Test Summary

Test Results

Expand All Collapse All
All times are UTC
2022-11-27 17:09:04 INFO
TEST-RUNNER
Test instance BKM0UhVjklHUbnx created
baseUrl
https://www.certification.openid.net/test/a/isv_op_oidc_core_test
variant
{
  "client_auth_type": "client_secret_basic",
  "response_type": "code id_token",
  "server_metadata": "discovery",
  "response_mode": "default",
  "client_registration": "dynamic_client"
}
alias
isv_op_oidc_core_test
description
isv_op_oidc_core_test_dynamic_client
planId
rdCLwWmseshp4
config
{
  "server": {
    "discoveryUrl": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/.well-known/openid-configuration",
    "login_hint": "isvdev@ibm.com"
  },
  "client": {
    "client_name": "Ristretto Core Conformance Test Dynamic Client One"
  },
  "client2": {
    "client_name": "Ristretto Core Conformance Test Dynamic Client Two"
  },
  "consent": {},
  "alias": "isv_op_oidc_core_test",
  "description": "isv_op_oidc_core_test_dynamic_client"
}
testName
oidcc-refresh-token
2022-11-27 17:09:04 SUCCESS
CreateRedirectUri
Created redirect URI
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
2022-11-27 17:09:04
GetDynamicServerConfiguration
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/.well-known/openid-configuration
request_method
GET
request_headers
{
  "accept": "text/plain, application/json, application/*+json, */*",
  "content-length": "0"
}
request_body

                                
2022-11-27 17:09:04 RESPONSE
GetDynamicServerConfiguration
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AKb9089d0a-1de2-4cfd-b52e-54913afd47e9",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c281638399b0351106a1",
  "vary": "Accept-Encoding",
  "date": "Sun, 27 Nov 2022 17:09:04 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:YeQpOzV2ek2f3obRyfGO96Lv8MdZ5OmQ8tu4Df87DOY\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:57871319; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d4BCF3B83651AF64CDCE37E2BBB277715~-1~YAAQXXYGF8C2xYSEAQAAhloQughkQnsEh/gZL4GqyjVOMv3LCDwjk4kwDpE50zDpCof17ql2iLEfBOuPti1AJclLxxVpicxbSld5GQM0FSaXjIHVoF2qdyGyTSftVNvj9aBrbPpYZCt8foi6HaRqP+iUnzhCtmluJKqOitu+URVyvQ9QMWsz0dYmwPvM80XsiBPwSTjVOuNhmbUxtRwakRb5U7OtVsPdRueh3en+Ty4UkMSnEXzL6ibyFo5ybKBieRAZXNTL/L74/Cche9x6olTieDAfsipjtuEQ/GSPdZz/jbSQYOMzeUkDEkfYjtHFTYnh4xkm5B/qsGEZBS1YwvpZ8JJvSzT19vgMqxmgU0CbDkEiQHHfzPRHQEKMQw62m0NVKO8\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 27 Nov 2023 17:09:04 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d34A673A95133A602FA1C4F4E8B11B92F~YAAQXXYGF8G2xYSEAQAAhloQuhECYLmN9G2jpPVjVqIl+z3MwFWJz54LbOcQ53VV/+fHJpY2WLVDrQA+VLEYmcOEe4haSlemXs4K81XXc62XjyxbfuD0FZvh6+PPzjU3SAYr3fRXSOYe/DrRPsXJO8Bim5uOJyfoQa8/udEkzpmBL6uOwkKHVj83t4OPBHkokxS9Q4fF8r4O23SZSgbOuGsxLoRgMudbZ1ylBtN3qlE+DpHwzAF9ddxJRrsY8yJJFc83Jr+Ul1K+O21pH4KzQ5OCg4X6psmjVQeiwnckjsWY96ZQC+yaCKoMF1Fp~4536385~4342850; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dSun, 27 Nov 2022 21:09:04 GMT; Max-Age\u003d14400; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d113",
    "origin; dur\u003d97"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"issuer":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2","authorization_endpoint":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/authorize","token_endpoint":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/token","introspection_endpoint":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/introspect","userinfo_endpoint":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/userinfo","revocation_endpoint":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/revoke","pushed_authorization_request_endpoint":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/par","registration_endpoint":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register","jwks_uri":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/jwks","response_types_supported":["none","code","token","id_token","code token","code id_token","token id_token","code token id_token"],"response_modes_supported":["query","fragment","form_post","jwt","query.jwt","fragment.jwt","form_post.jwt"],"grant_types_supported":["authorization_code","implicit","password","refresh_token","client_credentials"],"token_endpoint_auth_methods_supported":["client_secret_basic","client_secret_post","private_key_jwt","tls_client_auth"],"authorization_signing_alg_values_supported":["RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512"],"authorization_encryption_alg_values_supported":["none","RSA-OAEP","RSA-OAEP-256"],"authorization_encryption_enc_values_supported":["none","A128GCM","A192GCM","A256GCM"],"id_token_signing_alg_values_supported":["RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512"],"id_token_encryption_alg_values_supported":["none","RSA-OAEP","RSA-OAEP-256"],"id_token_encryption_enc_values_supported":["none","A128GCM","A192GCM","A256GCM"],"userinfo_signing_alg_values_supported":["RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512"],"userinfo_encryption_alg_values_supported":["none","RSA-OAEP","RSA-OAEP-256"],"userinfo_encryption_enc_values_supported":["none","A128GCM","A192GCM","A256GCM"],"token_endpoint