg9PrHzrhKnsvPzywGM1fsE9dxcGTxC0VLKdAVdI8QEBobvqzTizjopahrMP0bNonguW6o1Q9aoWZuDubRTUCkXT0tUrHBKsms8OBEg/eq55Tuz/Q/1yzXLElfrqF3jIvG4ympNfP5sf4RU/hSean1aAjtukZpzPsTr4ldCaiO8OaTK2uXnMbISz/IeurHdEYBUvZQh7ZidIjmzy4DSS4GW+lareznj6i4K5QbTShTH3CEjsTHyMsSYTq0O/Ar6SYZg+d9CHXtTzM\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 04:42:48 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d576C7A3B19674864825F544A40B054A9~YAAQFmvcF84NJH6EAQAAlHmLvBEMrPbqtNu+bb3ei8KKkC9d5BhIvYQM1GMunVlpVbYAp+tKoXaekURrNtPuCIHYhTLl8E2ipzV1lDumciy/hysDLFnvQSlNe27HrNJGF1I6uaT6ws0UwNGBpAX/RR7Lp1MRUgOA665QrtEqGz9BgaRYs/WMUBrNeDUcJRwKnD6wAgvn+oN5NLGm8A+HyTawk+plebdAki2nH4ZQ+xFaeuZesKQ4IQ6hN+OAxLngm6DZcR8zjnScZs5aRFFl+l5w7dCmlPrSVpUWdgZxW/Vl1CtIY7Y6oppMntF0~4340025~4535352; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 08:42:46 GMT; Max-Age\u003d14398; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d85",
    "origin; dur\u003d1833"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"access_token":"w3_QK2A5AYNLO2aQ3Binp-ErmXiXVEkiMxkwQwohz9M.CaYcBY8iJ5p8ZgHNi0vPPi3jQhUjsDEUU7t9vttdftMMG4kO5luckZXBB61iVpFGn2Nq0vb9bTUeH9GwPsUzZw.M18xNjY5NjEwNTY3XzE4","expires_in":7199,"id_token":"eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJDTG44Y0FIdnVmdWhIWkVvX1Nad0V3IiwiYXVkIjpbIjhiZTVmNjVmLWJmOGMtNGQ4ZS04NGJmLWM4MjYzY2RjYjM2NCJdLCJhdXRoX3RpbWUiOjE2Njk2MTAwNDIsImV4cCI6MTY2OTYxNzc2NywiaWF0IjoxNjY5NjEwNTY3LCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiIzZGRiNTY2MS0xY2M5LTRjYjYtOTZkMy01YWU4ODQxYzJjYzAiLCJuYW1lIjoiSVNWIERldiIsIm5vbmNlIjoiSXR0SE9sTUM3dyIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NjEwNTQzLCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoiS3JYeTJnYk9Ic3JNT0dpc3A1RnRRUSIsInNfaGFzaCI6ImhlVE00RFdYRGZIZy14RHE3aGo1YlEiLCJzdWIiOiI2MTYwMDE3TjY3In0.Zd0GHu8FzVyR8aGaXL1b1uOPRaCfrdOaaaQD_kwD0nF1lQQ-rCZLp0tTt3MmIwmjvb1SRLuFetEVGkb7BgVcSXMT5I5JE6xc1gkbgytSlVKt4cq4-FyZY9a5VzJ0lszePW0xDVZNeSU0d8QnfKex7ZNv9YtcHaKxnKwCvyb1CIHc1g7yBtYhDlhVv51MWFOw3IU1v_qrVOZe3qDlBdH629E5tmZttF1bNkuU3trcB3yCMIMOge7fyPwB0lbIZiTn-3iMTovHK-E3GFctXCBEtjMlcLVbKqkHSAfW_J_nQdbmD9kiBOhzUu4H8pBFVfbWn37LVu0RS4eTLwunjO5HmA","refresh_token":"estD4o2u5lDULa-LjmPt5OoEgAX82-9aLSLw5UALgjw.IEAhb64WEGsdEnAqpzvAlUWOzHzuToBNzeVdtiyz8qGbx-FYuaaj1S_xYHYRTRA3YvbJJ38ZNfLDDEmzsITsRw.M18xNjY5NjEwNTY3XzE4","scope":"openid","token_type":"bearer"}
2022-11-28 04:42:48 SUCCESS
CallTokenEndpoint
Parsed token endpoint response
access_token
w3_QK2A5AYNLO2aQ3Binp-ErmXiXVEkiMxkwQwohz9M.CaYcBY8iJ5p8ZgHNi0vPPi3jQhUjsDEUU7t9vttdftMMG4kO5luckZXBB61iVpFGn2Nq0vb9bTUeH9GwPsUzZw.M18xNjY5NjEwNTY3XzE4
expires_in
7199
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJDTG44Y0FIdnVmdWhIWkVvX1Nad0V3IiwiYXVkIjpbIjhiZTVmNjVmLWJmOGMtNGQ4ZS04NGJmLWM4MjYzY2RjYjM2NCJdLCJhdXRoX3RpbWUiOjE2Njk2MTAwNDIsImV4cCI6MTY2OTYxNzc2NywiaWF0IjoxNjY5NjEwNTY3LCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiIzZGRiNTY2MS0xY2M5LTRjYjYtOTZkMy01YWU4ODQxYzJjYzAiLCJuYW1lIjoiSVNWIERldiIsIm5vbmNlIjoiSXR0SE9sTUM3dyIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NjEwNTQzLCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoiS3JYeTJnYk9Ic3JNT0dpc3A1RnRRUSIsInNfaGFzaCI6ImhlVE00RFdYRGZIZy14RHE3aGo1YlEiLCJzdWIiOiI2MTYwMDE3TjY3In0.Zd0GHu8FzVyR8aGaXL1b1uOPRaCfrdOaaaQD_kwD0nF1lQQ-rCZLp0tTt3MmIwmjvb1SRLuFetEVGkb7BgVcSXMT5I5JE6xc1gkbgytSlVKt4cq4-FyZY9a5VzJ0lszePW0xDVZNeSU0d8QnfKex7ZNv9YtcHaKxnKwCvyb1CIHc1g7yBtYhDlhVv51MWFOw3IU1v_qrVOZe3qDlBdH629E5tmZttF1bNkuU3trcB3yCMIMOge7fyPwB0lbIZiTn-3iMTovHK-E3GFctXCBEtjMlcLVbKqkHSAfW_J_nQdbmD9kiBOhzUu4H8pBFVfbWn37LVu0RS4eTLwunjO5HmA
refresh_token
estD4o2u5lDULa-LjmPt5OoEgAX82-9aLSLw5UALgjw.IEAhb64WEGsdEnAqpzvAlUWOzHzuToBNzeVdtiyz8qGbx-FYuaaj1S_xYHYRTRA3YvbJJ38ZNfLDDEmzsITsRw.M18xNjY5NjEwNTY3XzE4
scope
openid
token_type
bearer
2022-11-28 04:42:48 SUCCESS
CheckIfTokenEndpointResponseError
No error from token endpoint
2022-11-28 04:42:48 SUCCESS
CheckForAccessTokenValue
Found an access token
access_token
w3_QK2A5AYNLO2aQ3Binp-ErmXiXVEkiMxkwQwohz9M.CaYcBY8iJ5p8ZgHNi0vPPi3jQhUjsDEUU7t9vttdftMMG4kO5luckZXBB61iVpFGn2Nq0vb9bTUeH9GwPsUzZw.M18xNjY5NjEwNTY3XzE4
2022-11-28 04:42:48 SUCCESS
ExtractAccessTokenFromTokenResponse
Extracted the access token
value
w3_QK2A5AYNLO2aQ3Binp-ErmXiXVEkiMxkwQwohz9M.CaYcBY8iJ5p8ZgHNi0vPPi3jQhUjsDEUU7t9vttdftMMG4kO5luckZXBB61iVpFGn2Nq0vb9bTUeH9GwPsUzZw.M18xNjY5NjEwNTY3XzE4
type
bearer
2022-11-28 04:42:48 SUCCESS
ExtractExpiresInFromTokenEndpointResponse
Extracted 'expires_in'
expires_in
7199
2022-11-28 04:42:48 SUCCESS
ValidateExpiresIn
expires_in passed all validation checks
expires_in
7199
2022-11-28 04:42:48 SUCCESS
CheckForRefreshTokenValue
Found a refresh token
refresh_token
estD4o2u5lDULa-LjmPt5OoEgAX82-9aLSLw5UALgjw.IEAhb64WEGsdEnAqpzvAlUWOzHzuToBNzeVdtiyz8qGbx-FYuaaj1S_xYHYRTRA3YvbJJ38ZNfLDDEmzsITsRw.M18xNjY5NjEwNTY3XzE4
2022-11-28 04:42:48 SUCCESS
ExtractIdTokenFromTokenResponse
Found and parsed the id_token from token_endpoint_response
value
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJDTG44Y0FIdnVmdWhIWkVvX1Nad0V3IiwiYXVkIjpbIjhiZTVmNjVmLWJmOGMtNGQ4ZS04NGJmLWM4MjYzY2RjYjM2NCJdLCJhdXRoX3RpbWUiOjE2Njk2MTAwNDIsImV4cCI6MTY2OTYxNzc2NywiaWF0IjoxNjY5NjEwNTY3LCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiIzZGRiNTY2MS0xY2M5LTRjYjYtOTZkMy01YWU4ODQxYzJjYzAiLCJuYW1lIjoiSVNWIERldiIsIm5vbmNlIjoiSXR0SE9sTUM3dyIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NjEwNTQzLCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoiS3JYeTJnYk9Ic3JNT0dpc3A1RnRRUSIsInNfaGFzaCI6ImhlVE00RFdYRGZIZy14RHE3aGo1YlEiLCJzdWIiOiI2MTYwMDE3TjY3In0.Zd0GHu8FzVyR8aGaXL1b1uOPRaCfrdOaaaQD_kwD0nF1lQQ-rCZLp0tTt3MmIwmjvb1SRLuFetEVGkb7BgVcSXMT5I5JE6xc1gkbgytSlVKt4cq4-FyZY9a5VzJ0lszePW0xDVZNeSU0d8QnfKex7ZNv9YtcHaKxnKwCvyb1CIHc1g7yBtYhDlhVv51MWFOw3IU1v_qrVOZe3qDlBdH629E5tmZttF1bNkuU3trcB3yCMIMOge7fyPwB0lbIZiTn-3iMTovHK-E3GFctXCBEtjMlcLVbKqkHSAfW_J_nQdbmD9kiBOhzUu4H8pBFVfbWn37LVu0RS4eTLwunjO5HmA
header
{
  "kid": "server",
  "alg": "RS256"
}
claims
{
  "at_hash": "CLn8cAHvufuhHZEo_SZwEw",
  "sub": "6160017N67",
  "rat": 1669610543,
  "realmName": "cloudIdentityRealm",
  "amr": [
    "password"
  ],
  "iss": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "preferred_username": "isvdev@ibm.com",
  "nonce": "IttHOlMC7w",
  "rt_hash": "KrXy2gbOHsrMOGisp5FtQQ",
  "acr": "urn:ibm:security:policy:id:1",
  "aud": "8be5f65f-bf8c-4d8e-84bf-c8263cdcb364",
  "s_hash": "heTM4DWXDfHg-xDq7hj5bQ",
  "auth_time": 1669610042,
  "name": "ISV Dev",
  "exp": 1669617767,
  "iat": 1669610567,
  "jti": "3ddb5661-1cc9-4cb6-96d3-5ae8841c2cc0"
}
2022-11-28 04:42:48 SUCCESS
ValidateIdToken
ID token iss, aud, exp, iat, auth_time, acr & nbf claims passed validation checks
2022-11-28 04:42:48
ValidateIdTokenStandardClaims
sub is a string with content
2022-11-28 04:42:48
ValidateIdTokenStandardClaims
Skipping unknown claim: rat
2022-11-28 04:42:48
ValidateIdTokenStandardClaims
Skipping unknown claim: realmName
2022-11-28 04:42:48
ValidateIdTokenStandardClaims
preferred_username is a string with content
2022-11-28 04:42:48
ValidateIdTokenStandardClaims
Skipping unknown claim: rt_hash
2022-11-28 04:42:48
ValidateIdTokenStandardClaims
name is a string with content
2022-11-28 04:42:48 SUCCESS
ValidateIdTokenStandardClaims
id_token claims are valid
2022-11-28 04:42:48 SUCCESS
ValidateIdTokenNonce
Nonce values match
nonce
IttHOlMC7w
2022-11-28 04:42:48 SUCCESS
ValidateIdTokenACRClaimAgainstRequest
Nothing to check; the conformance suite did not request an acr claim in request object
2022-11-28 04:42:48 SUCCESS
ValidateIdTokenSignature
id_token signature validated
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJDTG44Y0FIdnVmdWhIWkVvX1Nad0V3IiwiYXVkIjpbIjhiZTVmNjVmLWJmOGMtNGQ4ZS04NGJmLWM4MjYzY2RjYjM2NCJdLCJhdXRoX3RpbWUiOjE2Njk2MTAwNDIsImV4cCI6MTY2OTYxNzc2NywiaWF0IjoxNjY5NjEwNTY3LCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiIzZGRiNTY2MS0xY2M5LTRjYjYtOTZkMy01YWU4ODQxYzJjYzAiLCJuYW1lIjoiSVNWIERldiIsIm5vbmNlIjoiSXR0SE9sTUM3dyIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NjEwNTQzLCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoiS3JYeTJnYk9Ic3JNT0dpc3A1RnRRUSIsInNfaGFzaCI6ImhlVE00RFdYRGZIZy14RHE3aGo1YlEiLCJzdWIiOiI2MTYwMDE3TjY3In0.Zd0GHu8FzVyR8aGaXL1b1uOPRaCfrdOaaaQD_kwD0nF1lQQ-rCZLp0tTt3MmIwmjvb1SRLuFetEVGkb7BgVcSXMT5I5JE6xc1gkbgytSlVKt4cq4-FyZY9a5VzJ0lszePW0xDVZNeSU0d8QnfKex7ZNv9YtcHaKxnKwCvyb1CIHc1g7yBtYhDlhVv51MWFOw3IU1v_qrVOZe3qDlBdH629E5tmZttF1bNkuU3trcB3yCMIMOge7fyPwB0lbIZiTn-3iMTovHK-E3GFctXCBEtjMlcLVbKqkHSAfW_J_nQdbmD9kiBOhzUu4H8pBFVfbWn37LVu0RS4eTLwunjO5HmA
2022-11-28 04:42:48 SUCCESS
ValidateIdTokenSignatureUsingKid
id_token signature validated
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJDTG44Y0FIdnVmdWhIWkVvX1Nad0V3IiwiYXVkIjpbIjhiZTVmNjVmLWJmOGMtNGQ4ZS04NGJmLWM4MjYzY2RjYjM2NCJdLCJhdXRoX3RpbWUiOjE2Njk2MTAwNDIsImV4cCI6MTY2OTYxNzc2NywiaWF0IjoxNjY5NjEwNTY3LCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiIzZGRiNTY2MS0xY2M5LTRjYjYtOTZkMy01YWU4ODQxYzJjYzAiLCJuYW1lIjoiSVNWIERldiIsIm5vbmNlIjoiSXR0SE9sTUM3dyIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NjEwNTQzLCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoiS3JYeTJnYk9Ic3JNT0dpc3A1RnRRUSIsInNfaGFzaCI6ImhlVE00RFdYRGZIZy14RHE3aGo1YlEiLCJzdWIiOiI2MTYwMDE3TjY3In0.Zd0GHu8FzVyR8aGaXL1b1uOPRaCfrdOaaaQD_kwD0nF1lQQ-rCZLp0tTt3MmIwmjvb1SRLuFetEVGkb7BgVcSXMT5I5JE6xc1gkbgytSlVKt4cq4-FyZY9a5VzJ0lszePW0xDVZNeSU0d8QnfKex7ZNv9YtcHaKxnKwCvyb1CIHc1g7yBtYhDlhVv51MWFOw3IU1v_qrVOZe3qDlBdH629E5tmZttF1bNkuU3trcB3yCMIMOge7fyPwB0lbIZiTn-3iMTovHK-E3GFctXCBEtjMlcLVbKqkHSAfW_J_nQdbmD9kiBOhzUu4H8pBFVfbWn37LVu0RS4eTLwunjO5HmA
2022-11-28 04:42:48 SUCCESS
CheckForSubjectInIdToken
Found 'sub' in id_token
sub
6160017N67
2022-11-28 04:42:48
EnsureIdTokenUpdatedAtValid
id_token response does not contain 'updated_at'