_auth_signing_alg_values_supported":["RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512"],"request_object_signing_alg_values_supported":["RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512"],"request_object_encryption_alg_values_supported":["none","RSA-OAEP","RSA-OAEP-256"],"request_object_encryption_enc_values_supported":["none","A128GCM","A192GCM","A256GCM"],"subject_types_supported":["public"],"scopes_supported":["openid","profile","email","phone","address"],"claims_supported":["realmName","groupIds","family_name","job_title","uid","email","name","upn","preferred_username","given_name","tenantId","employee_id","mobile_number","department","iss","acr"],"claim_types_supported":["normal"],"claims_parameter_supported":true,"request_parameter_supported":true,"request_uri_parameter_supported":true,"require_request_uri_registration":true,"tls_client_certificate_bound_access_tokens":true,"mtls_endpoint_aliases":{"introspection_endpoint":"https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/introspect","pushed_authorization_request_endpoint":"https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/par","revocation_endpoint":"https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/revoke","token_endpoint":"https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/token"},"dpop_signing_alg_values_supported":["RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512"]}
2022-11-27 17:09:04 SUCCESS
GetDynamicServerConfiguration
Successfully parsed server configuration
issuer
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2
authorization_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/authorize
token_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/token
introspection_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/introspect
userinfo_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/userinfo
revocation_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/revoke
pushed_authorization_request_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/par
registration_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register
jwks_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/jwks
response_types_supported
[
  "none",
  "code",
  "token",
  "id_token",
  "code token",
  "code id_token",
  "token id_token",
  "code token id_token"
]
response_modes_supported
[
  "query",
  "fragment",
  "form_post",
  "jwt",
  "query.jwt",
  "fragment.jwt",
  "form_post.jwt"
]
grant_types_supported
[
  "authorization_code",
  "implicit",
  "password",
  "refresh_token",
  "client_credentials"
]
token_endpoint_auth_methods_supported
[
  "client_secret_basic",
  "client_secret_post",
  "private_key_jwt",
  "tls_client_auth"
]
authorization_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "PS256",
  "PS384",
  "PS512",
  "ES256",
  "ES384",
  "ES512"
]
authorization_encryption_alg_values_supported
[
  "none",
  "RSA-OAEP",
  "RSA-OAEP-256"
]
authorization_encryption_enc_values_supported
[
  "none",
  "A128GCM",
  "A192GCM",
  "A256GCM"
]
id_token_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "PS256",
  "PS384",
  "PS512",
  "ES256",
  "ES384",
  "ES512"
]
id_token_encryption_alg_values_supported
[
  "none",
  "RSA-OAEP",
  "RSA-OAEP-256"
]
id_token_encryption_enc_values_supported
[
  "none",
  "A128GCM",
  "A192GCM",
  "A256GCM"
]
userinfo_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "PS256",
  "PS384",
  "PS512",
  "ES256",
  "ES384",
  "ES512"
]
userinfo_encryption_alg_values_supported
[
  "none",
  "RSA-OAEP",
  "RSA-OAEP-256"
]
userinfo_encryption_enc_values_supported
[
  "none",
  "A128GCM",
  "A192GCM",
  "A256GCM"
]
token_endpoint_auth_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "PS256",
  "PS384",
  "PS512",
  "ES256",
  "ES384",
  "ES512"
]
request_object_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "PS256",
  "PS384",
  "PS512",
  "ES256",
  "ES384",
  "ES512"
]
request_object_encryption_alg_values_supported
[
  "none",
  "RSA-OAEP",
  "RSA-OAEP-256"
]
request_object_encryption_enc_values_supported
[
  "none",
  "A128GCM",
  "A192GCM",
  "A256GCM"
]
subject_types_supported
[
  "public"
]
scopes_supported
[
  "openid",
  "profile",
  "email",
  "phone",
  "address"
]
claims_supported
[
  "realmName",
  "groupIds",
  "family_name",
  "job_title",
  "uid",
  "email",
  "name",
  "upn",
  "preferred_username",
  "given_name",
  "tenantId",
  "employee_id",
  "mobile_number",
  "department",
  "iss",
  "acr"
]
claim_types_supported
[
  "normal"
]
claims_parameter_supported
true
request_parameter_supported
true
request_uri_parameter_supported
true
require_request_uri_registration
true
tls_client_certificate_bound_access_tokens
true
mtls_endpoint_aliases
{
  "introspection_endpoint": "https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/introspect",
  "pushed_authorization_request_endpoint": "https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/par",
  "revocation_endpoint": "https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/revoke",
  "token_endpoint": "https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/token"
}
dpop_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "PS256",
  "PS384",
  "PS512",
  "ES256",
  "ES384",
  "ES512"
]
2022-11-27 17:09:04 SUCCESS
CheckServerConfiguration
Found required server configuration keys
required
[
  "authorization_endpoint",
  "token_endpoint",
  "issuer"
]
2022-11-27 17:09:04 SUCCESS
ExtractTLSTestValuesFromServerConfiguration
Extracted TLS information from authorization server configuration
registration_endpoint
{
  "testHost": "oidc-conformance.rel.verify.ibmcloudsecurity.com",
  "testPort": 443
}
authorization_endpoint
{
  "testHost": "oidc-conformance.rel.verify.ibmcloudsecurity.com",
  "testPort": 443
}
token_endpoint
{
  "testHost": "oidc-conformance.rel.verify.ibmcloudsecurity.com",
  "testPort": 443
}
userinfo_endpoint
{
  "testHost": "oidc-conformance.rel.verify.ibmcloudsecurity.com",
  "testPort": 443
}
2022-11-27 17:09:04
FetchServerKeys
Fetching server key
jwks_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/jwks
2022-11-27 17:09:04
FetchServerKeys
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/jwks
request_method
GET
request_headers
{
  "accept": "text/plain, application/json, application/*+json, */*",
  "content-length": "0"
}
request_body

                                
2022-11-27 17:09:05 RESPONSE
FetchServerKeys
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AKe88b870a-87a8-45d3-9da1-4bc9750b729b",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c281638399b020433915",
  "vary": "Accept-Encoding",
  "date": "Sun, 27 Nov 2022 17:09:05 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:LA5Xpo44GYbOXhQakGbfVGJOBU+MdvtZQ1rIxKd3ERo\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:57871319; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d7743F9EDD66F3572E314E90908021370~-1~YAAQXXYGF8i2xYSEAQAAg1sQugg6cyY+zXVbhdIuK30vq6QgiPkFrVMLWKhBNOP1GdaxH1HtwqI558/dXu97GsWcWCyP6qjFPVSi5Ni/0XDgdGGW0gHTj+aK62hFpvP/KKcKtGSRy2+30xSQ9lxlFpZcUzPF28/jxSjj5Phgh+JeE/p9VRh6Py3+16bFknuCWCVb5qDZ8rKMK/Xx8VOCS7jKoUYJiPgK+HKCHA79HPUojkb962ACym4Gy6DL5CBouOx2MBu13hJ+MyNrL0s4DUVVoNboAA9E/JGKn145oKMWKk9fhFgqu4sj3aoVN92vpzaeOsYQOj+DvqBVPP4NxXgPXRs7Fav0ZezUwn/wQaGdXaedgFkJWCZ1hwMlk+Tc7/QKgv8\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 27 Nov 2023 17:09:05 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003dC0DA18C96D1FA7EBCF373EE90A017276~YAAQXXYGF8m2xYSEAQAAg1sQuhFJrOQCXhBFYu8/ee3viTKL1lNp0jYEDbi5nsTXFQUjzyCijr6Jmbkta+twZrOaw1Xe5H+s2XZq/lGR5j5KM/Z2iKn5DwD4UFg0anI0Jm1Lobp+y/3R/yU/RxhNADMTsT2MTsb/Jk+bBZ+yToiX5TzFir5lopl29f/y09SHf09+G+cBYpn9RGsn5tEDPXaqs1B+M8ytTnx0qILwulEHmhAdvk575GKj4+z6/pLpXUbSjgwFJ7A5V5PcZgkqfXm8MCpo7rABqzgTjnXNJd+nkeB6C/cGkEFU6jC1~4536385~4342850; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dSun, 27 Nov 2022 21:09:04 GMT; Max-Age\u003d14399; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d92",
    "origin; dur\u003d92"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"keys":[{"kid":"server","kty":"RSA","use":"sig","x5c":["MIIDYDCCAkigAwIBAgIEIFW8uDANBgkqhkiG9w0BAQsFADByMQkwBwYDVQQGEwAxCTAHBgNVBAgTADEJMAcGA1UEBxMAMQkwBwYDVQQKEwAxCTAHBgNVBAsTADE5MDcGA1UEAxMwb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tMB4XDTIyMTExNDA0NDI0MFoXDTMyMTExMTA0NDI0MFowcjEJMAcGA1UEBhMAMQkwBwYDVQQIEwAxCTAHBgNVBAcTADEJMAcGA1UEChMAMQkwBwYDVQQLEwAxOTA3BgNVBAMTMG9pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALBtmxl55OH/ceueSG0bRucWkdCLybhWwz+x9J6IOb8Q89d4lcd7xhdkN+9nYEjqQMDrUEFDj2ajikKlxrJk7tZSkbu5skFuxHUETDhjHBqnNQb1jwhAdYzBPFTyQ9Ii7lm0uYTthnBJKvpvjKPoz7H9Vuu15RNDujq7RF6sDGSIJUTaxbx7EM2Xv37iqfSAjaMCvfLelacNHUfCAoyGeJYXCIOnlg2/KdfoN4QHKw9Dwq12Br2vau/TcvbD8Na4b+Mm/NEf00wFjt+MtbMCDyUFMQbsAuAk2eFS3eABb1VOQ9ZZOOcsXwB4nRewWIVVhJyMEixDXxm73G9oJBUpI6sCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAhvvrczfcb1xsYJeEiVtctWlLfHXyKkfyJpIU1nTGdKpd18tPv4OeLMyuJsOFenhJD95UauFwz3AT1zdHShp04JHWTtkb7aezFN4C9fpb97BUR0BheoYzkC6pgZ7M4QkkKE/AKYZfWLahqcbZ6ICmUfXyDJ2mWpXLpLm+l6jh32NF74ho8h4b65cMpDk5mFEp9vf1WgnmaWGtFjVuhAgaS8IrYcDy3DzVrZX/0kCPa0EXng7Xx1IkhUaKz0ajx3ZCmC6HmNa6U+oDKboGq7w1ZfscjOr8nB9M0f5BUAQN1m0nGAR1Ac96BMjfwwS/05lpPLF3Dv5CzOGLuIi0Cws7xA=="],"x5t#S256":"PVCDmVgwC-YE7Q8Bfe_9jJ8izpYjwStjUEYZEe-58Y4","n":"sG2bGXnk4f9x655IbRtG5xaR0IvJuFbDP7H0nog5vxDz13iVx3vGF2Q372dgSOpAwOtQQUOPZqOKQqXGsmTu1lKRu7myQW7EdQRMOGMcGqc1BvWPCEB1jME8VPJD0iLuWbS5hO2GcEkq-m-Mo-jPsf1W67XlE0O6OrtEXqwMZIglRNrFvHsQzZe_fuKp9ICNowK98t6Vpw0dR8ICjIZ4lhcIg6eWDb8p1-g3hAcrD0PCrXYGva9q79Ny9sPw1rhv4yb80R_TTAWO34y1swIPJQUxBuwC4CTZ4VLd4AFvVU5D1lk45yxfAHidF7BYhVWEnIwSLENfGbvcb2gkFSkjqw","e":"AQAB"}]}
2022-11-27 17:09:05
FetchServerKeys
Found JWK set string
jwk_string