2022-11-28 04:42:48 INFO
ValidateEncryptedIdTokenHasKid
Skipped evaluation due to missing required element: id_token jwe_header
path
jwe_header
mapped
object
id_token
2022-11-28 04:42:48 SUCCESS
ExtractRefreshTokenFromTokenResponse
Extracted refresh token from response
refresh_token
estD4o2u5lDULa-LjmPt5OoEgAX82-9aLSLw5UALgjw.IEAhb64WEGsdEnAqpzvAlUWOzHzuToBNzeVdtiyz8qGbx-FYuaaj1S_xYHYRTRA3YvbJJ38ZNfLDDEmzsITsRw.M18xNjY5NjEwNTY3XzE4
2022-11-28 04:42:48 SUCCESS
EnsureServerConfigurationSupportsRefreshToken
The server configuration indicates support for refresh tokens
supported_grant_types
[
  "authorization_code",
  "implicit",
  "password",
  "refresh_token",
  "client_credentials"
]
2022-11-28 04:42:48 SUCCESS
EnsureRefreshTokenContainsAllowedCharactersOnly
Refresh token does not contain any illegal characters
Refresh Token Request
2022-11-28 04:42:48 SUCCESS
CreateRefreshTokenRequest
Created token endpoint request parameters
grant_type
refresh_token
refresh_token
estD4o2u5lDULa-LjmPt5OoEgAX82-9aLSLw5UALgjw.IEAhb64WEGsdEnAqpzvAlUWOzHzuToBNzeVdtiyz8qGbx-FYuaaj1S_xYHYRTRA3YvbJJ38ZNfLDDEmzsITsRw.M18xNjY5NjEwNTY3XzE4
2022-11-28 04:42:48 SUCCESS
AddScopeToTokenEndpointRequest
Added scope of 'openid' to token endpoint request
grant_type
refresh_token
refresh_token
estD4o2u5lDULa-LjmPt5OoEgAX82-9aLSLw5UALgjw.IEAhb64WEGsdEnAqpzvAlUWOzHzuToBNzeVdtiyz8qGbx-FYuaaj1S_xYHYRTRA3YvbJJ38ZNfLDDEmzsITsRw.M18xNjY5NjEwNTY3XzE4
scope
openid
2022-11-28 04:42:48 SUCCESS
CreateClientAuthenticationAssertionClaims
Created client assertion claims
iss
8be5f65f-bf8c-4d8e-84bf-c8263cdcb364
sub
8be5f65f-bf8c-4d8e-84bf-c8263cdcb364
aud
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/token
jti
LC2aFWx0yyyfZmoldT3p
iat
1669610568
exp
1669610628
2022-11-28 04:42:48 SUCCESS
SignClientAuthenticationAssertion
Signed the client assertion
client_assertion
eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiI4YmU1ZjY1Zi1iZjhjLTRkOGUtODRiZi1jODI2M2NkY2IzNjQiLCJhdWQiOiJodHRwczpcL1wvb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tXC9vYXV0aDJcL3Rva2VuIiwiaXNzIjoiOGJlNWY2NWYtYmY4Yy00ZDhlLTg0YmYtYzgyNjNjZGNiMzY0IiwiZXhwIjoxNjY5NjEwNjI4LCJpYXQiOjE2Njk2MTA1NjgsImp0aSI6IkxDMmFGV3gweXl5Zlptb2xkVDNwIn0.ofVWHiOMpytOM9Imh9pmNdXT4PkiRzqYw9SHxAC9gDN4zEADzENkZq1wP0YttgHMmIyn9SjE6rq8NZu06XMPy_ZP1GSybthDah1kpfOVIeGk3pZTg37Hkch-EhY4Ayvv4RnTE_GLVMU7xEvsn-DAIJgowz-YG_bosU-pnLckdS3uPW25SJQjVy8IvtHm2CdyVe6AD-KGwBq4dM44x5phN6e4BtnMmYAnL2W63_3rBJv-3GJNGOp2iqySz8gH3WwVG3zzjGxmMSJfEWgkdbwamHk-FWH5wXKKfm_OaYIE7wi_BIKbv8apWtjtKGmL4sRzwweg_683rehpA8IuDAtvrw
2022-11-28 04:42:48
AddClientAssertionToTokenEndpointRequest
Added client assertion
grant_type
refresh_token
refresh_token
estD4o2u5lDULa-LjmPt5OoEgAX82-9aLSLw5UALgjw.IEAhb64WEGsdEnAqpzvAlUWOzHzuToBNzeVdtiyz8qGbx-FYuaaj1S_xYHYRTRA3YvbJJ38ZNfLDDEmzsITsRw.M18xNjY5NjEwNTY3XzE4
scope
openid
client_assertion
eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiI4YmU1ZjY1Zi1iZjhjLTRkOGUtODRiZi1jODI2M2NkY2IzNjQiLCJhdWQiOiJodHRwczpcL1wvb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tXC9vYXV0aDJcL3Rva2VuIiwiaXNzIjoiOGJlNWY2NWYtYmY4Yy00ZDhlLTg0YmYtYzgyNjNjZGNiMzY0IiwiZXhwIjoxNjY5NjEwNjI4LCJpYXQiOjE2Njk2MTA1NjgsImp0aSI6IkxDMmFGV3gweXl5Zlptb2xkVDNwIn0.ofVWHiOMpytOM9Imh9pmNdXT4PkiRzqYw9SHxAC9gDN4zEADzENkZq1wP0YttgHMmIyn9SjE6rq8NZu06XMPy_ZP1GSybthDah1kpfOVIeGk3pZTg37Hkch-EhY4Ayvv4RnTE_GLVMU7xEvsn-DAIJgowz-YG_bosU-pnLckdS3uPW25SJQjVy8IvtHm2CdyVe6AD-KGwBq4dM44x5phN6e4BtnMmYAnL2W63_3rBJv-3GJNGOp2iqySz8gH3WwVG3zzjGxmMSJfEWgkdbwamHk-FWH5wXKKfm_OaYIE7wi_BIKbv8apWtjtKGmL4sRzwweg_683rehpA8IuDAtvrw
client_assertion_type
urn:ietf:params:oauth:client-assertion-type:jwt-bearer
2022-11-28 04:42:48 SUCCESS
WaitForOneSecond
Pausing for 1 seconds
2022-11-28 04:42:49 SUCCESS
WaitForOneSecond
Woke up after 1 seconds sleep
2022-11-28 04:42:49
CallTokenEndpointAndReturnFullResponse
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/token
request_method
POST
request_headers
{
  "accept": "application/json",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "987"
}
request_body
grant_type=refresh_token&refresh_token=estD4o2u5lDULa-LjmPt5OoEgAX82-9aLSLw5UALgjw.IEAhb64WEGsdEnAqpzvAlUWOzHzuToBNzeVdtiyz8qGbx-FYuaaj1S_xYHYRTRA3YvbJJ38ZNfLDDEmzsITsRw.M18xNjY5NjEwNTY3XzE4&scope=openid&client_assertion=eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiI4YmU1ZjY1Zi1iZjhjLTRkOGUtODRiZi1jODI2M2NkY2IzNjQiLCJhdWQiOiJodHRwczpcL1wvb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tXC9vYXV0aDJcL3Rva2VuIiwiaXNzIjoiOGJlNWY2NWYtYmY4Yy00ZDhlLTg0YmYtYzgyNjNjZGNiMzY0IiwiZXhwIjoxNjY5NjEwNjI4LCJpYXQiOjE2Njk2MTA1NjgsImp0aSI6IkxDMmFGV3gweXl5Zlptb2xkVDNwIn0.ofVWHiOMpytOM9Imh9pmNdXT4PkiRzqYw9SHxAC9gDN4zEADzENkZq1wP0YttgHMmIyn9SjE6rq8NZu06XMPy_ZP1GSybthDah1kpfOVIeGk3pZTg37Hkch-EhY4Ayvv4RnTE_GLVMU7xEvsn-DAIJgowz-YG_bosU-pnLckdS3uPW25SJQjVy8IvtHm2CdyVe6AD-KGwBq4dM44x5phN6e4BtnMmYAnL2W63_3rBJv-3GJNGOp2iqySz8gH3WwVG3zzjGxmMSJfEWgkdbwamHk-FWH5wXKKfm_OaYIE7wi_BIKbv8apWtjtKGmL4sRzwweg_683rehpA8IuDAtvrw&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer
2022-11-28 04:42:50 RESPONSE
CallTokenEndpointAndReturnFullResponse
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK1473efb6-9db8-469b-9b94-18bc2cc465a8",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c28163843c4908242ecd",
  "content-length": "1425",
  "date": "Mon, 28 Nov 2022 04:42:50 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:06KRnMxfMJr3+LVOAD9dJIWW6MQ+O0j/Jn3GDE1T2QE\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:61017047; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003dC47DD2DDDDA6970491AD7BC3E4617438~-1~YAAQFmvcF70OJH6EAQAAdIKLvAjjXuOlONjldMNQ4Qe8CIn5MCJKfXdwPxgg/QQrK6h/RcVtlRYJFsOA5mHc74aTOr9x+79XXKtOJ7FsmDIymArHS+TwPIFLkFuHkSLU3GOgRSahQ7jB7fwEtBn5dFIxYt1xi2Sd3C7DhJLCpCot8imIZ2H0RhxTiU4jZDzF3TtwF+DBBweTKP8IvLBNNFoDLrhfNL62R+19nBLjfP6TC5Bzt0OvEoKTbevUdfyy5NV9i0ufkOCuN41G+Jju4lPjXMBsiU5O3dIV2a4pYm5sgJBOJ7LB5spDG8smi5KEM420M0YS2WIAa7y0QH/00C+Tnn4gVp8GBEAsT9KYkLw9Ks4+f2HHci/eVtRrPCSGxrghx/0\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 04:42:50 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d1159C14FDEDB4C164CD3072A5E6069B6~YAAQFmvcF74OJH6EAQAAdIKLvBEFKciVp/z7TfQfrsM3PS8iyU/65SeQSOOzwwCWFt0Bda0CrjjDR+YXU5dyre5e+H3GZGHxZh5lFCj70d/0bSdc4r9JY0Z473fRKLVOZgd6fS1o/+9dC1IfOKSN7JUvb7UCNvKna+R9ISxakcEjzR3CSHpYvhkNcXZrFcguxlaoKaEgoxbigjefel195MT0HT3Ref6vYyOdlz6pSDs2xtLe7sprTdX8fN7LxYaNjWRHGD0R5nUHNULHUcTxUrhJh1LEop2r4nLzhAHGMTOiNYVdDOu+hf5rPR4f~3555893~3749698; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 08:42:49 GMT; Max-Age\u003d14399; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d99",
    "origin; dur\u003d1055"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"access_token":"TC3eKovwij2_c-v6TqNTsu_NF44Jh2kYNDf2bCd-DII.JNs0sra7en1wR7uWbs3WRHBOaZCdNZD-p__W4Jdd7yfC5PXVnnMt57erdvcYiJyTq1qYqImq71yR15OsBmKL8g.M18xNjY5NjEwNTY5XzE4","expires_in":7199,"id_token":"eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJiY3ZxZUd3Rml0UHBfb2RJNDRfSzFBIiwiYXVkIjpbIjhiZTVmNjVmLWJmOGMtNGQ4ZS04NGJmLWM4MjYzY2RjYjM2NCJdLCJhdXRoX3RpbWUiOjE2Njk2MTAwNDIsImV4cCI6MTY2OTYxNzc3MCwiaWF0IjoxNjY5NjEwNTcwLCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiIxMDE5YjZjYy00YzZiLTRjNjUtOTI0Ny1hZTY5NjcxMjZmZTQiLCJuYW1lIjoiSVNWIERldiIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NjEwNTQzLCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoiT3VaSExtMTVvc1NOQXhFWExmUUVVdyIsInN1YiI6IjYxNjAwMTdONjcifQ.QbY1HduR4vohSMMcZLDcwdNevD_b2wrFte1-5WyTMujdXdDOcbMS4XgjQSz9Cy1OYnuLfvKYZz5Tf5h5u4EvvRgnIEoxKTgAogXCbQpOEPCfevtns9ZulLcnlDlwS5ZZ44Yi5FuAUZT-_DTWUJG1X5W1ajWKXYKMyv8nF9fKcOSGyXmXuK57vTOaplCpuBo8ZStUe6oJcyqDlfxCjqmJQ25lmqkefIEAhdMtPhG307fLqvtb_GWYYUr2viCy19V7OG5u6RAJmjckGOC1UXVvo0NC_LT2gvKt-3NztydhR92Lc_TJd5uB1U5FALumhqvE2SFM8NDIY4yrja7X57rwog","refresh_token":"Ql5vQzGTXowHolvnmQzRWkJw9DWjqZqjRkI5jGsY-2E.a6WbijE70kKdO-3MOLPdH-EQsmktg_VAVThtjD_nrYCqzX4d8qjvQHJr173S-lEHx486MEHqyUxnebZbWb6PVA.M18xNjY5NjEwNTY5XzE4","scope":"openid","token_type":"bearer"}
2022-11-28 04:42:50 SUCCESS
CallTokenEndpointAndReturnFullResponse
Parsed token endpoint response
access_token
TC3eKovwij2_c-v6TqNTsu_NF44Jh2kYNDf2bCd-DII.JNs0sra7en1wR7uWbs3WRHBOaZCdNZD-p__W4Jdd7yfC5PXVnnMt57erdvcYiJyTq1qYqImq71yR15OsBmKL8g.M18xNjY5NjEwNTY5XzE4
expires_in
7199
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJiY3ZxZUd3Rml0UHBfb2RJNDRfSzFBIiwiYXVkIjpbIjhiZTVmNjVmLWJmOGMtNGQ4ZS04NGJmLWM4MjYzY2RjYjM2NCJdLCJhdXRoX3RpbWUiOjE2Njk2MTAwNDIsImV4cCI6MTY2OTYxNzc3MCwiaWF0IjoxNjY5NjEwNTcwLCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiIxMDE5YjZjYy00YzZiLTRjNjUtOTI0Ny1hZTY5NjcxMjZmZTQiLCJuYW1lIjoiSVNWIERldiIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NjEwNTQzLCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoiT3VaSExtMTVvc1NOQXhFWExmUUVVdyIsInN1YiI6IjYxNjAwMTdONjcifQ.QbY1HduR4vohSMMcZLDcwdNevD_b2wrFte1-5WyTMujdXdDOcbMS4XgjQSz9Cy1OYnuLfvKYZz5Tf5h5u4EvvRgnIEoxKTgAogXCbQpOEPCfevtns9ZulLcnlDlwS5ZZ44Yi5FuAUZT-_DTWUJG1X5W1ajWKXYKMyv8nF9fKcOSGyXmXuK57vTOaplCpuBo8ZStUe6oJcyqDlfxCjqmJQ25lmqkefIEAhdMtPhG307fLqvtb_GWYYUr2viCy19V7OG5u6RAJmjckGOC1UXVvo0NC_LT2gvKt-3NztydhR92Lc_TJd5uB1U5FALumhqvE2SFM8NDIY4yrja7X57rwog
refresh_token
Ql5vQzGTXowHolvnmQzRWkJw9DWjqZqjRkI5jGsY-2E.a6WbijE70kKdO-3MOLPdH-EQsmktg_VAVThtjD_nrYCqzX4d8qjvQHJr173S-lEHx486MEHqyUxnebZbWb6PVA.M18xNjY5NjEwNTY5XzE4
scope
openid
token_type
bearer
2022-11-28 04:42:50 SUCCESS
CheckTokenEndpointHttpStatus200
Token endpoint http status code was 200
2022-11-28 04:42:50 SUCCESS
CheckTokenEndpointReturnedJsonContentType
token_endpoint_response_headers Content-Type: header is application/json
2022-11-28 04:42:50 SUCCESS
CheckTokenEndpointCacheHeaders
'cache-control' header in token endpoint response contains expected value.