{"keys":[{"kid":"server","kty":"RSA","use":"sig","x5c":["MIIDYDCCAkigAwIBAgIEIFW8uDANBgkqhkiG9w0BAQsFADByMQkwBwYDVQQGEwAxCTAHBgNVBAgTADEJMAcGA1UEBxMAMQkwBwYDVQQKEwAxCTAHBgNVBAsTADE5MDcGA1UEAxMwb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tMB4XDTIyMTExNDA0NDI0MFoXDTMyMTExMTA0NDI0MFowcjEJMAcGA1UEBhMAMQkwBwYDVQQIEwAxCTAHBgNVBAcTADEJMAcGA1UEChMAMQkwBwYDVQQLEwAxOTA3BgNVBAMTMG9pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALBtmxl55OH/ceueSG0bRucWkdCLybhWwz+x9J6IOb8Q89d4lcd7xhdkN+9nYEjqQMDrUEFDj2ajikKlxrJk7tZSkbu5skFuxHUETDhjHBqnNQb1jwhAdYzBPFTyQ9Ii7lm0uYTthnBJKvpvjKPoz7H9Vuu15RNDujq7RF6sDGSIJUTaxbx7EM2Xv37iqfSAjaMCvfLelacNHUfCAoyGeJYXCIOnlg2/KdfoN4QHKw9Dwq12Br2vau/TcvbD8Na4b+Mm/NEf00wFjt+MtbMCDyUFMQbsAuAk2eFS3eABb1VOQ9ZZOOcsXwB4nRewWIVVhJyMEixDXxm73G9oJBUpI6sCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAhvvrczfcb1xsYJeEiVtctWlLfHXyKkfyJpIU1nTGdKpd18tPv4OeLMyuJsOFenhJD95UauFwz3AT1zdHShp04JHWTtkb7aezFN4C9fpb97BUR0BheoYzkC6pgZ7M4QkkKE/AKYZfWLahqcbZ6ICmUfXyDJ2mWpXLpLm+l6jh32NF74ho8h4b65cMpDk5mFEp9vf1WgnmaWGtFjVuhAgaS8IrYcDy3DzVrZX/0kCPa0EXng7Xx1IkhUaKz0ajx3ZCmC6HmNa6U+oDKboGq7w1ZfscjOr8nB9M0f5BUAQN1m0nGAR1Ac96BMjfwwS/05lpPLF3Dv5CzOGLuIi0Cws7xA=="],"x5t#S256":"PVCDmVgwC-YE7Q8Bfe_9jJ8izpYjwStjUEYZEe-58Y4","n":"sG2bGXnk4f9x655IbRtG5xaR0IvJuFbDP7H0nog5vxDz13iVx3vGF2Q372dgSOpAwOtQQUOPZqOKQqXGsmTu1lKRu7myQW7EdQRMOGMcGqc1BvWPCEB1jME8VPJD0iLuWbS5hO2GcEkq-m-Mo-jPsf1W67XlE0O6OrtEXqwMZIglRNrFvHsQzZe_fuKp9ICNowK98t6Vpw0dR8ICjIZ4lhcIg6eWDb8p1-g3hAcrD0PCrXYGva9q79Ny9sPw1rhv4yb80R_TTAWO34y1swIPJQUxBuwC4CTZ4VLd4AFvVU5D1lk45yxfAHidF7BYhVWEnIwSLENfGbvcb2gkFSkjqw","e":"AQAB"}]}
2022-11-27 17:09:05 SUCCESS
FetchServerKeys
Found server JWK set
server_jwks
{
  "keys": [
    {
      "kid": "server",
      "kty": "RSA",
      "use": "sig",
      "x5c": [
        "MIIDYDCCAkigAwIBAgIEIFW8uDANBgkqhkiG9w0BAQsFADByMQkwBwYDVQQGEwAxCTAHBgNVBAgTADEJMAcGA1UEBxMAMQkwBwYDVQQKEwAxCTAHBgNVBAsTADE5MDcGA1UEAxMwb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tMB4XDTIyMTExNDA0NDI0MFoXDTMyMTExMTA0NDI0MFowcjEJMAcGA1UEBhMAMQkwBwYDVQQIEwAxCTAHBgNVBAcTADEJMAcGA1UEChMAMQkwBwYDVQQLEwAxOTA3BgNVBAMTMG9pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALBtmxl55OH/ceueSG0bRucWkdCLybhWwz+x9J6IOb8Q89d4lcd7xhdkN+9nYEjqQMDrUEFDj2ajikKlxrJk7tZSkbu5skFuxHUETDhjHBqnNQb1jwhAdYzBPFTyQ9Ii7lm0uYTthnBJKvpvjKPoz7H9Vuu15RNDujq7RF6sDGSIJUTaxbx7EM2Xv37iqfSAjaMCvfLelacNHUfCAoyGeJYXCIOnlg2/KdfoN4QHKw9Dwq12Br2vau/TcvbD8Na4b+Mm/NEf00wFjt+MtbMCDyUFMQbsAuAk2eFS3eABb1VOQ9ZZOOcsXwB4nRewWIVVhJyMEixDXxm73G9oJBUpI6sCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAhvvrczfcb1xsYJeEiVtctWlLfHXyKkfyJpIU1nTGdKpd18tPv4OeLMyuJsOFenhJD95UauFwz3AT1zdHShp04JHWTtkb7aezFN4C9fpb97BUR0BheoYzkC6pgZ7M4QkkKE/AKYZfWLahqcbZ6ICmUfXyDJ2mWpXLpLm+l6jh32NF74ho8h4b65cMpDk5mFEp9vf1WgnmaWGtFjVuhAgaS8IrYcDy3DzVrZX/0kCPa0EXng7Xx1IkhUaKz0ajx3ZCmC6HmNa6U+oDKboGq7w1ZfscjOr8nB9M0f5BUAQN1m0nGAR1Ac96BMjfwwS/05lpPLF3Dv5CzOGLuIi0Cws7xA\u003d\u003d"
      ],
      "x5t#S256": "PVCDmVgwC-YE7Q8Bfe_9jJ8izpYjwStjUEYZEe-58Y4",
      "n": "sG2bGXnk4f9x655IbRtG5xaR0IvJuFbDP7H0nog5vxDz13iVx3vGF2Q372dgSOpAwOtQQUOPZqOKQqXGsmTu1lKRu7myQW7EdQRMOGMcGqc1BvWPCEB1jME8VPJD0iLuWbS5hO2GcEkq-m-Mo-jPsf1W67XlE0O6OrtEXqwMZIglRNrFvHsQzZe_fuKp9ICNowK98t6Vpw0dR8ICjIZ4lhcIg6eWDb8p1-g3hAcrD0PCrXYGva9q79Ny9sPw1rhv4yb80R_TTAWO34y1swIPJQUxBuwC4CTZ4VLd4AFvVU5D1lk45yxfAHidF7BYhVWEnIwSLENfGbvcb2gkFSkjqw",
      "e": "AQAB"
    }
  ]
}
2022-11-27 17:09:05 SUCCESS
CheckServerKeysIsValid
Server JWKs is valid
server_jwks
{
  "keys": [
    {
      "kid": "server",
      "kty": "RSA",
      "use": "sig",
      "x5c": [
        "MIIDYDCCAkigAwIBAgIEIFW8uDANBgkqhkiG9w0BAQsFADByMQkwBwYDVQQGEwAxCTAHBgNVBAgTADEJMAcGA1UEBxMAMQkwBwYDVQQKEwAxCTAHBgNVBAsTADE5MDcGA1UEAxMwb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tMB4XDTIyMTExNDA0NDI0MFoXDTMyMTExMTA0NDI0MFowcjEJMAcGA1UEBhMAMQkwBwYDVQQIEwAxCTAHBgNVBAcTADEJMAcGA1UEChMAMQkwBwYDVQQLEwAxOTA3BgNVBAMTMG9pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALBtmxl55OH/ceueSG0bRucWkdCLybhWwz+x9J6IOb8Q89d4lcd7xhdkN+9nYEjqQMDrUEFDj2ajikKlxrJk7tZSkbu5skFuxHUETDhjHBqnNQb1jwhAdYzBPFTyQ9Ii7lm0uYTthnBJKvpvjKPoz7H9Vuu15RNDujq7RF6sDGSIJUTaxbx7EM2Xv37iqfSAjaMCvfLelacNHUfCAoyGeJYXCIOnlg2/KdfoN4QHKw9Dwq12Br2vau/TcvbD8Na4b+Mm/NEf00wFjt+MtbMCDyUFMQbsAuAk2eFS3eABb1VOQ9ZZOOcsXwB4nRewWIVVhJyMEixDXxm73G9oJBUpI6sCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAhvvrczfcb1xsYJeEiVtctWlLfHXyKkfyJpIU1nTGdKpd18tPv4OeLMyuJsOFenhJD95UauFwz3AT1zdHShp04JHWTtkb7aezFN4C9fpb97BUR0BheoYzkC6pgZ7M4QkkKE/AKYZfWLahqcbZ6ICmUfXyDJ2mWpXLpLm+l6jh32NF74ho8h4b65cMpDk5mFEp9vf1WgnmaWGtFjVuhAgaS8IrYcDy3DzVrZX/0kCPa0EXng7Xx1IkhUaKz0ajx3ZCmC6HmNa6U+oDKboGq7w1ZfscjOr8nB9M0f5BUAQN1m0nGAR1Ac96BMjfwwS/05lpPLF3Dv5CzOGLuIi0Cws7xA\u003d\u003d"
      ],
      "x5t#S256": "PVCDmVgwC-YE7Q8Bfe_9jJ8izpYjwStjUEYZEe-58Y4",
      "n": "sG2bGXnk4f9x655IbRtG5xaR0IvJuFbDP7H0nog5vxDz13iVx3vGF2Q372dgSOpAwOtQQUOPZqOKQqXGsmTu1lKRu7myQW7EdQRMOGMcGqc1BvWPCEB1jME8VPJD0iLuWbS5hO2GcEkq-m-Mo-jPsf1W67XlE0O6OrtEXqwMZIglRNrFvHsQzZe_fuKp9ICNowK98t6Vpw0dR8ICjIZ4lhcIg6eWDb8p1-g3hAcrD0PCrXYGva9q79Ny9sPw1rhv4yb80R_TTAWO34y1swIPJQUxBuwC4CTZ4VLd4AFvVU5D1lk45yxfAHidF7BYhVWEnIwSLENfGbvcb2gkFSkjqw",
      "e": "AQAB"
    }
  ]
}
2022-11-27 17:09:05 SUCCESS
ValidateServerJWKs
Valid server JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2022-11-27 17:09:05 SUCCESS
CheckForKeyIdInServerJWKs
All keys contain kids
2022-11-27 17:09:05 SUCCESS
CheckDistinctKeyIdValueInServerJWKs
Distinct 'kid' value in all keys of server_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2022-11-27 17:09:05 SUCCESS
EnsureServerJwksDoesNotContainPrivateOrSymmetricKeys
Jwks does not contain any private or symmetric keys
2022-11-27 17:09:05
StoreOriginalClientConfiguration
Created original_client_config object from the client configuration.