cache_control_header
no-store
2022-11-28 04:42:50 SUCCESS
CheckIfTokenEndpointResponseError
No error from token endpoint
2022-11-28 04:42:50 SUCCESS
ExtractAccessTokenFromTokenResponse
Extracted the access token
value
TC3eKovwij2_c-v6TqNTsu_NF44Jh2kYNDf2bCd-DII.JNs0sra7en1wR7uWbs3WRHBOaZCdNZD-p__W4Jdd7yfC5PXVnnMt57erdvcYiJyTq1qYqImq71yR15OsBmKL8g.M18xNjY5NjEwNTY5XzE4
type
bearer
2022-11-28 04:42:50 SUCCESS
CheckTokenTypeIsBearer
Token type is bearer
2022-11-28 04:42:50 SUCCESS
EnsureMinimumAccessTokenEntropy
Calculated shannon entropy seems sufficient
actual
851.0633418166304
expected
96.0
value
TC3eKovwij2_c-v6TqNTsu_NF44Jh2kYNDf2bCd-DII.JNs0sra7en1wR7uWbs3WRHBOaZCdNZD-p__W4Jdd7yfC5PXVnnMt57erdvcYiJyTq1qYqImq71yR15OsBmKL8g.M18xNjY5NjEwNTY5XzE4
2022-11-28 04:42:50 SUCCESS
EnsureAccessTokenContainsAllowedCharactersOnly
Access token does not contain any illegal characters
2022-11-28 04:42:50 SUCCESS
ExtractExpiresInFromTokenEndpointResponse
Extracted 'expires_in'
expires_in
7199
2022-11-28 04:42:50 SUCCESS
ValidateExpiresIn
expires_in passed all validation checks
expires_in
7199
2022-11-28 04:42:50 SUCCESS
EnsureAccessTokenValuesAreDifferent
Access token values are not the same
first_access_token
w3_QK2A5AYNLO2aQ3Binp-ErmXiXVEkiMxkwQwohz9M.CaYcBY8iJ5p8ZgHNi0vPPi3jQhUjsDEUU7t9vttdftMMG4kO5luckZXBB61iVpFGn2Nq0vb9bTUeH9GwPsUzZw.M18xNjY5NjEwNTY3XzE4
second_access_token
TC3eKovwij2_c-v6TqNTsu_NF44Jh2kYNDf2bCd-DII.JNs0sra7en1wR7uWbs3WRHBOaZCdNZD-p__W4Jdd7yfC5PXVnnMt57erdvcYiJyTq1qYqImq71yR15OsBmKL8g.M18xNjY5NjEwNTY5XzE4
2022-11-28 04:42:50 SUCCESS
ExtractIdTokenFromTokenResponse
Found and parsed the id_token from token_endpoint_response
value
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJiY3ZxZUd3Rml0UHBfb2RJNDRfSzFBIiwiYXVkIjpbIjhiZTVmNjVmLWJmOGMtNGQ4ZS04NGJmLWM4MjYzY2RjYjM2NCJdLCJhdXRoX3RpbWUiOjE2Njk2MTAwNDIsImV4cCI6MTY2OTYxNzc3MCwiaWF0IjoxNjY5NjEwNTcwLCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiIxMDE5YjZjYy00YzZiLTRjNjUtOTI0Ny1hZTY5NjcxMjZmZTQiLCJuYW1lIjoiSVNWIERldiIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NjEwNTQzLCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoiT3VaSExtMTVvc1NOQXhFWExmUUVVdyIsInN1YiI6IjYxNjAwMTdONjcifQ.QbY1HduR4vohSMMcZLDcwdNevD_b2wrFte1-5WyTMujdXdDOcbMS4XgjQSz9Cy1OYnuLfvKYZz5Tf5h5u4EvvRgnIEoxKTgAogXCbQpOEPCfevtns9ZulLcnlDlwS5ZZ44Yi5FuAUZT-_DTWUJG1X5W1ajWKXYKMyv8nF9fKcOSGyXmXuK57vTOaplCpuBo8ZStUe6oJcyqDlfxCjqmJQ25lmqkefIEAhdMtPhG307fLqvtb_GWYYUr2viCy19V7OG5u6RAJmjckGOC1UXVvo0NC_LT2gvKt-3NztydhR92Lc_TJd5uB1U5FALumhqvE2SFM8NDIY4yrja7X57rwog
header
{
  "kid": "server",
  "alg": "RS256"
}
claims
{
  "at_hash": "bcvqeGwFitPp_odI44_K1A",
  "sub": "6160017N67",
  "rat": 1669610543,
  "realmName": "cloudIdentityRealm",
  "amr": [
    "password"
  ],
  "iss": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "preferred_username": "isvdev@ibm.com",
  "rt_hash": "OuZHLm15osSNAxEXLfQEUw",
  "acr": "urn:ibm:security:policy:id:1",
  "aud": "8be5f65f-bf8c-4d8e-84bf-c8263cdcb364",
  "auth_time": 1669610042,
  "name": "ISV Dev",
  "exp": 1669617770,
  "iat": 1669610570,
  "jti": "1019b6cc-4c6b-4c65-9247-ae6967126fe4"
}
2022-11-28 04:42:50 SUCCESS
ExtractRefreshTokenFromTokenResponse
Extracted refresh token from response
refresh_token
Ql5vQzGTXowHolvnmQzRWkJw9DWjqZqjRkI5jGsY-2E.a6WbijE70kKdO-3MOLPdH-EQsmktg_VAVThtjD_nrYCqzX4d8qjvQHJr173S-lEHx486MEHqyUxnebZbWb6PVA.M18xNjY5NjEwNTY5XzE4
2022-11-28 04:42:50 SUCCESS
EnsureMinimumRefreshTokenLength
Refresh token is of sufficient length
actual
1208
required
128
2022-11-28 04:42:50 SUCCESS
EnsureMinimumRefreshTokenEntropy
Calculated shannon entropy seems sufficient
actual
855.950284730085
expected
96.0
value
Ql5vQzGTXowHolvnmQzRWkJw9DWjqZqjRkI5jGsY-2E.a6WbijE70kKdO-3MOLPdH-EQsmktg_VAVThtjD_nrYCqzX4d8qjvQHJr173S-lEHx486MEHqyUxnebZbWb6PVA.M18xNjY5NjEwNTY5XzE4
2022-11-28 04:42:50 SUCCESS
CompareIdTokenClaims
Validated id token claims successfully
iss
{
  "first": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "second": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "note": "Values are expected to be equal"
}
sub
{
  "first": "6160017N67",
  "second": "6160017N67",
  "note": "Values are expected to be equal"
}
iat
{
  "first": 1669610567,
  "second": 1669610570,
  "note": "Values are expected to be different"
}
aud
{
  "first": "8be5f65f-bf8c-4d8e-84bf-c8263cdcb364",
  "second": "8be5f65f-bf8c-4d8e-84bf-c8263cdcb364",
  "note": "Values are expected to be equal"
}
auth_time
{
  "first": 1669610042,
  "second": 1669610042,
  "note": "Values are expected to be equal"
}
azp
Id tokens do not contain azp claims
Userinfo endpoint tests
2022-11-28 04:42:50
CallProtectedResource
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/userinfo
request_method
GET
request_headers
{
  "accept": "application/json",
  "authorization": "bearer TC3eKovwij2_c-v6TqNTsu_NF44Jh2kYNDf2bCd-DII.JNs0sra7en1wR7uWbs3WRHBOaZCdNZD-p__W4Jdd7yfC5PXVnnMt57erdvcYiJyTq1qYqImq71yR15OsBmKL8g.M18xNjY5NjEwNTY5XzE4",
  "content-length": "0"
}
request_body

                                
2022-11-28 04:42:50 RESPONSE
CallProtectedResource
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK34cc4faa-d308-4da1-a1e6-d20d30251660",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c28163843c4a371c5401",
  "content-length": "324",
  "date": "Mon, 28 Nov 2022 04:42:50 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:YiJel6hxvNEhocMW9KiHhYU5Ju+ll/V5LXaXQ5YkxSI\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:57871319; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d34141FC636CBB1B1E534B57995DEF711~-1~YAAQFmvcF9cOJH6EAQAAGISLvAiv5rd/39RjXiXQIXZxSU3nNzn+5LYZG8Dp4qO4qFLqb+YOy6ACs40OChIT4DvBuo0M3Ba4AkxeE+qf/BYjWddDjn/Mbsig4gB/jA53tJB4I0r0hsst9dBmpoYDBX+lqAGGmLaQQMnOv5d8R4VR9dZ2NVuXJewDIZrleVSTSYcr6KCV4PCkauhrt6e6Yn5C0KKsAGK8yFvDvmCZh2qe+BYzkOthtwWbBwMOpvzDMNt2XmlqOvg7lYSILhGw49gpLdXqlayO6fBDdqKE9Pptk2rakoJrHBj4fQfZYGt/ExCe9OlxuiSXt+N4x+AG3B0ITFxQMMjU7Q2lv+18tyGmZxvNycIquz2vvXDPqb2ccbzkQUI\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 04:42:50 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d9F15AEB405553BEC158196D8D3A9B5D0~YAAQFmvcF9gOJH6EAQAAGISLvBG+Rb1eZ7PfsCN7vdp/vSPamAx5BgiG62/7jG7ikYbBLtxXxjQYuXKXP4QFx16gexIeBqeagb9l1V/Rz2K+/+6Gg3YwTiRda/vIUA9d2Z0A5yhW+pNSmxW2hzRZoLAnRyg8zx+bNL27U2w6BhUUwvQIEcWwIdmBN+8xZqukGEiX1Efbka8Muf2dvNHaTKOL8HG1DuKbLkjM6GuaBgBwBSPQfJrLLrbHQ7z1b2mLVzW6e45Phgrge2ZDnhM6Ji4eKOcbkxvkdz8kL8UuUlpN9bt41S42+OMOr2ba~3686722~4601145; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 08:42:50 GMT; Max-Age\u003d14400; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d100",
    "origin; dur\u003d171"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"acr":"urn:ibm:security:policy:id:1","amr":["password"],"aud":["8be5f65f-bf8c-4d8e-84bf-c8263cdcb364"],"auth_time":1669610042,"iss":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2","name":"ISV Dev","preferred_username":"isvdev@ibm.com","rat":1669610543,"realmName":"cloudIdentityRealm","sub":"6160017N67"}
2022-11-28 04:42:50 SUCCESS
CallProtectedResource
Got a response from the resource endpoint
status
200
endpoint_name
resource
headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK34cc4faa-d308-4da1-a1e6-d20d30251660",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c28163843c4a371c5401",
  "content-length": "324",
  "date": "Mon, 28 Nov 2022 04:42:50 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:YiJel6hxvNEhocMW9KiHhYU5Ju+ll/V5LXaXQ5YkxSI\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:57871319; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d34141FC636CBB1B1E534B57995DEF711~-1~YAAQFmvcF9cOJH6EAQAAGISLvAiv5rd/39RjXiXQIXZxSU3nNzn+5LYZG8Dp4qO4qFLqb+YOy6ACs40OChIT4DvBuo0M3Ba4AkxeE+qf/BYjWddDjn/Mbsig4gB/jA53tJB4I0r0hsst9dBmpoYDBX+lqAGGmLaQQMnOv5d8R4VR9dZ2NVuXJewDIZrleVSTSYcr6KCV4PCkauhrt6e6Yn5C0KKsAGK8yFvDvmCZh2qe+BYzkOthtwWbBwMOpvzDMNt2XmlqOvg7lYSILhGw49gpLdXqlayO6fBDdqKE9Pptk2rakoJrHBj4fQfZYGt/ExCe9OlxuiSXt+N4x+AG3B0ITFxQMMjU7Q2lv+18tyGmZxvNycIquz2vvXDPqb2ccbzkQUI\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 04:42:50 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d9F15AEB405553BEC158196D8D3A9B5D0~YAAQFmvcF9gOJH6EAQAAGISLvBG+Rb1eZ7PfsCN7vdp/vSPamAx5BgiG62/7jG7ikYbBLtxXxjQYuXKXP4QFx16gexIeBqeagb9l1V/Rz2K+/+6Gg3YwTiRda/vIUA9d2Z0A5yhW+pNSmxW2hzRZoLAnRyg8zx+bNL27U2w6BhUUwvQIEcWwIdmBN+8xZqukGEiX1Efbka8Muf2dvNHaTKOL8HG1DuKbLkjM6GuaBgBwBSPQfJrLLrbHQ7z1b2mLVzW6e45Phgrge2ZDnhM6Ji4eKOcbkxvkdz8kL8UuUlpN9bt41S42+OMOr2ba~3686722~4601145; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 08:42:50 GMT; Max-Age\u003d14400; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d100",
    "origin; dur\u003d171"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
body
{"acr":"urn:ibm:security:policy:id:1","amr":["password"],"aud":["8be5f65f-bf8c-4d8e-84bf-c8263cdcb364"],"auth_time":1669610042,"iss":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2","name":"ISV Dev","preferred_username":"isvdev@ibm.com","rat":1669610543,"realmName":"cloudIdentityRealm","sub":"6160017N67"}
2022-11-28 04:42:50 SUCCESS
EnsureHttpStatusCodeIs200
resource endpoint returned the expected http status
expected_status
200
http_status
200
Second client: Make request to authorization endpoint
2022-11-28 04:42:50 SUCCESS
CreateAuthorizationEndpointRequestFromClientInformation
Created authorization endpoint request
client_id
2a9314cf-58a2-485a-ad1e-dacae9e30d1e
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
scope
openid
2022-11-28 04:42:50
CreateRandomStateValue
Created state value
requested_state_length
10
state
rc01ffSdan
2022-11-28 04:42:50 SUCCESS
AddStateToAuthorizationEndpointRequest
Added state parameter to request
client_id
2a9314cf-58a2-485a-ad1e-dacae9e30d1e
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
scope
openid
state
rc01ffSdan
2022-11-28 04:42:50
CreateRandomNonceValue
Created nonce value
requested_nonce_length
10
nonce
5UcG2uyL4d
2022-11-28 04:42:50 SUCCESS
AddNonceToAuthorizationEndpointRequest
Added nonce parameter to request
client_id
2a9314cf-58a2-485a-ad1e-dacae9e30d1e
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
scope
openid
state
rc01ffSdan
nonce
5UcG2uyL4d
2022-11-28 04:42:50 SUCCESS
SetAuthorizationEndpointRequestResponseTypeFromEnvironment
Added response_type parameter to request
client_id
2a9314cf-58a2-485a-ad1e-dacae9e30d1e
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
scope
openid
state
rc01ffSdan
nonce
5UcG2uyL4d
response_type
code
2022-11-28 04:42:50 SUCCESS