client_name
Ristretto Core Conformance Test Dynamic Client One
2022-11-27 17:09:05
ExtractClientNameFromStoredConfig
Extracted client_name from stored client configuration.
client_name
Ristretto Core Conformance Test Dynamic Client One
2022-11-27 17:09:05 SUCCESS
GenerateRS256ClientJWKs
Generated client JWKs
client_jwks
{
  "keys": [
    {
      "p": "8cZ11R7F3Y9xgz1egXUl1_2n3HLt2oKEr4u8ARMfSCxQU8yyXQ470DkJjf8LywI-ktL1uNJ5jXxkGIBkmG5wKSallrdQXWULUi3ZBHt3wNafBX8GOCiZi93spmqzyn5XI9eh21n_pw9jESt9kjeojZLOVaDyk5JZZtbMwYauUXc",
      "kty": "RSA",
      "q": "1n5OqTyROJ0QJH6nkr5bvHjkjkmoOzc7x3CcsyBjkIgKBc6d2OFM5lMwxztgOcPhxGQIlqETgWeswWXuJ-q-rWytrYfBKzH1VPcAIIYqNuxHr-Nj3oqDFg7zOq4gxAQ4b2bqJxck-nyJF5IJpbo3Ov4_BDpy5EtoFGQ2wkdMOZM",
      "d": "MoKS4mXRZXyDsjc8OOVX1lTmaxoH6GbPg4jV1h1Mdy8JFqEKaTmP-OQbCmwrZDhRf5QpMq8xckQJuQ99WGu36dElC4HjiYbXTVT68bEvsUWaB83Eegbep9Pu52UyF-ZD-fvyiIwekL1an_R6HjAqMGT4aoKEaz6acBGdg9lwEcs1KZq9BTn3Pj7swUmIf-3wb3fW9ttueghbxn89nGhb5yggMOYFJ4seiFyQ7ovgDaYTuOMpj2t5ZTRETuk67kuG7M7tmyHFNrkAYgh5YBPSO5xTzOEveMzJ1JV-pm7qCdKrcOQB0u2ALr3oYpxSjAoIDtwXJeayWhQU-M5p82-KPQ",
      "e": "AQAB",
      "use": "sig",
      "qi": "r_QkqZ7_PviwzwiGaXrdO9C-hd0qyhHV5mX9sFtpEU9U8fmu5XuAu7Ja0YCYsKK4_e8exAPaLMRJIBQ-BOqVooVhuBiL1cGzRZv2YpqIbd3bYzbAzrM0ilj2UorbHCo6isGzKc_kT2NK0U_L92sYltrE_8NxsEZcpzlowyoWI9k",
      "dp": "Q69Gj4pU5EjjA1Wr3lwYYxY85wc5tUFyud5JnJdo24CkYEFe8ZQphIpjNWBgQc34DIyIg9xQcR6Quxc-kjngpnSOSNo64lqGR9RT--BAzziGPjioWhJroe9X7-LRQHAMHxmf01OnsXIqTsU5GzT_t9qQbwJmxo9i_dpGais1I9M",
      "alg": "RS256",
      "dq": "F5Piya-itvps39YcTYEnTFxto0Zte7TimVXDo90XlLefgmvn5gM-FMNoRT49oZvqoU_tscEbB8qBrvCpcTHYq--aV8zoavse4KwWE30r_sWSS79PJxNKvY3_JqAlceaU3YoOiyV8JxyxZSnkbZc-ovl3q9tQ7c9sLXGmo0x7EIk",
      "n": "ypMweHO88CkARxuAOq2voLLrNgoa08ElboeooRjG95xeJen9X0vrzD2JEjUS6kQ8uGKFTPFCnph-aVOdzapv2Uo5UR48fk5f-SyLCBn2-8ZWd7egfwK4jspK15lA6___gKokYmy9gsOI1Suhmz1uyKt2cX_9tYIKGXlT2jJpi9jYlvtVs-KFvE7xqot8-8HhH68nzmej2xo2hHQ3HhBQ_zzHIP7ff7atvDr61iPesqPFAJ1QEkvaV3kJ81Gi94sRbDRlKWx_Fpc8vX8iKe3T-JUEJCgz1qGJvh3DnLtvhK_V-Z9-ZCk1EAFDbYhNTavGAuZvvhEkOKhKgdSjVpBGVQ"
    }
  ]
}
public_client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "alg": "RS256",
      "n": "ypMweHO88CkARxuAOq2voLLrNgoa08ElboeooRjG95xeJen9X0vrzD2JEjUS6kQ8uGKFTPFCnph-aVOdzapv2Uo5UR48fk5f-SyLCBn2-8ZWd7egfwK4jspK15lA6___gKokYmy9gsOI1Suhmz1uyKt2cX_9tYIKGXlT2jJpi9jYlvtVs-KFvE7xqot8-8HhH68nzmej2xo2hHQ3HhBQ_zzHIP7ff7atvDr61iPesqPFAJ1QEkvaV3kJ81Gi94sRbDRlKWx_Fpc8vX8iKe3T-JUEJCgz1qGJvh3DnLtvhK_V-Z9-ZCk1EAFDbYhNTavGAuZvvhEkOKhKgdSjVpBGVQ"
    }
  ]
}
2022-11-27 17:09:05 SUCCESS
CheckDistinctKeyIdValueInClientJWKs
Distinct 'kid' value in all keys of client_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2022-11-27 17:09:05
CreateEmptyDynamicRegistrationRequest
Created empty dynamic registration request
2022-11-27 17:09:05
AddClientNameToDynamicRegistrationRequest
Added client_name to registration request
client_name
Ristretto Core Conformance Test Dynamic Client One BKM0UhVjklHUbnx
2022-11-27 17:09:05
AddAuthorizationCodeGrantTypeToDynamicRegistrationRequest
Added 'authorization_code' to 'grant_types'
grant_types
[
  "authorization_code"
]
2022-11-27 17:09:05
AddImplicitGrantTypeToDynamicRegistrationRequest
Added 'implicit' to 'grant_types'
grant_types
[
  "authorization_code",
  "implicit"
]
2022-11-27 17:09:05
AddPublicJwksToDynamicRegistrationRequest
Added client public JWKS to dynamic registration request
dynamic_registration_request
{
  "client_name": "Ristretto Core Conformance Test Dynamic Client One BKM0UhVjklHUbnx",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "ypMweHO88CkARxuAOq2voLLrNgoa08ElboeooRjG95xeJen9X0vrzD2JEjUS6kQ8uGKFTPFCnph-aVOdzapv2Uo5UR48fk5f-SyLCBn2-8ZWd7egfwK4jspK15lA6___gKokYmy9gsOI1Suhmz1uyKt2cX_9tYIKGXlT2jJpi9jYlvtVs-KFvE7xqot8-8HhH68nzmej2xo2hHQ3HhBQ_zzHIP7ff7atvDr61iPesqPFAJ1QEkvaV3kJ81Gi94sRbDRlKWx_Fpc8vX8iKe3T-JUEJCgz1qGJvh3DnLtvhK_V-Z9-ZCk1EAFDbYhNTavGAuZvvhEkOKhKgdSjVpBGVQ"
      }
    ]
  }
}
2022-11-27 17:09:05
AddTokenEndpointAuthMethodToDynamicRegistrationRequestFromEnvironment
Added token endpoint auth method to dynamic registration request
dynamic_registration_request
{
  "client_name": "Ristretto Core Conformance Test Dynamic Client One BKM0UhVjklHUbnx",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "ypMweHO88CkARxuAOq2voLLrNgoa08ElboeooRjG95xeJen9X0vrzD2JEjUS6kQ8uGKFTPFCnph-aVOdzapv2Uo5UR48fk5f-SyLCBn2-8ZWd7egfwK4jspK15lA6___gKokYmy9gsOI1Suhmz1uyKt2cX_9tYIKGXlT2jJpi9jYlvtVs-KFvE7xqot8-8HhH68nzmej2xo2hHQ3HhBQ_zzHIP7ff7atvDr61iPesqPFAJ1QEkvaV3kJ81Gi94sRbDRlKWx_Fpc8vX8iKe3T-JUEJCgz1qGJvh3DnLtvhK_V-Z9-ZCk1EAFDbYhNTavGAuZvvhEkOKhKgdSjVpBGVQ"
      }
    ]
  },