AddPromptConsentToAuthorizationEndpointRequestIfScopeContainsOfflineAccess
Not adding prompt=consent as the scope in the configuration does not contain offline_access
2022-11-28 04:42:50 SUCCESS
BuildPlainRedirectToAuthorizationEndpoint
Sending to authorization endpoint
auth_request
{
  "client_id": "2a9314cf-58a2-485a-ad1e-dacae9e30d1e",
  "redirect_uri": "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback",
  "scope": "openid",
  "state": "rc01ffSdan",
  "nonce": "5UcG2uyL4d",
  "response_type": "code"
}
redirect_to_authorization_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/authorize?client_id=2a9314cf-58a2-485a-ad1e-dacae9e30d1e&redirect_uri=https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback&scope=openid&state=rc01ffSdan&nonce=5UcG2uyL4d&response_type=code
2022-11-28 04:42:50 REDIRECT
oidcc-refresh-token
Redirecting to authorization endpoint
redirect_to
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/authorize?client_id=2a9314cf-58a2-485a-ad1e-dacae9e30d1e&redirect_uri=https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback&scope=openid&state=rc01ffSdan&nonce=5UcG2uyL4d&response_type=code
2022-11-28 04:43:01 INCOMING
oidcc-refresh-token
Incoming HTTP request to /test/a/isv_op_oidc_core_test/callback
incoming_headers
{
  "host": "www.certification.openid.net",
  "cache-control": "max-age\u003d0",
  "upgrade-insecure-requests": "1",
  "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,image/avif,image/webp,image/apng,*/*;q\u003d0.8,application/signed-exchange;v\u003db3;q\u003d0.9",
  "sec-fetch-site": "cross-site",
  "sec-fetch-mode": "navigate",
  "sec-fetch-user": "?1",
  "sec-fetch-dest": "document",
  "sec-ch-ua": "\"Google Chrome\";v\u003d\"107\", \"Chromium\";v\u003d\"107\", \"Not\u003dA?Brand\";v\u003d\"24\"",
  "sec-ch-ua-mobile": "?0",
  "sec-ch-ua-platform": "\"Windows\"",
  "referer": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-US,en;q\u003d0.9,zh-CN;q\u003d0.8,zh;q\u003d0.7",
  "cookie": "__utmc\u003d201319536; __utma\u003d201319536.1094656506.1667372526.1669192421.1669574146.18; __utmz\u003d201319536.1669574146.18.4.utmcsr\u003dgoogle|utmccn\u003d(organic)|utmcmd\u003dorganic|utmctr\u003d(not%20provided); JSESSIONID\u003d3F138883B59A4562B9987C6E0F96FA4F",
  "connection": "close"
}
incoming_path
/test/a/isv_op_oidc_core_test/callback
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cert
incoming_query_string_params
{
  "code": "Aw9tf30SptjuHBALpr5EqeYkSVnKZu0DLZWApRIEJwk.YDaEg2dtL3mIqNeicJdRf_t_FqOjPfFxh3tcKe-H8LOS5pwnfvb3UIW7BbwTkf225qPBezJiPXR2NI-0gctrdg",
  "iss": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "state": "rc01ffSdan"
}
incoming_body
incoming_tls_chain
[
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL"
]
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_body_json
2022-11-28 04:43:01 SUCCESS
CreateRandomImplicitSubmitUrl
Created random implicit submission URL
implicit_submit
{
  "path": "implicit/c4yZDBKOXK8c9Qf4PnQp",
  "fullUrl": "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/implicit/c4yZDBKOXK8c9Qf4PnQp"
}
2022-11-28 04:43:01 OUTGOING
oidcc-refresh-token
Response to HTTP request to test instance 6ZF2SOP4RriVh3E
outgoing
ModelAndView [view="implicitCallback"; model={implicitSubmitUrl=https://www.certification.openid.net/test/a/isv_op_oidc_core_test/implicit/c4yZDBKOXK8c9Qf4PnQp, returnUrl=/log-detail.html?log=6ZF2SOP4RriVh3E}]
outgoing_path
callback
2022-11-28 04:43:02 INCOMING
oidcc-refresh-token
Incoming HTTP request to /test/a/isv_op_oidc_core_test/implicit/c4yZDBKOXK8c9Qf4PnQp
incoming_headers
{
  "host": "www.certification.openid.net",
  "sec-ch-ua": "\"Google Chrome\";v\u003d\"107\", \"Chromium\";v\u003d\"107\", \"Not\u003dA?Brand\";v\u003d\"24\"",
  "accept": "*/*",
  "content-type": "text/plain",
  "x-requested-with": "XMLHttpRequest",
  "sec-ch-ua-mobile": "?0",
  "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36",
  "sec-ch-ua-platform": "\"Windows\"",
  "origin": "https://www.certification.openid.net",
  "sec-fetch-site": "same-origin",
  "sec-fetch-mode": "cors",
  "sec-fetch-dest": "empty",
  "referer": "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback?code\u003dAw9tf30SptjuHBALpr5EqeYkSVnKZu0DLZWApRIEJwk.YDaEg2dtL3mIqNeicJdRf_t_FqOjPfFxh3tcKe-H8LOS5pwnfvb3UIW7BbwTkf225qPBezJiPXR2NI-0gctrdg\u0026iss\u003dhttps%3A%2F%2Foidc-conformance.rel.verify.ibmcloudsecurity.com%2Foauth2\u0026state\u003drc01ffSdan",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-US,en;q\u003d0.9,zh-CN;q\u003d0.8,zh;q\u003d0.7",
  "cookie": "__utmc\u003d201319536; __utma\u003d201319536.1094656506.1667372526.1669192421.1669574146.18; __utmz\u003d201319536.1669574146.18.4.utmcsr\u003dgoogle|utmccn\u003d(organic)|utmcmd\u003dorganic|utmctr\u003d(not%20provided); JSESSIONID\u003d3F138883B59A4562B9987C6E0F96FA4F",
  "connection": "close",
  "content-length": "0"
}
incoming_path
/test/a/isv_op_oidc_core_test/implicit/c4yZDBKOXK8c9Qf4PnQp
incoming_body_form_params
incoming_method
POST
incoming_tls_version
TLSv1.2
incoming_tls_cert
incoming_query_string_params
{}
incoming_body
incoming_tls_chain
[
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL"
]
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_body_json
2022-11-28 04:43:02 OUTGOING
oidcc-refresh-token
Response to HTTP request to test instance 6ZF2SOP4RriVh3E
outgoing_status_code
204
outgoing_headers
{}
outgoing_body

                                
outgoing_path
implicit/c4yZDBKOXK8c9Qf4PnQp
2022-11-28 04:43:02 SUCCESS
ExtractImplicitHashToCallbackResponse
implicit_hash is empty
2022-11-28 04:43:02 REDIRECT-IN
oidcc-refresh-token
Authorization endpoint response captured
url_query
{
  "code": "Aw9tf30SptjuHBALpr5EqeYkSVnKZu0DLZWApRIEJwk.YDaEg2dtL3mIqNeicJdRf_t_FqOjPfFxh3tcKe-H8LOS5pwnfvb3UIW7BbwTkf225qPBezJiPXR2NI-0gctrdg",
  "iss": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "state": "rc01ffSdan"
}
headers
{
  "host": "www.certification.openid.net",
  "cache-control": "max-age\u003d0",
  "upgrade-insecure-requests": "1",
  "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,image/avif,image/webp,image/apng,*/*;q\u003d0.8,application/signed-exchange;v\u003db3;q\u003d0.9",
  "sec-fetch-site": "cross-site",
  "sec-fetch-mode": "navigate",
  "sec-fetch-user": "?1",
  "sec-fetch-dest": "document",
  "sec-ch-ua": "\"Google Chrome\";v\u003d\"107\", \"Chromium\";v\u003d\"107\", \"Not\u003dA?Brand\";v\u003d\"24\"",
  "sec-ch-ua-mobile": "?0",
  "sec-ch-ua-platform": "\"Windows\"",
  "referer": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-US,en;q\u003d0.9,zh-CN;q\u003d0.8,zh;q\u003d0.7",
  "cookie": "__utmc\u003d201319536; __utma\u003d201319536.1094656506.1667372526.1669192421.1669574146.18; __utmz\u003d201319536.1669574146.18.4.utmcsr\u003dgoogle|utmccn\u003d(organic)|utmcmd\u003dorganic|utmctr\u003d(not%20provided); JSESSIONID\u003d3F138883B59A4562B9987C6E0F96FA4F",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "x-forwarded-proto": "https",
  "x-forwarded-port": "443",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
http_method
GET
url_fragment
{}
post_body
Second client: Verify authorization endpoint response
2022-11-28 04:43:02 SUCCESS
CheckMatchingCallbackParameters
Callback parameters successfully verified
2022-11-28 04:43:02 SUCCESS
ValidateIssInAuthorizationResponse
'iss' parameter in authorization response matches server's issuer value.
2022-11-28 04:43:02 SUCCESS
CheckIfAuthorizationEndpointError
No error from authorization endpoint
2022-11-28 04:43:02 SUCCESS
CheckStateInAuthorizationResponse
State in response correctly returned
state
rc01ffSdan
2022-11-28 04:43:02 SUCCESS
ExtractAuthorizationCodeFromAuthorizationResponse
Found authorization code
code
Aw9tf30SptjuHBALpr5EqeYkSVnKZu0DLZWApRIEJwk.YDaEg2dtL3mIqNeicJdRf_t_FqOjPfFxh3tcKe-H8LOS5pwnfvb3UIW7BbwTkf225qPBezJiPXR2NI-0gctrdg
2022-11-28 04:43:02 SUCCESS
CreateTokenEndpointRequestForAuthorizationCodeGrant
Created token endpoint request
grant_type
authorization_code
code
Aw9tf30SptjuHBALpr5EqeYkSVnKZu0DLZWApRIEJwk.YDaEg2dtL3mIqNeicJdRf_t_FqOjPfFxh3tcKe-H8LOS5pwnfvb3UIW7BbwTkf225qPBezJiPXR2NI-0gctrdg
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
2022-11-28 04:43:02 SUCCESS
CreateClientAuthenticationAssertionClaims
Created client assertion claims
iss
2a9314cf-58a2-485a-ad1e-dacae9e30d1e
sub
2a9314cf-58a2-485a-ad1e-dacae9e30d1e
aud
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/token
jti
89Tr76cEsoEq9ofYolD1
iat
1669610582
exp
1669610642
2022-11-28 04:43:02 SUCCESS
SignClientAuthenticationAssertion
Signed the client assertion
client_assertion
eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiIyYTkzMTRjZi01OGEyLTQ4NWEtYWQxZS1kYWNhZTllMzBkMWUiLCJhdWQiOiJodHRwczpcL1wvb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tXC9vYXV0aDJcL3Rva2VuIiwiaXNzIjoiMmE5MzE0Y2YtNThhMi00ODVhLWFkMWUtZGFjYWU5ZTMwZDFlIiwiZXhwIjoxNjY5NjEwNjQyLCJpYXQiOjE2Njk2MTA1ODIsImp0aSI6Ijg5VHI3NmNFc29FcTlvZllvbEQxIn0.J_E1iUmBkUS3RRgwQoGL1cFaTt4c2FZrPleJ0zr9_ZDHm_iz7jc7CHd40bLGtT5W5Z2UJKJ8J96pCacitjVCjcEdovbK9emhbm2Z4j_CCZtYT2cS_s37CV8Bnl7Me-GMpa05q4h6eqqkhpC8mPpGcJkE3eXPLqfLZr_eI6NEuS5zJu7afglWqs-Q7QUwoHGFMSI5CdjrCDn44rfEcRLPStnk7VHy8fGLHL4RjVJDTYaRf4i8qr-usyZMYyu1dQG0YY-Ht9HgG4A3LuAPGEn1e7AKTkzUfuJgskTZz0pYl_unQ_aw7G9v5SaE5APortRKBZHX6fAiI2Y_82mWb4OKvg
2022-11-28 04:43:02
AddClientAssertionToTokenEndpointRequest
Added client assertion
grant_type
authorization_code
code
Aw9tf30SptjuHBALpr5EqeYkSVnKZu0DLZWApRIEJwk.YDaEg2dtL3mIqNeicJdRf_t_FqOjPfFxh3tcKe-H8LOS5pwnfvb3UIW7BbwTkf225qPBezJiPXR2NI-0gctrdg
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
client_assertion
eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiIyYTkzMTRjZi01OGEyLTQ4NWEtYWQxZS1kYWNhZTllMzBkMWUiLCJhdWQiOiJodHRwczpcL1wvb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tXC9vYXV0aDJcL3Rva2VuIiwiaXNzIjoiMmE5MzE0Y2YtNThhMi00ODVhLWFkMWUtZGFjYWU5ZTMwZDFlIiwiZXhwIjoxNjY5NjEwNjQyLCJpYXQiOjE2Njk2MTA1ODIsImp0aSI6Ijg5VHI3NmNFc29FcTlvZllvbEQxIn0.J_E1iUmBkUS3RRgwQoGL1cFaTt4c2FZrPleJ0zr9_ZDHm_iz7jc7CHd40bLGtT5W5Z2UJKJ8J96pCacitjVCjcEdovbK9emhbm2Z4j_CCZtYT2cS_s37CV8Bnl7Me-GMpa05q4h6eqqkhpC8mPpGcJkE3eXPLqfLZr_eI6NEuS5zJu7afglWqs-Q7QUwoHGFMSI5CdjrCDn44rfEcRLPStnk7VHy8fGLHL4RjVJDTYaRf4i8qr-usyZMYyu1dQG0YY-Ht9HgG4A3LuAPGEn1e7AKTkzUfuJgskTZz0pYl_unQ_aw7G9v5SaE5APortRKBZHX6fAiI2Y_82mWb4OKvg
client_assertion_type
urn:ietf:params:oauth:client-assertion-type:jwt-bearer
2022-11-28 04:43:02
CallTokenEndpoint
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/token