  "token_endpoint_auth_method": "client_secret_basic"
}
2022-11-27 17:09:05
AddResponseTypesArrayToDynamicRegistrationRequestFromEnvironment
Added response_types array to dynamic registration request
dynamic_registration_request
{
  "client_name": "Ristretto Core Conformance Test Dynamic Client One BKM0UhVjklHUbnx",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "ypMweHO88CkARxuAOq2voLLrNgoa08ElboeooRjG95xeJen9X0vrzD2JEjUS6kQ8uGKFTPFCnph-aVOdzapv2Uo5UR48fk5f-SyLCBn2-8ZWd7egfwK4jspK15lA6___gKokYmy9gsOI1Suhmz1uyKt2cX_9tYIKGXlT2jJpi9jYlvtVs-KFvE7xqot8-8HhH68nzmej2xo2hHQ3HhBQ_zzHIP7ff7atvDr61iPesqPFAJ1QEkvaV3kJ81Gi94sRbDRlKWx_Fpc8vX8iKe3T-JUEJCgz1qGJvh3DnLtvhK_V-Z9-ZCk1EAFDbYhNTavGAuZvvhEkOKhKgdSjVpBGVQ"
      }
    ]
  },
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code id_token"
  ]
}
2022-11-27 17:09:05
AddRedirectUriToDynamicRegistrationRequest
Added redirect_uris array to dynamic registration request
dynamic_registration_request
{
  "client_name": "Ristretto Core Conformance Test Dynamic Client One BKM0UhVjklHUbnx",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "ypMweHO88CkARxuAOq2voLLrNgoa08ElboeooRjG95xeJen9X0vrzD2JEjUS6kQ8uGKFTPFCnph-aVOdzapv2Uo5UR48fk5f-SyLCBn2-8ZWd7egfwK4jspK15lA6___gKokYmy9gsOI1Suhmz1uyKt2cX_9tYIKGXlT2jJpi9jYlvtVs-KFvE7xqot8-8HhH68nzmej2xo2hHQ3HhBQ_zzHIP7ff7atvDr61iPesqPFAJ1QEkvaV3kJ81Gi94sRbDRlKWx_Fpc8vX8iKe3T-JUEJCgz1qGJvh3DnLtvhK_V-Z9-ZCk1EAFDbYhNTavGAuZvvhEkOKhKgdSjVpBGVQ"
      }
    ]
  },
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code id_token"
  ],
  "redirect_uris": [
    "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"
  ]
}
2022-11-27 17:09:05
AddContactsToDynamicRegistrationRequest
Added contacts array to dynamic registration request
dynamic_registration_request
{
  "client_name": "Ristretto Core Conformance Test Dynamic Client One BKM0UhVjklHUbnx",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "ypMweHO88CkARxuAOq2voLLrNgoa08ElboeooRjG95xeJen9X0vrzD2JEjUS6kQ8uGKFTPFCnph-aVOdzapv2Uo5UR48fk5f-SyLCBn2-8ZWd7egfwK4jspK15lA6___gKokYmy9gsOI1Suhmz1uyKt2cX_9tYIKGXlT2jJpi9jYlvtVs-KFvE7xqot8-8HhH68nzmej2xo2hHQ3HhBQ_zzHIP7ff7atvDr61iPesqPFAJ1QEkvaV3kJ81Gi94sRbDRlKWx_Fpc8vX8iKe3T-JUEJCgz1qGJvh3DnLtvhK_V-Z9-ZCk1EAFDbYhNTavGAuZvvhEkOKhKgdSjVpBGVQ"
      }
    ]
  },
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code id_token"
  ],
  "redirect_uris": [
    "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"
  ],
  "contacts": [
    "certification@oidf.org"
  ]
}
2022-11-27 17:09:05
AddRefreshTokenGrantTypeToDynamicRegistrationRequest
Added 'refresh_token' to 'grant_types'
grant_types
[
  "authorization_code",
  "implicit",
  "refresh_token"
]
2022-11-27 17:09:05
CallDynamicRegistrationEndpoint
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register
request_method
POST
request_headers
{
  "accept": "application/json",
  "accept-charset": "utf-8",
  "content-type": "application/json",
  "content-length": "785"
}
request_body
{"client_name":"Ristretto Core Conformance Test Dynamic Client One BKM0UhVjklHUbnx","grant_types":["authorization_code","implicit","refresh_token"],"jwks":{"keys":[{"kty":"RSA","e":"AQAB","use":"sig","alg":"RS256","n":"ypMweHO88CkARxuAOq2voLLrNgoa08ElboeooRjG95xeJen9X0vrzD2JEjUS6kQ8uGKFTPFCnph-aVOdzapv2Uo5UR48fk5f-SyLCBn2-8ZWd7egfwK4jspK15lA6___gKokYmy9gsOI1Suhmz1uyKt2cX_9tYIKGXlT2jJpi9jYlvtVs-KFvE7xqot8-8HhH68nzmej2xo2hHQ3HhBQ_zzHIP7ff7atvDr61iPesqPFAJ1QEkvaV3kJ81Gi94sRbDRlKWx_Fpc8vX8iKe3T-JUEJCgz1qGJvh3DnLtvhK_V-Z9-ZCk1EAFDbYhNTavGAuZvvhEkOKhKgdSjVpBGVQ"}]},"token_endpoint_auth_method":"client_secret_basic","response_types":["code id_token"],"redirect_uris":["https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"],"contacts":["certification@oidf.org"]}
2022-11-27 17:09:07 RESPONSE
CallDynamicRegistrationEndpoint
HTTP response
response_status_code
201 CREATED
response_status_text
Created
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK720f6718-ee3c-4766-b500-af46c55c9e35",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c281638399b1351109a1",
  "content-length": "1453",