request_method
POST
request_headers
{
  "accept": "application/json",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "1051"
}
request_body
grant_type=authorization_code&code=Aw9tf30SptjuHBALpr5EqeYkSVnKZu0DLZWApRIEJwk.YDaEg2dtL3mIqNeicJdRf_t_FqOjPfFxh3tcKe-H8LOS5pwnfvb3UIW7BbwTkf225qPBezJiPXR2NI-0gctrdg&redirect_uri=https%3A%2F%2Fwww.certification.openid.net%2Ftest%2Fa%2Fisv_op_oidc_core_test%2Fcallback&client_assertion=eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiIyYTkzMTRjZi01OGEyLTQ4NWEtYWQxZS1kYWNhZTllMzBkMWUiLCJhdWQiOiJodHRwczpcL1wvb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tXC9vYXV0aDJcL3Rva2VuIiwiaXNzIjoiMmE5MzE0Y2YtNThhMi00ODVhLWFkMWUtZGFjYWU5ZTMwZDFlIiwiZXhwIjoxNjY5NjEwNjQyLCJpYXQiOjE2Njk2MTA1ODIsImp0aSI6Ijg5VHI3NmNFc29FcTlvZllvbEQxIn0.J_E1iUmBkUS3RRgwQoGL1cFaTt4c2FZrPleJ0zr9_ZDHm_iz7jc7CHd40bLGtT5W5Z2UJKJ8J96pCacitjVCjcEdovbK9emhbm2Z4j_CCZtYT2cS_s37CV8Bnl7Me-GMpa05q4h6eqqkhpC8mPpGcJkE3eXPLqfLZr_eI6NEuS5zJu7afglWqs-Q7QUwoHGFMSI5CdjrCDn44rfEcRLPStnk7VHy8fGLHL4RjVJDTYaRf4i8qr-usyZMYyu1dQG0YY-Ht9HgG4A3LuAPGEn1e7AKTkzUfuJgskTZz0pYl_unQ_aw7G9v5SaE5APortRKBZHX6fAiI2Y_82mWb4OKvg&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer
2022-11-28 04:43:03 RESPONSE
CallTokenEndpoint
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AKbc6ee8b2-3a91-4c7b-be93-48f6c1efdb46",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c28163843c56371c7941",
  "content-length": "1498",
  "date": "Mon, 28 Nov 2022 04:43:03 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:Jupil+cHr78UiaMdU+6/EAwV5Pn1pVqThwbndiQSkRc\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:57871319; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d57D8A72218E528FBDB041AB5ABD8B841~-1~YAAQFmvcF3YSJH6EAQAA8bOLvAgbbYc2zljdJ6mj5LZJCy5CVTGKL6z4HnngPsvkvB0i0wnp1PU01AH2teeBZDgcyGMwVUL8b/0fiiIz2hNvEKLU8okLH0XX3ZDu8Y21GKMZ2bkUJoU9eLKDrjZ7FAOv/aCTTrhInNJ+8D6o0MnGmh+Bb9K0aVm6C+T/BW4L/11sohhiLs1lvWQEK7oy23KkmYOOPDzey1bJ8IZvpSSGpFDFKVUR55A0HKK29htVyCtYlhehewiQ4dpt2fMKC8UqBa7xkq/ya0HRGNkQMe6gAFRQJ6CBKge9iOgmhw6Q5pL8/dP43MtaxkfxjfcnsiUlTKoLCJSLYNKLC85QUCA5npKtY4k1fzhhOSlG52V4qhyvres\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 04:43:03 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d27F371D05BE662E675D92549C3982A94~YAAQFmvcF3cSJH6EAQAA8bOLvBGAOKNY1U6gkxoPkSv32rZOsZBKkJQieskKR/lVRH3gO/55GMBN0N4swKi4TmR6MmpnKKUBuPZog2cG6g7RDK3mVg8TKL/ngK8L08ZAIotI4mmlFFKbS0sc9sM5muZ3n3YRUPkCYw2tOZn5CPViAl/3J9KXowDv3Y5LNWDYE0Oc1+z9XNg3slogGSYNli8ksLRAIf5yNwCcYR8h8FyTucbkKR/HHknvv2a5emRDMTB+hSGog6LD8EZn82CklSaA2sPxmOskL3JSkcVxYVjoirH3ye0qPIOmTrqT~3686962~3617349; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 08:43:02 GMT; Max-Age\u003d14399; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d92",
    "origin; dur\u003d361"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"access_token":"LEIQjU1xkN3xTTbTqAOJKfU_yuNHEZ0C8iIRHMXw6R4.NnrOR8h1ft9TGuy1Fq3FOgrX7MxG1xsdc1tnH5gi4rp6qKHZYe6QBUo_Ekuez1689YHbH_5kgiDRPnuzozI5Rg.M18xNjY5NjEwNTgyXzE4","expires_in":7200,"id_token":"eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJEWjN2MVlJYXpXOTQwNnEzWERJblFRIiwiYXVkIjpbIjJhOTMxNGNmLTU4YTItNDg1YS1hZDFlLWRhY2FlOWUzMGQxZSJdLCJhdXRoX3RpbWUiOjE2Njk2MTAwNDIsImV4cCI6MTY2OTYxNzc4MiwiaWF0IjoxNjY5NjEwNTgyLCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiJiYjNmNTM3ZS1kM2E0LTRiNDMtYmUyOC00MjU3ODA1MTk3NDIiLCJuYW1lIjoiSVNWIERldiIsIm5vbmNlIjoiNVVjRzJ1eUw0ZCIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NjEwNTc2LCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoiUXBqc2RJSGJwWTI2dnpSRmFnMk51ZyIsInNfaGFzaCI6IktEbHllWmF0V2U2R0JZdmlJNFloQ2ciLCJzdWIiOiI2MTYwMDE3TjY3In0.iflPegKzYxkcLuTEzPFnngfOfBSFjTukbK4FsePVGykKIt-S0QYy97lBLs2p36i0sHRWOquFp88sF8K548xbwUbsLljOHQjfJzSppsur2WaY3KwFpixj8Li3WjRNWACMj-2SgI7R0rZkkllfJuYGoFtsVCiIOb4NCJe_hFr7_euqk8BZORt65cQLBccOrWaObfpO5MYf5uvrJTKxYUXnlNhN9unyEFCD1o7D-KrToaTVOSiM2Z9Bp_mmqnXSkaXa0avm2800FqcxGGLjphz_lPpzQHyILWoppbpSj0ZQUd3YUV0c0opfGZLC-fCUxZKSfwzhwu-ryDAPUD1BOb5TDQ","refresh_token":"0DVQnf0K4uiTvtVhKm5Cu9te5ZEAjRyP_5htjDDZtWU._8OnqqsS3uzeI5QPN3DGIJWXzLBa5pXZeG3f4U2CDGGZYzk7MM4Eafjl54ue8eCtFuHRXsjsgfybuQUq_wnZnw.M18xNjY5NjEwNTgyXzE4","scope":"openid","token_type":"bearer"}
2022-11-28 04:43:03 SUCCESS
CallTokenEndpoint
Parsed token endpoint response
access_token
LEIQjU1xkN3xTTbTqAOJKfU_yuNHEZ0C8iIRHMXw6R4.NnrOR8h1ft9TGuy1Fq3FOgrX7MxG1xsdc1tnH5gi4rp6qKHZYe6QBUo_Ekuez1689YHbH_5kgiDRPnuzozI5Rg.M18xNjY5NjEwNTgyXzE4
expires_in
7200
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJEWjN2MVlJYXpXOTQwNnEzWERJblFRIiwiYXVkIjpbIjJhOTMxNGNmLTU4YTItNDg1YS1hZDFlLWRhY2FlOWUzMGQxZSJdLCJhdXRoX3RpbWUiOjE2Njk2MTAwNDIsImV4cCI6MTY2OTYxNzc4MiwiaWF0IjoxNjY5NjEwNTgyLCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiJiYjNmNTM3ZS1kM2E0LTRiNDMtYmUyOC00MjU3ODA1MTk3NDIiLCJuYW1lIjoiSVNWIERldiIsIm5vbmNlIjoiNVVjRzJ1eUw0ZCIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NjEwNTc2LCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoiUXBqc2RJSGJwWTI2dnpSRmFnMk51ZyIsInNfaGFzaCI6IktEbHllWmF0V2U2R0JZdmlJNFloQ2ciLCJzdWIiOiI2MTYwMDE3TjY3In0.iflPegKzYxkcLuTEzPFnngfOfBSFjTukbK4FsePVGykKIt-S0QYy97lBLs2p36i0sHRWOquFp88sF8K548xbwUbsLljOHQjfJzSppsur2WaY3KwFpixj8Li3WjRNWACMj-2SgI7R0rZkkllfJuYGoFtsVCiIOb4NCJe_hFr7_euqk8BZORt65cQLBccOrWaObfpO5MYf5uvrJTKxYUXnlNhN9unyEFCD1o7D-KrToaTVOSiM2Z9Bp_mmqnXSkaXa0avm2800FqcxGGLjphz_lPpzQHyILWoppbpSj0ZQUd3YUV0c0opfGZLC-fCUxZKSfwzhwu-ryDAPUD1BOb5TDQ
refresh_token
0DVQnf0K4uiTvtVhKm5Cu9te5ZEAjRyP_5htjDDZtWU._8OnqqsS3uzeI5QPN3DGIJWXzLBa5pXZeG3f4U2CDGGZYzk7MM4Eafjl54ue8eCtFuHRXsjsgfybuQUq_wnZnw.M18xNjY5NjEwNTgyXzE4
scope
openid
token_type
bearer
2022-11-28 04:43:03 SUCCESS
CheckIfTokenEndpointResponseError
No error from token endpoint
2022-11-28 04:43:03 SUCCESS
CheckForAccessTokenValue
Found an access token
access_token
LEIQjU1xkN3xTTbTqAOJKfU_yuNHEZ0C8iIRHMXw6R4.NnrOR8h1ft9TGuy1Fq3FOgrX7MxG1xsdc1tnH5gi4rp6qKHZYe6QBUo_Ekuez1689YHbH_5kgiDRPnuzozI5Rg.M18xNjY5NjEwNTgyXzE4
2022-11-28 04:43:03 SUCCESS
ExtractAccessTokenFromTokenResponse
Extracted the access token
value
LEIQjU1xkN3xTTbTqAOJKfU_yuNHEZ0C8iIRHMXw6R4.NnrOR8h1ft9TGuy1Fq3FOgrX7MxG1xsdc1tnH5gi4rp6qKHZYe6QBUo_Ekuez1689YHbH_5kgiDRPnuzozI5Rg.M18xNjY5NjEwNTgyXzE4
type
bearer
2022-11-28 04:43:03 SUCCESS
ExtractExpiresInFromTokenEndpointResponse
Extracted 'expires_in'
expires_in
7200
2022-11-28 04:43:03 SUCCESS
ValidateExpiresIn
expires_in passed all validation checks
expires_in
7200
2022-11-28 04:43:03 SUCCESS
CheckForRefreshTokenValue
Found a refresh token
refresh_token
0DVQnf0K4uiTvtVhKm5Cu9te5ZEAjRyP_5htjDDZtWU._8OnqqsS3uzeI5QPN3DGIJWXzLBa5pXZeG3f4U2CDGGZYzk7MM4Eafjl54ue8eCtFuHRXsjsgfybuQUq_wnZnw.M18xNjY5NjEwNTgyXzE4
2022-11-28 04:43:03 SUCCESS
ExtractIdTokenFromTokenResponse
Found and parsed the id_token from token_endpoint_response
value
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJEWjN2MVlJYXpXOTQwNnEzWERJblFRIiwiYXVkIjpbIjJhOTMxNGNmLTU4YTItNDg1YS1hZDFlLWRhY2FlOWUzMGQxZSJdLCJhdXRoX3RpbWUiOjE2Njk2MTAwNDIsImV4cCI6MTY2OTYxNzc4MiwiaWF0IjoxNjY5NjEwNTgyLCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiJiYjNmNTM3ZS1kM2E0LTRiNDMtYmUyOC00MjU3ODA1MTk3NDIiLCJuYW1lIjoiSVNWIERldiIsIm5vbmNlIjoiNVVjRzJ1eUw0ZCIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NjEwNTc2LCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoiUXBqc2RJSGJwWTI2dnpSRmFnMk51ZyIsInNfaGFzaCI6IktEbHllWmF0V2U2R0JZdmlJNFloQ2ciLCJzdWIiOiI2MTYwMDE3TjY3In0.iflPegKzYxkcLuTEzPFnngfOfBSFjTukbK4FsePVGykKIt-S0QYy97lBLs2p36i0sHRWOquFp88sF8K548xbwUbsLljOHQjfJzSppsur2WaY3KwFpixj8Li3WjRNWACMj-2SgI7R0rZkkllfJuYGoFtsVCiIOb4NCJe_hFr7_euqk8BZORt65cQLBccOrWaObfpO5MYf5uvrJTKxYUXnlNhN9unyEFCD1o7D-KrToaTVOSiM2Z9Bp_mmqnXSkaXa0avm2800FqcxGGLjphz_lPpzQHyILWoppbpSj0ZQUd3YUV0c0opfGZLC-fCUxZKSfwzhwu-ryDAPUD1BOb5TDQ
header
{
  "kid": "server",
  "alg": "RS256"
}
claims
{
  "at_hash": "DZ3v1YIazW9406q3XDInQQ",
  "sub": "6160017N67",
  "rat": 1669610576,
  "realmName": "cloudIdentityRealm",
  "amr": [
    "password"
  ],
  "iss": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "preferred_username": "isvdev@ibm.com",
  "nonce": "5UcG2uyL4d",
  "rt_hash": "QpjsdIHbpY26vzRFag2Nug",
  "acr": "urn:ibm:security:policy:id:1",
  "aud": "2a9314cf-58a2-485a-ad1e-dacae9e30d1e",
  "s_hash": "KDlyeZatWe6GBYviI4YhCg",
  "auth_time": 1669610042,
  "name": "ISV Dev",
  "exp": 1669617782,
  "iat": 1669610582,
  "jti": "bb3f537e-d3a4-4b43-be28-425780519742"
}
2022-11-28 04:43:03 SUCCESS
ValidateIdToken
ID token iss, aud, exp, iat, auth_time, acr & nbf claims passed validation checks
2022-11-28 04:43:03
ValidateIdTokenStandardClaims
sub is a string with content
2022-11-28 04:43:03
ValidateIdTokenStandardClaims
Skipping unknown claim: rat
2022-11-28 04:43:03
ValidateIdTokenStandardClaims
Skipping unknown claim: realmName
2022-11-28 04:43:03
ValidateIdTokenStandardClaims
preferred_username is a string with content
2022-11-28 04:43:03
ValidateIdTokenStandardClaims
Skipping unknown claim: rt_hash
2022-11-28 04:43:03
ValidateIdTokenStandardClaims
name is a string with content
2022-11-28 04:43:03 SUCCESS
ValidateIdTokenStandardClaims
id_token claims are valid
2022-11-28 04:43:03 SUCCESS
ValidateIdTokenNonce
Nonce values match
nonce
5UcG2uyL4d
2022-11-28 04:43:03 SUCCESS
ValidateIdTokenACRClaimAgainstRequest
Nothing to check; the conformance suite did not request an acr claim in request object
2022-11-28 04:43:03 SUCCESS
ValidateIdTokenSignature
id_token signature validated
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJEWjN2MVlJYXpXOTQwNnEzWERJblFRIiwiYXVkIjpbIjJhOTMxNGNmLTU4YTItNDg1YS1hZDFlLWRhY2FlOWUzMGQxZSJdLCJhdXRoX3RpbWUiOjE2Njk2MTAwNDIsImV4cCI6MTY2OTYxNzc4MiwiaWF0IjoxNjY5NjEwNTgyLCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiJiYjNmNTM3ZS1kM2E0LTRiNDMtYmUyOC00MjU3ODA1MTk3NDIiLCJuYW1lIjoiSVNWIERldiIsIm5vbmNlIjoiNVVjRzJ1eUw0ZCIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NjEwNTc2LCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoiUXBqc2RJSGJwWTI2dnpSRmFnMk51ZyIsInNfaGFzaCI6IktEbHllWmF0V2U2R0JZdmlJNFloQ2ciLCJzdWIiOiI2MTYwMDE3TjY3In0.iflPegKzYxkcLuTEzPFnngfOfBSFjTukbK4FsePVGykKIt-S0QYy97lBLs2p36i0sHRWOquFp88sF8K548xbwUbsLljOHQjfJzSppsur2WaY3KwFpixj8Li3WjRNWACMj-2SgI7R0rZkkllfJuYGoFtsVCiIOb4NCJe_hFr7_euqk8BZORt65cQLBccOrWaObfpO5MYf5uvrJTKxYUXnlNhN9unyEFCD1o7D-KrToaTVOSiM2Z9Bp_mmqnXSkaXa0avm2800FqcxGGLjphz_lPpzQHyILWoppbpSj0ZQUd3YUV0c0opfGZLC-fCUxZKSfwzhwu-ryDAPUD1BOb5TDQ
2022-11-28 04:43:03 SUCCESS
ValidateIdTokenSignatureUsingKid
id_token signature validated