  "date": "Sun, 27 Nov 2022 17:09:07 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:cVnK+WCnb1SRD3I70xZDTtAOSleq/6gl8hyAkINq65s\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:61017047; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003dBD881A319238B3023C5E4AF5A0DB0385~-1~YAAQXXYGFzC3xYSEAQAAEmcQughCP+DQnUGEr8oJdstjCtcfAvKqva+vOZXQ/WlGqgO3HsjaTHJPwT1c8FxEkZMYNpP9I2nWZjfgLoCFB85Cty7azEn5ElOy3goABze4ESgw6UqGopCQtmPXP0bEsuDVHoeddwuBM4MqSkzo6vBycWgLXqTwfLpgKIfVZtonjVprlcvHnwnbeB4S/sm/GVssLTpaI1g1IG58wRHqzoaGuYYK8JzSWtTi7UqPCZaGqEdFZAUQUbmVK1SZE0Vb7Gk111aAQEoadyG/TwRZiJXMdGHERtBAK6p8P+lwiP3+NHlV4XG8lmLZGvmWhdaMXaIFJsxF+ismIABLx565xxQVRb+slafIj1L2H1xNx4Xsyzp4CC8\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 27 Nov 2023 17:09:07 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003dF4389003BEF9527B7422568380D07643~YAAQXXYGFzG3xYSEAQAAEmcQuhEMevsC9G28fdrDbUlAb40a6hdkwoYLkdXW6WTUR0yTu9p71sIUDxZuat7uDml+GMVHoJptFpfkgpBPQcyjDHOwLj4xrpQO1tUkXV3Q4w/3/jnSrRGRAP66M3tF9k2rsRHoWDy3MfgvSxcxy3TiZBYW4zWc6r8uSykN4xS7VT+slFp1BXFA8l1NlsmNNaWk7u4+AKYRrRfIazv/yz1fVNGdHQ+0xxesaN80nnrSzPNNv6pjvq5Z+ohFKcTRp5bjylns/x35iJVCVy8GIMO75jbSWBZZdrjtjPOF~4277296~3158072; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dSun, 27 Nov 2022 21:09:05 GMT; Max-Age\u003d14398; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d105",
    "origin; dur\u003d2648"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"all_users_entitled":true,"client_id":"d8685040-49f8-4e3a-91c9-9ac58967391c","client_id_issued_at":"2022-11-27T17:09:05Z","client_name":"Ristretto Core Conformance Test Dynamic Client One BKM0UhVjklHUbnx","client_secret":"O4oa3OSkRc","client_secret_expires_at":0,"consent_action":"always_prompt","enforce_pkce":false,"grant_types":["authorization_code","implicit","refresh_token"],"id_token_map":[],"id_token_signed_response_alg":"RS256","initiate_login_uri":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com","jwks":{"keys":[{"use":"sig","kty":"RSA","alg":"RS256","n":"ypMweHO88CkARxuAOq2voLLrNgoa08ElboeooRjG95xeJen9X0vrzD2JEjUS6kQ8uGKFTPFCnph-aVOdzapv2Uo5UR48fk5f-SyLCBn2-8ZWd7egfwK4jspK15lA6___gKokYmy9gsOI1Suhmz1uyKt2cX_9tYIKGXlT2jJpi9jYlvtVs-KFvE7xqot8-8HhH68nzmej2xo2hHQ3HhBQ_zzHIP7ff7atvDr61iPesqPFAJ1QEkvaV3kJ81Gi94sRbDRlKWx_Fpc8vX8iKe3T-JUEJCgz1qGJvh3DnLtvhK_V-Z9-ZCk1EAFDbYhNTavGAuZvvhEkOKhKgdSjVpBGVQ","e":"AQAB"}]},"redirect_uris":["https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"],"registration_access_token":"YcWZdbYzAjUFb0ZeaXSd05oKXYu2ffLHeKvUEVaErKo.S4oiB_043c5-1ajqZpMjprj4PrR8Igoe6iX3vcYbTmtk3Udvleqie-vq0h-yyG6tIJFtdkA8A51rOVucJpMcUA.M18xNjY5NTY4OTQ3XzE4","registration_client_uri":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register/d8685040-49f8-4e3a-91c9-9ac58967391c","response_types":["code id_token"],"token_endpoint_auth_method":"client_secret_basic","token_map":[]}
2022-11-27 17:09:07
CallDynamicRegistrationEndpoint
Parsed registration endpoint response
status
201
endpoint_name
dynamic registration
headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK720f6718-ee3c-4766-b500-af46c55c9e35",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c281638399b1351109a1",
  "content-length": "1453",
  "date": "Sun, 27 Nov 2022 17:09:07 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:cVnK+WCnb1SRD3I70xZDTtAOSleq/6gl8hyAkINq65s\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:61017047; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003dBD881A319238B3023C5E4AF5A0DB0385~-1~YAAQXXYGFzC3xYSEAQAAEmcQughCP+DQnUGEr8oJdstjCtcfAvKqva+vOZXQ/WlGqgO3HsjaTHJPwT1c8FxEkZMYNpP9I2nWZjfgLoCFB85Cty7azEn5ElOy3goABze4ESgw6UqGopCQtmPXP0bEsuDVHoeddwuBM4MqSkzo6vBycWgLXqTwfLpgKIfVZtonjVprlcvHnwnbeB4S/sm/GVssLTpaI1g1IG58wRHqzoaGuYYK8JzSWtTi7UqPCZaGqEdFZAUQUbmVK1SZE0Vb7Gk111aAQEoadyG/TwRZiJXMdGHERtBAK6p8P+lwiP3+NHlV4XG8lmLZGvmWhdaMXaIFJsxF+ismIABLx565xxQVRb+slafIj1L2H1xNx4Xsyzp4CC8\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 27 Nov 2023 17:09:07 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003dF4389003BEF9527B7422568380D07643~YAAQXXYGFzG3xYSEAQAAEmcQuhEMevsC9G28fdrDbUlAb40a6hdkwoYLkdXW6WTUR0yTu9p71sIUDxZuat7uDml+GMVHoJptFpfkgpBPQcyjDHOwLj4xrpQO1tUkXV3Q4w/3/jnSrRGRAP66M3tF9k2rsRHoWDy3MfgvSxcxy3TiZBYW4zWc6r8uSykN4xS7VT+slFp1BXFA8l1NlsmNNaWk7u4+AKYRrRfIazv/yz1fVNGdHQ+0xxesaN80nnrSzPNNv6pjvq5Z+ohFKcTRp5bjylns/x35iJVCVy8GIMO75jbSWBZZdrjtjPOF~4277296~3158072; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dSun, 27 Nov 2022 21:09:05 GMT; Max-Age\u003d14398; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d105",
    "origin; dur\u003d2648"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
body