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJEWjN2MVlJYXpXOTQwNnEzWERJblFRIiwiYXVkIjpbIjJhOTMxNGNmLTU4YTItNDg1YS1hZDFlLWRhY2FlOWUzMGQxZSJdLCJhdXRoX3RpbWUiOjE2Njk2MTAwNDIsImV4cCI6MTY2OTYxNzc4MiwiaWF0IjoxNjY5NjEwNTgyLCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiJiYjNmNTM3ZS1kM2E0LTRiNDMtYmUyOC00MjU3ODA1MTk3NDIiLCJuYW1lIjoiSVNWIERldiIsIm5vbmNlIjoiNVVjRzJ1eUw0ZCIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NjEwNTc2LCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoiUXBqc2RJSGJwWTI2dnpSRmFnMk51ZyIsInNfaGFzaCI6IktEbHllWmF0V2U2R0JZdmlJNFloQ2ciLCJzdWIiOiI2MTYwMDE3TjY3In0.iflPegKzYxkcLuTEzPFnngfOfBSFjTukbK4FsePVGykKIt-S0QYy97lBLs2p36i0sHRWOquFp88sF8K548xbwUbsLljOHQjfJzSppsur2WaY3KwFpixj8Li3WjRNWACMj-2SgI7R0rZkkllfJuYGoFtsVCiIOb4NCJe_hFr7_euqk8BZORt65cQLBccOrWaObfpO5MYf5uvrJTKxYUXnlNhN9unyEFCD1o7D-KrToaTVOSiM2Z9Bp_mmqnXSkaXa0avm2800FqcxGGLjphz_lPpzQHyILWoppbpSj0ZQUd3YUV0c0opfGZLC-fCUxZKSfwzhwu-ryDAPUD1BOb5TDQ
2022-11-28 04:43:03 SUCCESS
CheckForSubjectInIdToken
Found 'sub' in id_token
sub
6160017N67
2022-11-28 04:43:03
EnsureIdTokenUpdatedAtValid
id_token response does not contain 'updated_at'
2022-11-28 04:43:03 INFO
ValidateEncryptedIdTokenHasKid
Skipped evaluation due to missing required element: id_token jwe_header
path
jwe_header
mapped
object
id_token
2022-11-28 04:43:03 SUCCESS
ExtractRefreshTokenFromTokenResponse
Extracted refresh token from response
refresh_token
0DVQnf0K4uiTvtVhKm5Cu9te5ZEAjRyP_5htjDDZtWU._8OnqqsS3uzeI5QPN3DGIJWXzLBa5pXZeG3f4U2CDGGZYzk7MM4Eafjl54ue8eCtFuHRXsjsgfybuQUq_wnZnw.M18xNjY5NjEwNTgyXzE4
2022-11-28 04:43:03 SUCCESS
EnsureServerConfigurationSupportsRefreshToken
The server configuration indicates support for refresh tokens
supported_grant_types
[
  "authorization_code",
  "implicit",
  "password",
  "refresh_token",
  "client_credentials"
]
2022-11-28 04:43:03 SUCCESS
EnsureRefreshTokenContainsAllowedCharactersOnly
Refresh token does not contain any illegal characters
Second client: Refresh Token Request
2022-11-28 04:43:03 SUCCESS
CreateRefreshTokenRequest
Created token endpoint request parameters
grant_type
refresh_token
refresh_token
0DVQnf0K4uiTvtVhKm5Cu9te5ZEAjRyP_5htjDDZtWU._8OnqqsS3uzeI5QPN3DGIJWXzLBa5pXZeG3f4U2CDGGZYzk7MM4Eafjl54ue8eCtFuHRXsjsgfybuQUq_wnZnw.M18xNjY5NjEwNTgyXzE4
2022-11-28 04:43:03 SUCCESS
CreateClientAuthenticationAssertionClaims
Created client assertion claims
iss
2a9314cf-58a2-485a-ad1e-dacae9e30d1e
sub
2a9314cf-58a2-485a-ad1e-dacae9e30d1e
aud
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/token
jti
7vpzHGODA9yQ9aexcNBY
iat
1669610583
exp
1669610643
2022-11-28 04:43:03 SUCCESS
SignClientAuthenticationAssertion
Signed the client assertion
client_assertion
eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiIyYTkzMTRjZi01OGEyLTQ4NWEtYWQxZS1kYWNhZTllMzBkMWUiLCJhdWQiOiJodHRwczpcL1wvb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tXC9vYXV0aDJcL3Rva2VuIiwiaXNzIjoiMmE5MzE0Y2YtNThhMi00ODVhLWFkMWUtZGFjYWU5ZTMwZDFlIiwiZXhwIjoxNjY5NjEwNjQzLCJpYXQiOjE2Njk2MTA1ODMsImp0aSI6Ijd2cHpIR09EQTl5UTlhZXhjTkJZIn0.NiSFdGBoyaO96k6WZbNXWbAn0mg3k0yGrN6vyCrw8Le45aXwplNNnlxmsBeeaEWyxBrPrtT4gwj5za_yBo7nrLGVDRRUbLQWPNBa9kKHfuVrh1GRNRKb0Dail1M46vymip8FNcrlXr0Mct5lNVLHeHqUgPr3OuhvGBTq6kywA1KypEZ022KoHUfSZXaHccENaIT891I3gYH4wsUePy2ZfiqGtBwa44wMSGlR_ch52L029ILg0ItqCv-G0fOtV-NH3kwGjXBDZWV6TQtTt_FWmKjqq-P25PCxl-2OXiTawSvSqkLXmxEPPggeSUVkWqTYcHJHOmpOc_fEPj-cHLfHSA
2022-11-28 04:43:03
AddClientAssertionToTokenEndpointRequest
Added client assertion
grant_type
refresh_token
refresh_token
0DVQnf0K4uiTvtVhKm5Cu9te5ZEAjRyP_5htjDDZtWU._8OnqqsS3uzeI5QPN3DGIJWXzLBa5pXZeG3f4U2CDGGZYzk7MM4Eafjl54ue8eCtFuHRXsjsgfybuQUq_wnZnw.M18xNjY5NjEwNTgyXzE4
client_assertion
eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiIyYTkzMTRjZi01OGEyLTQ4NWEtYWQxZS1kYWNhZTllMzBkMWUiLCJhdWQiOiJodHRwczpcL1wvb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tXC9vYXV0aDJcL3Rva2VuIiwiaXNzIjoiMmE5MzE0Y2YtNThhMi00ODVhLWFkMWUtZGFjYWU5ZTMwZDFlIiwiZXhwIjoxNjY5NjEwNjQzLCJpYXQiOjE2Njk2MTA1ODMsImp0aSI6Ijd2cHpIR09EQTl5UTlhZXhjTkJZIn0.NiSFdGBoyaO96k6WZbNXWbAn0mg3k0yGrN6vyCrw8Le45aXwplNNnlxmsBeeaEWyxBrPrtT4gwj5za_yBo7nrLGVDRRUbLQWPNBa9kKHfuVrh1GRNRKb0Dail1M46vymip8FNcrlXr0Mct5lNVLHeHqUgPr3OuhvGBTq6kywA1KypEZ022KoHUfSZXaHccENaIT891I3gYH4wsUePy2ZfiqGtBwa44wMSGlR_ch52L029ILg0ItqCv-G0fOtV-NH3kwGjXBDZWV6TQtTt_FWmKjqq-P25PCxl-2OXiTawSvSqkLXmxEPPggeSUVkWqTYcHJHOmpOc_fEPj-cHLfHSA
client_assertion_type
urn:ietf:params:oauth:client-assertion-type:jwt-bearer
2022-11-28 04:43:03 SUCCESS
WaitForOneSecond
Pausing for 1 seconds
2022-11-28 04:43:04 SUCCESS
WaitForOneSecond
Woke up after 1 seconds sleep
2022-11-28 04:43:04
CallTokenEndpointAndReturnFullResponse
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/token
request_method
POST
request_headers
{
  "accept": "application/json",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "974"
}
request_body
grant_type=refresh_token&refresh_token=0DVQnf0K4uiTvtVhKm5Cu9te5ZEAjRyP_5htjDDZtWU._8OnqqsS3uzeI5QPN3DGIJWXzLBa5pXZeG3f4U2CDGGZYzk7MM4Eafjl54ue8eCtFuHRXsjsgfybuQUq_wnZnw.M18xNjY5NjEwNTgyXzE4&client_assertion=eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiIyYTkzMTRjZi01OGEyLTQ4NWEtYWQxZS1kYWNhZTllMzBkMWUiLCJhdWQiOiJodHRwczpcL1wvb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tXC9vYXV0aDJcL3Rva2VuIiwiaXNzIjoiMmE5MzE0Y2YtNThhMi00ODVhLWFkMWUtZGFjYWU5ZTMwZDFlIiwiZXhwIjoxNjY5NjEwNjQzLCJpYXQiOjE2Njk2MTA1ODMsImp0aSI6Ijd2cHpIR09EQTl5UTlhZXhjTkJZIn0.NiSFdGBoyaO96k6WZbNXWbAn0mg3k0yGrN6vyCrw8Le45aXwplNNnlxmsBeeaEWyxBrPrtT4gwj5za_yBo7nrLGVDRRUbLQWPNBa9kKHfuVrh1GRNRKb0Dail1M46vymip8FNcrlXr0Mct5lNVLHeHqUgPr3OuhvGBTq6kywA1KypEZ022KoHUfSZXaHccENaIT891I3gYH4wsUePy2ZfiqGtBwa44wMSGlR_ch52L029ILg0ItqCv-G0fOtV-NH3kwGjXBDZWV6TQtTt_FWmKjqq-P25PCxl-2OXiTawSvSqkLXmxEPPggeSUVkWqTYcHJHOmpOc_fEPj-cHLfHSA&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer
2022-11-28 04:43:05 RESPONSE
CallTokenEndpointAndReturnFullResponse
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK9d6e5271-4cf4-4ed6-b64b-571d326236b7",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c28163843c58218af445",
  "content-length": "1425",
  "date": "Mon, 28 Nov 2022 04:43:05 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:pLwbZOolqzgjqQwDpjrbpUaoB3RxJBKRoLhATvDoWu0\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:57871319; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d6A9801EE35CB2176C19D239AC520B3BE~-1~YAAQFmvcF20TJH6EAQAAsL6LvAhaMrqDDbVIKK80THlrLxh8aKUCrJH40G1aPXuZf1EYmpTJs7ZiKDh/hosefFu+CdI+TNep0mn9iC8yWhJez5MNCAy59YDSrv+4iZNBjJyiJHP1P7ApoEjU2j0WMIE2RI+VKmkuoXt8lahfboYqj4ZnKRTpTjyzhnNVmYQfA6QA44fzwimekGkEqiYBGvTgp6XwbQ6ymqRMmsKxf8zqaYFgUMydqs0vbjuz3Df1fy4KXfHrcOy4x86GVw6s+0qpJI1zPt+Xn+KorjWiN1OZutVUQ8H1CCkSSKoxAGsjxGYqeKnkYssH2PRYScJmKptp6SfKL29gcKCzazNwYFuG7B4VYvPecS0nbBuetja9EQlxVPM\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 04:43:05 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d9AB3A76D8755552748DB7C0D18C845F0~YAAQFmvcF24TJH6EAQAAsL6LvBGudaq1/w23IETZf7WB/Xvz4sd0UbZq5tuDJ7Y6PH7mZ/KOS1P0Yt8PfPpElBvIvzcMuwnLpjFenJiizCFPUVKbKfOfUzzUKby92Ehbzt2FCxHXdt7Zlsbxht0pMh+G4SNc2cJbKoLDQBfVg1Xhxq5p8Fh7S48m5F4Z/dmnOn2lPMmzmmCPK9tk6GW/jM792RgZdZrfG13/WMi92zwA4zC/wCLq16QqnNRaqAUufwynt1oWUDYVt68c9AjOWKm6PaXYfWsOofQOF76KRAY9EInqk5Z4pjKlBM70~3228720~3291190; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 08:43:04 GMT; Max-Age\u003d14399; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d81",
    "origin; dur\u003d1540"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"access_token":"WhyHadHKBvgbDeVJgtV6VLFTLO3bEehDY1cHFmlwPY4.OQDIzy0VI-H8j7pnR1FiZ7hXZKL-X4jiJJ41OzRyXVpggW4_3iw17NOTeE7EqoMd_NmiSIXgC4mKfEisL5LBcA.M18xNjY5NjEwNTg0XzE4","expires_in":7199,"id_token":"eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiI3R1E0dW9fUGItTWJqUGlLek1IQW1BIiwiYXVkIjpbIjJhOTMxNGNmLTU4YTItNDg1YS1hZDFlLWRhY2FlOWUzMGQxZSJdLCJhdXRoX3RpbWUiOjE2Njk2MTAwNDIsImV4cCI6MTY2OTYxNzc4NSwiaWF0IjoxNjY5NjEwNTg1LCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiI1YzJjMzIxNi04NmFlLTQxYjEtODIzYS00NWFjMDBlY2M2MmQiLCJuYW1lIjoiSVNWIERldiIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NjEwNTc2LCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoibW1aUnJMSFhDVVltLXdpSUpUOTR5dyIsInN1YiI6IjYxNjAwMTdONjcifQ.rHhknVyMzmiEWsXqjfnluGRHhpsAGhNvl5halsf72iBcQ-ofls3-qA6RfNkXp3gV5UkP6YOcyjKTzy44D98szphdI9Nop-O8LupnHxSLTrrwCjYZnBRHB1uYl0S9KOhcV6pFe7rKnfdCsjHYtefaTXLzPvnbYxFb2V_4oZimiMtA9fD2AvMY9U0HIJFQsVpvjghALAyhZ8degkh6CIlWMtxsJqICNXnGk_1hOZHccY5ysu4-ZPmGAw_aDRUWqNnsX0QhTU32Ni0hTyEo-GnpxzRMTwrFOdyt2yj2_Hp4pgqx1GnWgkXurrmKmK3aKRwzizAb9ouWU_kPIgy_Uo-P3Q","refresh_token":"n9ltRr4rL3OM7wuOrj3h-uhdlcAv5NZC99TY6QMrp-c.BlV5oml4Xts6sSlJ_rWSzrmlS7fHGPuoG4B3w8Y5K5wMBt_PshaMf-Dyu_Ymyh0G5SpbdRTAtDgqM-M3b7WYWw.M18xNjY5NjEwNTg0XzE4","scope":"openid","token_type":"bearer"}
2022-11-28 04:43:05 SUCCESS
CallTokenEndpointAndReturnFullResponse
Parsed token endpoint response
access_token
WhyHadHKBvgbDeVJgtV6VLFTLO3bEehDY1cHFmlwPY4.OQDIzy0VI-H8j7pnR1FiZ7hXZKL-X4jiJJ41OzRyXVpggW4_3iw17NOTeE7EqoMd_NmiSIXgC4mKfEisL5LBcA.M18xNjY5NjEwNTg0XzE4
expires_in
7199
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiI3R1E0dW9fUGItTWJqUGlLek1IQW1BIiwiYXVkIjpbIjJhOTMxNGNmLTU4YTItNDg1YS1hZDFlLWRhY2FlOWUzMGQxZSJdLCJhdXRoX3RpbWUiOjE2Njk2MTAwNDIsImV4cCI6MTY2OTYxNzc4NSwiaWF0IjoxNjY5NjEwNTg1LCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiI1YzJjMzIxNi04NmFlLTQxYjEtODIzYS00NWFjMDBlY2M2MmQiLCJuYW1lIjoiSVNWIERldiIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NjEwNTc2LCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoibW1aUnJMSFhDVVltLXdpSUpUOTR5dyIsInN1YiI6IjYxNjAwMTdONjcifQ.rHhknVyMzmiEWsXqjfnluGRHhpsAGhNvl5halsf72iBcQ-ofls3-qA6RfNkXp3gV5UkP6YOcyjKTzy44D98szphdI9Nop-O8LupnHxSLTrrwCjYZnBRHB1uYl0S9KOhcV6pFe7rKnfdCsjHYtefaTXLzPvnbYxFb2V_4oZimiMtA9fD2AvMY9U0HIJFQsVpvjghALAyhZ8degkh6CIlWMtxsJqICNXnGk_1hOZHccY5ysu4-ZPmGAw_aDRUWqNnsX0QhTU32Ni0hTyEo-GnpxzRMTwrFOdyt2yj2_Hp4pgqx1GnWgkXurrmKmK3aKRwzizAb9ouWU_kPIgy_Uo-P3Q
refresh_token
n9ltRr4rL3OM7wuOrj3h-uhdlcAv5NZC99TY6QMrp-c.BlV5oml4Xts6sSlJ_rWSzrmlS7fHGPuoG4B3w8Y5K5wMBt_PshaMf-Dyu_Ymyh0G5SpbdRTAtDgqM-M3b7WYWw.M18xNjY5NjEwNTg0XzE4
scope
openid
token_type
bearer
2022-11-28 04:43:05 SUCCESS
CheckTokenEndpointHttpStatus200
Token endpoint http status code was 200
2022-11-28 04:43:05 SUCCESS
CheckTokenEndpointReturnedJsonContentType
token_endpoint_response_headers Content-Type: header is application/json
2022-11-28 04:43:05 SUCCESS
CheckTokenEndpointCacheHeaders
'cache-control' header in token endpoint response contains expected value.
cache_control_header
no-store
2022-11-28 04:43:05 SUCCESS
CheckIfTokenEndpointResponseError
No error from token endpoint
2022-11-28 04:43:05 SUCCESS
ExtractAccessTokenFromTokenResponse
Extracted the access token
value
WhyHadHKBvgbDeVJgtV6VLFTLO3bEehDY1cHFmlwPY4.OQDIzy0VI-H8j7pnR1FiZ7hXZKL-X4jiJJ41OzRyXVpggW4_3iw17NOTeE7EqoMd_NmiSIXgC4mKfEisL5LBcA.M18xNjY5NjEwNTg0XzE4
type
bearer
2022-11-28 04:43:05 SUCCESS
CheckTokenTypeIsBearer
Token type is bearer
2022-11-28 04:43:05 SUCCESS
EnsureMinimumAccessTokenEntropy
Calculated shannon entropy seems sufficient
actual
850.9984102503598
expected
96.0
value
WhyHadHKBvgbDeVJgtV6VLFTLO3bEehDY1cHFmlwPY4.OQDIzy0VI-H8j7pnR1FiZ7hXZKL-X4jiJJ41OzRyXVpggW4_3iw17NOTeE7EqoMd_NmiSIXgC4mKfEisL5LBcA.M18xNjY5NjEwNTg0XzE4
2022-11-28 04:43:05 SUCCESS
EnsureAccessTokenContainsAllowedCharactersOnly
Access token does not contain any illegal characters
2022-11-28 04:43:05 SUCCESS
ExtractExpiresInFromTokenEndpointResponse
Extracted 'expires_in'
expires_in
7199
2022-11-28 04:43:05 SUCCESS
ValidateExpiresIn
expires_in passed all validation checks
expires_in
7199
2022-11-28 04:43:05 SUCCESS
EnsureAccessTokenValuesAreDifferent
Access token values are not the same
first_access_token
LEIQjU1xkN3xTTbTqAOJKfU_yuNHEZ0C8iIRHMXw6R4.NnrOR8h1ft9TGuy1Fq3FOgrX7MxG1xsdc1tnH5gi4rp6qKHZYe6QBUo_Ekuez1689YHbH_5kgiDRPnuzozI5Rg.M18xNjY5NjEwNTgyXzE4
second_access_token
WhyHadHKBvgbDeVJgtV6VLFTLO3bEehDY1cHFmlwPY4.OQDIzy0VI-H8j7pnR1FiZ7hXZKL-X4jiJJ41OzRyXVpggW4_3iw17NOTeE7EqoMd_NmiSIXgC4mKfEisL5LBcA.M18xNjY5NjEwNTg0XzE4
2022-11-28 04:43:05 SUCCESS
ExtractIdTokenFromTokenResponse
Found and parsed the id_token from token_endpoint_response
value
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiI3R1E0dW9fUGItTWJqUGlLek1IQW1BIiwiYXVkIjpbIjJhOTMxNGNmLTU4YTItNDg1YS1hZDFlLWRhY2FlOWUzMGQxZSJdLCJhdXRoX3RpbWUiOjE2Njk2MTAwNDIsImV4cCI6MTY2OTYxNzc4NSwiaWF0IjoxNjY5NjEwNTg1LCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiI1YzJjMzIxNi04NmFlLTQxYjEtODIzYS00NWFjMDBlY2M2MmQiLCJuYW1lIjoiSVNWIERldiIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NjEwNTc2LCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoibW1aUnJMSFhDVVltLXdpSUpUOTR5dyIsInN1YiI6IjYxNjAwMTdONjcifQ.rHhknVyMzmiEWsXqjfnluGRHhpsAGhNvl5halsf72iBcQ-ofls3-qA6RfNkXp3gV5UkP6YOcyjKTzy44D98szphdI9Nop-O8LupnHxSLTrrwCjYZnBRHB1uYl0S9KOhcV6pFe7rKnfdCsjHYtefaTXLzPvnbYxFb2V_4oZimiMtA9fD2AvMY9U0HIJFQsVpvjghALAyhZ8degkh6CIlWMtxsJqICNXnGk_1hOZHccY5ysu4-ZPmGAw_aDRUWqNnsX0QhTU32Ni0hTyEo-GnpxzRMTwrFOdyt2yj2_Hp4pgqx1GnWgkXurrmKmK3aKRwzizAb9ouWU_kPIgy_Uo-P3Q
header
{
  "kid": "server",
  "alg": "RS256"
}
claims
{
  "at_hash": "7GQ4uo_Pb-MbjPiKzMHAmA",
  "sub": "6160017N67",
  "rat": 1669610576,
  "realmName": "cloudIdentityRealm",
  "amr": [
    "password"
  ],
  "iss": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "preferred_username": "isvdev@ibm.com",
  "rt_hash": "mmZRrLHXCUYm-wiIJT94yw",
  "acr": "urn:ibm:security:policy:id:1",
  "aud": "2a9314cf-58a2-485a-ad1e-dacae9e30d1e",
  "auth_time": 1669610042,
  "name": "ISV Dev",
  "exp": 1669617785,
  "iat": 1669610585,
  "jti": "5c2c3216-86ae-41b1-823a-45ac00ecc62d"
}
2022-11-28 04:43:05 SUCCESS
ExtractRefreshTokenFromTokenResponse
Extracted refresh token from response
refresh_token
n9ltRr4rL3OM7wuOrj3h-uhdlcAv5NZC99TY6QMrp-c.BlV5oml4Xts6sSlJ_rWSzrmlS7fHGPuoG4B3w8Y5K5wMBt_PshaMf-Dyu_Ymyh0G5SpbdRTAtDgqM-M3b7WYWw.M18xNjY5NjEwNTg0XzE4
2022-11-28 04:43:05 SUCCESS
EnsureMinimumRefreshTokenLength
Refresh token is of sufficient length
actual
1208
required
128
2022-11-28 04:43:05 SUCCESS
EnsureMinimumRefreshTokenEntropy
Calculated shannon entropy seems sufficient
actual
852.0501502001944
expected
96.0
value
n9ltRr4rL3OM7wuOrj3h-uhdlcAv5NZC99TY6QMrp-c.BlV5oml4Xts6sSlJ_rWSzrmlS7fHGPuoG4B3w8Y5K5wMBt_PshaMf-Dyu_Ymyh0G5SpbdRTAtDgqM-M3b7WYWw.M18xNjY5NjEwNTg0XzE4
2022-11-28 04:43:05 SUCCESS
CompareIdTokenClaims
Validated id token claims successfully
iss
{
  "first": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "second": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "note": "Values are expected to be equal"
}
sub
{
  "first": "6160017N67",
  "second": "6160017N67",
  "note": "Values are expected to be equal"
}
iat
{
  "first": 1669610582,
  "second": 1669610585,
  "note": "Values are expected to be different"
}
aud
{
  "first": "2a9314cf-58a2-485a-ad1e-dacae9e30d1e",
  "second": "2a9314cf-58a2-485a-ad1e-dacae9e30d1e",
  "note": "Values are expected to be equal"
}
auth_time
{
  "first": 1669610042,
  "second": 1669610042,
  "note": "Values are expected to be equal"
}
azp
Id tokens do not contain azp claims
Second client: Userinfo endpoint tests
2022-11-28 04:43:05
CallProtectedResource
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/userinfo
request_method
GET
request_headers
{
  "accept": "application/json",
  "authorization": "bearer WhyHadHKBvgbDeVJgtV6VLFTLO3bEehDY1cHFmlwPY4.OQDIzy0VI-H8j7pnR1FiZ7hXZKL-X4jiJJ41OzRyXVpggW4_3iw17NOTeE7EqoMd_NmiSIXgC4mKfEisL5LBcA.M18xNjY5NjEwNTg0XzE4",
  "content-length": "0"
}
request_body

                                
2022-11-28 04:43:06 RESPONSE
CallProtectedResource
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AKed872503-bc16-4ea7-af84-03ba600b77a0",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c28163843c5907e78fe3",
  "content-length": "324",
  "date": "Mon, 28 Nov 2022 04:43:06 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:Y3XMPwUox1BBVNzhDESqlsZOwG26HcHOeIOfWO3Vfcg\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:57871319; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003dB4CA4486B3A1F4EEB511AF5A13A1EE4F~-1~YAAQFmvcF6ETJH6EAQAAVsGLvAi1WkD9lFoBJs/vfK5/0psS75UpO4l1GG1Nh5VyujJcIa+fAptsSutr/aa0IGGbEJ9MxhT47khF0uqZirX0p5d+m+hoXP1GEy80tqThjxY6UhoogDhP2OZ1bXIl7YIQSmKwA99jiMpcacL7NkwPJK1s6NZka6kSCkVMwUdt0U/0f/EgAbxQfgHVuVLzHXeSoiRFj/FoeOS4PMLoUfcPrXQxAa2gKQAvFskctvJVSuTQdji/1ET09SF5kErDe695cWSeCIfwT6LeEBhg+jh+303Jl163Pka2bPBRZQoSJ8EfTs4j+0rUTLABsFFY9R5XM+uHUPqYRYsLcKmnap+qU/znHilkLjeR3TGjWYcPvlr6p+E\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 04:43:06 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d09DA911A6F83803DA7F830F1FCFF1EA6~YAAQFmvcF6ITJH6EAQAAVsGLvBGRNGHdaLv8f1KqcaIV2calieimqwWz1/cJ6Cq24uaiAdy53i9pr6qKca7Jur7mypw/6J+CBROstR9/zpPRv0AVWfjffTKaoHt/D4ZkPwj1NzVKtpd4MnuFU40hL8DY26S6IOOrEY2INX+HNNOcACOIU8whx3/wU982ECS1ZBUiyr1qJVXQGQo+d8HEeNbITxUQtN5DMkUcnLr/bu6+fMgOem4Puiz5T3kfI8BNaHKJDzy6Okh4EKeA4STfqB0DnVDwRkKv30sV+DUb4uaP3g6dF6mLG20FjxyN~4272432~3291446; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 08:43:05 GMT; Max-Age\u003d14399; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d94",
    "origin; dur\u003d480"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"acr":"urn:ibm:security:policy:id:1","amr":["password"],"aud":["2a9314cf-58a2-485a-ad1e-dacae9e30d1e"],"auth_time":1669610042,"iss":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2","name":"ISV Dev","preferred_username":"isvdev@ibm.com","rat":1669610576,"realmName":"cloudIdentityRealm","sub":"6160017N67"}
2022-11-28 04:43:06 SUCCESS
CallProtectedResource
Got a response from the resource endpoint
status
200
endpoint_name
resource
headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AKed872503-bc16-4ea7-af84-03ba600b77a0",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c28163843c5907e78fe3",
  "content-length": "324",
  "date": "Mon, 28 Nov 2022 04:43:06 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:Y3XMPwUox1BBVNzhDESqlsZOwG26HcHOeIOfWO3Vfcg\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:57871319; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003dB4CA4486B3A1F4EEB511AF5A13A1EE4F~-1~YAAQFmvcF6ETJH6EAQAAVsGLvAi1WkD9lFoBJs/vfK5/0psS75UpO4l1GG1Nh5VyujJcIa+fAptsSutr/aa0IGGbEJ9MxhT47khF0uqZirX0p5d+m+hoXP1GEy80tqThjxY6UhoogDhP2OZ1bXIl7YIQSmKwA99jiMpcacL7NkwPJK1s6NZka6kSCkVMwUdt0U/0f/EgAbxQfgHVuVLzHXeSoiRFj/FoeOS4PMLoUfcPrXQxAa2gKQAvFskctvJVSuTQdji/1ET09SF5kErDe695cWSeCIfwT6LeEBhg+jh+303Jl163Pka2bPBRZQoSJ8EfTs4j+0rUTLABsFFY9R5XM+uHUPqYRYsLcKmnap+qU/znHilkLjeR3TGjWYcPvlr6p+E\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 04:43:06 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d09DA911A6F83803DA7F830F1FCFF1EA6~YAAQFmvcF6ITJH6EAQAAVsGLvBGRNGHdaLv8f1KqcaIV2calieimqwWz1/cJ6Cq24uaiAdy53i9pr6qKca7Jur7mypw/6J+CBROstR9/zpPRv0AVWfjffTKaoHt/D4ZkPwj1NzVKtpd4MnuFU40hL8DY26S6IOOrEY2INX+HNNOcACOIU8whx3/wU982ECS1ZBUiyr1qJVXQGQo+d8HEeNbITxUQtN5DMkUcnLr/bu6+fMgOem4Puiz5T3kfI8BNaHKJDzy6Okh4EKeA4STfqB0DnVDwRkKv30sV+DUb4uaP3g6dF6mLG20FjxyN~4272432~3291446; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 08:43:05 GMT; Max-Age\u003d14399; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d94",
    "origin; dur\u003d480"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
body
{"acr":"urn:ibm:security:policy:id:1","amr":["password"],"aud":["2a9314cf-58a2-485a-ad1e-dacae9e30d1e"],"auth_time":1669610042,"iss":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2","name":"ISV Dev","preferred_username":"isvdev@ibm.com","rat":1669610576,"realmName":"cloudIdentityRealm","sub":"6160017N67"}
2022-11-28 04:43:06 SUCCESS
EnsureHttpStatusCodeIs200
resource endpoint returned the expected http status
expected_status
200
http_status
200
Attempting to use refresh_token issued to client 2 with client 1
2022-11-28 04:43:06 SUCCESS
CreateRefreshTokenRequest
Created token endpoint request parameters
grant_type
refresh_token
refresh_token
n9ltRr4rL3OM7wuOrj3h-uhdlcAv5NZC99TY6QMrp-c.BlV5oml4Xts6sSlJ_rWSzrmlS7fHGPuoG4B3w8Y5K5wMBt_PshaMf-Dyu_Ymyh0G5SpbdRTAtDgqM-M3b7WYWw.M18xNjY5NjEwNTg0XzE4
2022-11-28 04:43:06 SUCCESS
AddScopeToTokenEndpointRequest
Added scope of 'openid' to token endpoint request
grant_type
refresh_token
refresh_token
n9ltRr4rL3OM7wuOrj3h-uhdlcAv5NZC99TY6QMrp-c.BlV5oml4Xts6sSlJ_rWSzrmlS7fHGPuoG4B3w8Y5K5wMBt_PshaMf-Dyu_Ymyh0G5SpbdRTAtDgqM-M3b7WYWw.M18xNjY5NjEwNTg0XzE4
scope
openid
2022-11-28 04:43:06 SUCCESS
CreateClientAuthenticationAssertionClaims
Created client assertion claims
iss
8be5f65f-bf8c-4d8e-84bf-c8263cdcb364
sub
8be5f65f-bf8c-4d8e-84bf-c8263cdcb364
aud
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/token
jti
6G9hyhLttHRa77NK320s
iat
1669610586
exp
1669610646
2022-11-28 04:43:06 SUCCESS
SignClientAuthenticationAssertion
Signed the client assertion
client_assertion
eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiI4YmU1ZjY1Zi1iZjhjLTRkOGUtODRiZi1jODI2M2NkY2IzNjQiLCJhdWQiOiJodHRwczpcL1wvb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tXC9vYXV0aDJcL3Rva2VuIiwiaXNzIjoiOGJlNWY2NWYtYmY4Yy00ZDhlLTg0YmYtYzgyNjNjZGNiMzY0IiwiZXhwIjoxNjY5NjEwNjQ2LCJpYXQiOjE2Njk2MTA1ODYsImp0aSI6IjZHOWh5aEx0dEhSYTc3TkszMjBzIn0.qhE4g2B873O4oelb4FkyLbCObAa-z50DkzNl4LE2CERKzJop1GJlFzqzk2uPhOP7TZOilD-zfdLwvrXUo3aedzg34lVMMfjZrdPPHBi84bU4oFs8B27mvfQJXtBAQvUyUUl1P26kU2Av7HvmpIFtLtL_FsnKWMJpeyCgFb3v8qgsSlDiyQ1kn5CXbZ56Y2b7N9T0UP2RE28wveGu0LurTd32jrEvzYly3S9_-Rm_UdtDxBJYLmzrG5xpnorHJnKXKKxsEp9z5Wrlzdj7IESFHHmpsypJyKloTVkA4L2EjbwQumD9xnCPIzs4Tr_ZsF8PaAZiVngqwOOFjYN37xF4vw
2022-11-28 04:43:06
AddClientAssertionToTokenEndpointRequest
Added client assertion
grant_type
refresh_token
refresh_token
n9ltRr4rL3OM7wuOrj3h-uhdlcAv5NZC99TY6QMrp-c.BlV5oml4Xts6sSlJ_rWSzrmlS7fHGPuoG4B3w8Y5K5wMBt_PshaMf-Dyu_Ymyh0G5SpbdRTAtDgqM-M3b7WYWw.M18xNjY5NjEwNTg0XzE4
scope
openid
client_assertion
eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiI4YmU1ZjY1Zi1iZjhjLTRkOGUtODRiZi1jODI2M2NkY2IzNjQiLCJhdWQiOiJodHRwczpcL1wvb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tXC9vYXV0aDJcL3Rva2VuIiwiaXNzIjoiOGJlNWY2NWYtYmY4Yy00ZDhlLTg0YmYtYzgyNjNjZGNiMzY0IiwiZXhwIjoxNjY5NjEwNjQ2LCJpYXQiOjE2Njk2MTA1ODYsImp0aSI6IjZHOWh5aEx0dEhSYTc3TkszMjBzIn0.qhE4g2B873O4oelb4FkyLbCObAa-z50DkzNl4LE2CERKzJop1GJlFzqzk2uPhOP7TZOilD-zfdLwvrXUo3aedzg34lVMMfjZrdPPHBi84bU4oFs8B27mvfQJXtBAQvUyUUl1P26kU2Av7HvmpIFtLtL_FsnKWMJpeyCgFb3v8qgsSlDiyQ1kn5CXbZ56Y2b7N9T0UP2RE28wveGu0LurTd32jrEvzYly3S9_-Rm_UdtDxBJYLmzrG5xpnorHJnKXKKxsEp9z5Wrlzdj7IESFHHmpsypJyKloTVkA4L2EjbwQumD9xnCPIzs4Tr_ZsF8PaAZiVngqwOOFjYN37xF4vw
client_assertion_type
urn:ietf:params:oauth:client-assertion-type:jwt-bearer
2022-11-28 04:43:06
CallTokenEndpointAndReturnFullResponse
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/token
request_method
POST
request_headers
{
  "accept": "application/json",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "987"
}
request_body
grant_type=refresh_token&refresh_token=n9ltRr4rL3OM7wuOrj3h-uhdlcAv5NZC99TY6QMrp-c.BlV5oml4Xts6sSlJ_rWSzrmlS7fHGPuoG4B3w8Y5K5wMBt_PshaMf-Dyu_Ymyh0G5SpbdRTAtDgqM-M3b7WYWw.M18xNjY5NjEwNTg0XzE4&scope=openid&client_assertion=eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiI4YmU1ZjY1Zi1iZjhjLTRkOGUtODRiZi1jODI2M2NkY2IzNjQiLCJhdWQiOiJodHRwczpcL1wvb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tXC9vYXV0aDJcL3Rva2VuIiwiaXNzIjoiOGJlNWY2NWYtYmY4Yy00ZDhlLTg0YmYtYzgyNjNjZGNiMzY0IiwiZXhwIjoxNjY5NjEwNjQ2LCJpYXQiOjE2Njk2MTA1ODYsImp0aSI6IjZHOWh5aEx0dEhSYTc3TkszMjBzIn0.qhE4g2B873O4oelb4FkyLbCObAa-z50DkzNl4LE2CERKzJop1GJlFzqzk2uPhOP7TZOilD-zfdLwvrXUo3aedzg34lVMMfjZrdPPHBi84bU4oFs8B27mvfQJXtBAQvUyUUl1P26kU2Av7HvmpIFtLtL_FsnKWMJpeyCgFb3v8qgsSlDiyQ1kn5CXbZ56Y2b7N9T0UP2RE28wveGu0LurTd32jrEvzYly3S9_-Rm_UdtDxBJYLmzrG5xpnorHJnKXKKxsEp9z5Wrlzdj7IESFHHmpsypJyKloTVkA4L2EjbwQumD9xnCPIzs4Tr_ZsF8PaAZiVngqwOOFjYN37xF4vw&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer
2022-11-28 04:43:06 RESPONSE
CallTokenEndpointAndReturnFullResponse
HTTP response
response_status_code
400 BAD_REQUEST
response_status_text
Bad Request
response_headers
{
  "x-backside-transport": "FAIL FAIL",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK0d5012a1-a69e-44bb-8d94-b330b5ec59cf",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c28163843c5a371c8111",
  "content-length": "157",
  "date": "Mon, 28 Nov 2022 04:43:06 GMT",
  "connection": "close",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:BhYxiluhGqm22yJHnldtp8GgGH+A/7xrpgztbsbVmXs\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:57871319; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d27C7C736FB64ED211EA97B269D6479E7~-1~YAAQFmvcF7cTJH6EAQAAz8KLvAgD8eNgDzBsT+ylFA+6U80VZE6pPsdX02jhKRe6fFjye1g3RFEEvGWp41nR1qtg6nM8h192x2XZNSCqUwavEsU6MM+RHFHbqDo78xrXWUx6A7XrDoi2JqSMIn9JOpNUO7Kq7Vhr54QSSZTBBn1r5EY7vDDJTsf0sbwPjCkOqK2mfmCPjyJn1LECo/+P3L9HiCQRCFRF1ZabSv+XPQ8IFAcEYod3QUC8RT84b5vMpgCRgB8/I0n2Xw5LEDHjc33ex/MR+Jws+nlWxXP/P+eqnySf53xqlfY9+n/76/ruMp/aUeYejZP93ngohqA2nFSfCdlYejBYgnohswY6S9fpBj2Hs5nah7AQGbXP1nswQu0ti1Y\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 04:43:06 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003dD73BFCAD659B3D5F013958C1C4C61B8F~YAAQFmvcF7gTJH6EAQAAz8KLvBHEkv5XdNbWgEfzOXkyssmFeBxPx+hKkqnzxlEWpH7xw0HHitRxD8L6JshtMg5/V2YTj36Og3iNk+YzuCYyCyk6+TdKUB/VZBh0KU00yeo8wR0nhlAduqU/vrE6IJ3loUXczHfWM5ltSCK76utTnLYSTkgGlm7MC420aXW74ycqFfHleg8LDVrXBwO8FSQVBAucptKtVaJgH+KMWekUvHHz/PMmZHlavJLIlebGreRqcbmKnHrQPsvYg84n81/4tXJV2j/cIE7YIRx67qY1C8pk8Qsz8CAEf60J~4600884~4469572; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 08:43:06 GMT; Max-Age\u003d14400; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d113",
    "origin; dur\u003d169"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"error":"invalid_grant","error_description":"CSIAQ5087E The OAuth 2.0 Client ID from this request does not match the ID during the initial token issuance."}
2022-11-28 04:43:06 SUCCESS
CallTokenEndpointAndReturnFullResponse
Parsed token endpoint response
error
invalid_grant
error_description
CSIAQ5087E The OAuth 2.0 Client ID from this request does not match the ID during the initial token issuance.
2022-11-28 04:43:06 SUCCESS
ValidateErrorFromTokenEndpointResponseError
Token endpoint response error returned valid 'error' field
error
invalid_grant
2022-11-28 04:43:06 SUCCESS
CheckTokenEndpointHttpStatus400
Token endpoint http status code was 400
2022-11-28 04:43:06 SUCCESS
CheckTokenEndpointReturnedJsonContentType
token_endpoint_response_headers Content-Type: header is application/json
2022-11-28 04:43:06 SUCCESS
CheckErrorFromTokenEndpointResponseErrorInvalidGrant
Token Endpoint response error returned expected 'error' of 'invalid_grant'
expected
[
  "invalid_grant"
]
2022-11-28 04:43:06 FINISHED
oidcc-refresh-token
Test has run to completion
testmodule_result
PASSED
Unregister dynamically registered client
2022-11-28 04:43:06
UnregisterDynamicallyRegisteredClient
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register/8be5f65f-bf8c-4d8e-84bf-c8263cdcb364
request_method
DELETE
request_headers
{
  "accept": "application/json",
  "authorization": "Bearer ZmlgtNvqRYagzJmS0HH2dHO9US37zMllQY8ONYSBnWQ.eHX-nyA5vnmqdZtmbMHckwF_927V8yeYoDqLMq1iA1CrxMcdmyuuhwi4LtfhcDmYYjcWfPa2gGMjwo3Qnyw31A.M18xNjY5NjEwNTI2XzE4",
  "content-length": "0"
}
request_body

                                
2022-11-28 04:43:12 RESPONSE
UnregisterDynamicallyRegisteredClient
HTTP response
response_status_code
204 NO_CONTENT
response_status_text
No Content
response_headers
{
  "x-backside-transport": "OK OK",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK3724dfaa-b80e-4c17-8975-9fcbc2e11018",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c28163843c5b218af865",
  "date": "Mon, 28 Nov 2022 04:43:12 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:XYKELVhYHDwgwOgdo1oE/oPYsyQ9hvG29WCM5THPE/Y\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:54725591; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d3C9D8AC4F7487394AFED27EEFC7362DE~-1~YAAQFmvcFwYVJH6EAQAA3NmLvAhMNVOB4zAsUxbBX757Y3ipxncvZd+2hmQgNt3QLTs1eVlVkgGO4npCOVxndn3YnQ4KGfqz+4AUVFuAuQ9+boN4htViucjtRMomjxWjBhaMWbT/zInVsfnpz89jMbG7wbmxJmCWb9Kz5rTh9DPDGugMUSypIo7vvSSgMix8R2SAyFiyPUnhQQ239gVsPjVgw42xqPbHhnRJJZnb1cwKiT4uTrX/b9qROC0efkWcG6K+IgVIZ12M4zk7JtLXY2YAoQLKgRMhePhBBv4NE65VnL6siinLtbzxUQmAdnaZ2ur8DJ4uZP3DtsBnPOxHYEi+0WgJDIdUF1PY7wgWQ7qJYtavzZN4bo1Y3y7MptoaJzYD7RQ\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 04:43:12 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d89C0DE647D03AE9ABC5FDF962FB29F36~YAAQFmvcFwcVJH6EAQAA3NmLvBE2tar4omFI17TTYyia/zbUc2RMlv3GxG0LW4DvyHCfffbPiok3WsmPXXT1xcgBoJdo4P/WSWBvq3R+8yljS9ngJDJShp3iuDyEFwMXuyeQI858ZYyfGAQdKoMKFAXQGsIfcA7SjjidSTnvPjAMVjYB+i+EFfg5Ynn04KRH0XAf+QQV76FGOhVjk4sELTKw+/bTl8rtGeSkUOpRAkPNOqcZvk1YaWML7N+76tXLpuTnC6BFJEyT1e8xQyvlYHkDdHRSKDVg4oJ/78tvYBZ3dpYcXfGGMGHdjEzh~4600884~4469572; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 08:43:06 GMT; Max-Age\u003d14394; Secure"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body

                                
2022-11-28 04:43:12 SUCCESS
UnregisterDynamicallyRegisteredClient
Client successfully unregistered
Second client: Unregister dynamically registered client
2022-11-28 04:43:12
UnregisterDynamicallyRegisteredClient
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register/2a9314cf-58a2-485a-ad1e-dacae9e30d1e
request_method
DELETE
request_headers
{
  "accept": "application/json",
  "authorization": "Bearer IKqavTJPMDIhhmVZAgmDek5Q19-honKdMuv6iHrJs3s.qvsCtGZ_HhtPPkXQ3zm_vDTVjzNis0s51Trgy_KVAgRoO4aWlZuZyLPcJdeZpCBLNEPFmEBk5vTXSg5lTZJyXg.M18xNjY5NjEwNTM5XzE4",
  "content-length": "0"
}
request_body

                                
2022-11-28 04:43:14 RESPONSE
UnregisterDynamicallyRegisteredClient
HTTP response
response_status_code
204 NO_CONTENT
response_status_text
No Content
response_headers
{
  "x-backside-transport": "OK OK",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK5b141b69-798f-4bcd-b2e1-26327c696b2b",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c28163843c60371c91c1",
  "date": "Mon, 28 Nov 2022 04:43:14 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:wCHwBbyquKE58ZwmjMZ7YNEv4NxU5aWDID7OoHhkUDY\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:54725591; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003dABC0BF9ADFC0EA4AB1E85B13784F0593~-1~YAAQFmvcF38VJH6EAQAA5+CLvAjGifE9lCEuVeoTADKXdSdSZvnSI1V0EspnPQKIgHqO9PW+J7Qj4Czpc43vC2LqVN9VD3qvJRbtea1vTtABQdtoEEPSpoFncpxNEGr7gqBtptRMDh+mG1KnMtjCyouCWzFmqfTEQ299hjOFrZrMmeY+jfFCsMeQPIjWR9zTf1IkHFeREfzsfH3jhSaUYS2FYXCrN5fBl/JkADFH72I1kjimgsEPTftV5YwEyD34OHHGoAgjaIJCWamiC92cFD3DlSnJRDyhxjP+0r3U99xrAhUClUF+/nnhPh6v8c1QbOn5g5lIRAyi28grR7K8H3OKuKislZRmdAU+/tuxD9J7ZDfmh9BK7MADBN3GZGR376vWzcg\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 04:43:14 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003dC7DEA9C867B2793B5356237FAC0CD4EA~YAAQFmvcF4AVJH6EAQAA5+CLvBFLg2b1jopZ1pmLYkJKXC05wWyKyGNDd2D4DPBujgfMQEo2eNTf/gWyg7PQu/61ZJFHQRiTixzw69sqQhjkjmcdUffm+BdpuNLfrrXnXrLFCpvw+g4bSfSVx/eoSTJOejPa+kWMdRnLYwxbMISWaIAQHne8rKi/fJ4Lsm+3xsZVKNcPk7vu50Q17FSPln+7vvW08sbhg08GGW+ANMK6QTHJmdOzeyK9sfon5bX2chMBJoSRQ6oVlZXc6iSMQNATR3uLThqec66Dl3KUM5VKD4bz1wOuVGBar7GN~4604214~3687235; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 08:43:12 GMT; Max-Age\u003d14398; Secure"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body

                                
2022-11-28 04:43:14 SUCCESS
UnregisterDynamicallyRegisteredClient
Client successfully unregistered
2022-11-28 04:44:41
TEST-RUNNER
Alias has now been claimed by another test
alias
isv_op_oidc_core_test
new_test_id
yvHmKuXcIy5tlEE
Test Results