{"all_users_entitled":true,"client_id":"d8685040-49f8-4e3a-91c9-9ac58967391c","client_id_issued_at":"2022-11-27T17:09:05Z","client_name":"Ristretto Core Conformance Test Dynamic Client One BKM0UhVjklHUbnx","client_secret":"O4oa3OSkRc","client_secret_expires_at":0,"consent_action":"always_prompt","enforce_pkce":false,"grant_types":["authorization_code","implicit","refresh_token"],"id_token_map":[],"id_token_signed_response_alg":"RS256","initiate_login_uri":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com","jwks":{"keys":[{"use":"sig","kty":"RSA","alg":"RS256","n":"ypMweHO88CkARxuAOq2voLLrNgoa08ElboeooRjG95xeJen9X0vrzD2JEjUS6kQ8uGKFTPFCnph-aVOdzapv2Uo5UR48fk5f-SyLCBn2-8ZWd7egfwK4jspK15lA6___gKokYmy9gsOI1Suhmz1uyKt2cX_9tYIKGXlT2jJpi9jYlvtVs-KFvE7xqot8-8HhH68nzmej2xo2hHQ3HhBQ_zzHIP7ff7atvDr61iPesqPFAJ1QEkvaV3kJ81Gi94sRbDRlKWx_Fpc8vX8iKe3T-JUEJCgz1qGJvh3DnLtvhK_V-Z9-ZCk1EAFDbYhNTavGAuZvvhEkOKhKgdSjVpBGVQ","e":"AQAB"}]},"redirect_uris":["https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"],"registration_access_token":"YcWZdbYzAjUFb0ZeaXSd05oKXYu2ffLHeKvUEVaErKo.S4oiB_043c5-1ajqZpMjprj4PrR8Igoe6iX3vcYbTmtk3Udvleqie-vq0h-yyG6tIJFtdkA8A51rOVucJpMcUA.M18xNjY5NTY4OTQ3XzE4","registration_client_uri":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register/d8685040-49f8-4e3a-91c9-9ac58967391c","response_types":["code id_token"],"token_endpoint_auth_method":"client_secret_basic","token_map":[]}
body_json
{
  "all_users_entitled": true,
  "client_id": "d8685040-49f8-4e3a-91c9-9ac58967391c",
  "client_id_issued_at": "2022-11-27T17:09:05Z",
  "client_name": "Ristretto Core Conformance Test Dynamic Client One BKM0UhVjklHUbnx",
  "client_secret": "O4oa3OSkRc",
  "client_secret_expires_at": 0,
  "consent_action": "always_prompt",
  "enforce_pkce": false,
  "grant_types": [
    "authorization_code",
    "implicit",
    "refresh_token"
  ],
  "id_token_map": [],
  "id_token_signed_response_alg": "RS256",
  "initiate_login_uri": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com",
  "jwks": {
    "keys": [
      {
        "use": "sig",
        "kty": "RSA",
        "alg": "RS256",
        "n": "ypMweHO88CkARxuAOq2voLLrNgoa08ElboeooRjG95xeJen9X0vrzD2JEjUS6kQ8uGKFTPFCnph-aVOdzapv2Uo5UR48fk5f-SyLCBn2-8ZWd7egfwK4jspK15lA6___gKokYmy9gsOI1Suhmz1uyKt2cX_9tYIKGXlT2jJpi9jYlvtVs-KFvE7xqot8-8HhH68nzmej2xo2hHQ3HhBQ_zzHIP7ff7atvDr61iPesqPFAJ1QEkvaV3kJ81Gi94sRbDRlKWx_Fpc8vX8iKe3T-JUEJCgz1qGJvh3DnLtvhK_V-Z9-ZCk1EAFDbYhNTavGAuZvvhEkOKhKgdSjVpBGVQ",
        "e": "AQAB"
      }
    ]
  },
  "redirect_uris": [
    "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"
  ],
  "registration_access_token": "YcWZdbYzAjUFb0ZeaXSd05oKXYu2ffLHeKvUEVaErKo.S4oiB_043c5-1ajqZpMjprj4PrR8Igoe6iX3vcYbTmtk3Udvleqie-vq0h-yyG6tIJFtdkA8A51rOVucJpMcUA.M18xNjY5NTY4OTQ3XzE4",
  "registration_client_uri": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register/d8685040-49f8-4e3a-91c9-9ac58967391c",
  "response_types": [
    "code id_token"
  ],
  "token_endpoint_auth_method": "client_secret_basic",
  "token_map": []
}
2022-11-27 17:09:07 SUCCESS
EnsureContentTypeJson
endpoint_response Content-Type: header is application/json
2022-11-27 17:09:07 SUCCESS
EnsureHttpStatusCodeIs201
dynamic registration endpoint returned the expected http status
expected_status
201
http_status
201
2022-11-27 17:09:07 SUCCESS
CheckNoErrorFromDynamicRegistrationEndpoint
Dynamic registration endpoint did not return an error.
2022-11-27 17:09:07 SUCCESS
ExtractDynamicRegistrationResponse
Extracted client from dynamic registration response
client_id
d8685040-49f8-4e3a-91c9-9ac58967391c
2022-11-27 17:09:07 SUCCESS
VerifyClientManagementCredentials
Verified dynamic registration management credentials
registration_client_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register/d8685040-49f8-4e3a-91c9-9ac58967391c
registration_access_token
YcWZdbYzAjUFb0ZeaXSd05oKXYu2ffLHeKvUEVaErKo.S4oiB_043c5-1ajqZpMjprj4PrR8Igoe6iX3vcYbTmtk3Udvleqie-vq0h-yyG6tIJFtdkA8A51rOVucJpMcUA.M18xNjY5NTY4OTQ3XzE4
2022-11-27 17:09:07
SetScopeInClientConfigurationToOpenId
Set scope in client configuration to "openid"
scope
openid
2022-11-27 17:09:07
SetScopeInClientConfigurationToOpenIdOfflineAccessIfServerSupportsOfflineAccess
scopes supported does not contain 'offline_access' so not adding it to the list of scopes to be requested
scopes_supported
[
  "openid",
  "profile",
  "email",
  "phone",
  "address"
]
2022-11-27 17:09:07 SUCCESS
EnsureServerConfigurationSupportsClientSecretBasic
Contents of 'token_endpoint_auth_methods_supported' in discovery document matches expectations.
actual
[
  "client_secret_basic",
  "client_secret_post",
  "private_key_jwt",
  "tls_client_auth"
]
expected
[
  "client_secret_basic"
]
minimum_matches_required
1
2022-11-27 17:09:08
StoreOriginalClient2Configuration
Created original_client_config object from the client configuration.
client_name
Ristretto Core Conformance Test Dynamic Client Two
2022-11-27 17:09:08
ExtractClientNameFromStoredConfig
Extracted client_name from stored client configuration.
client_name
Ristretto Core Conformance Test Dynamic Client Two
2022-11-27 17:09:08 SUCCESS
GenerateRS256ClientJWKs
Generated client JWKs
client_jwks
{
  "keys": [
    {
      "p": "vhqLWzDFaVXCQCLz1JU0UGan7nakpENs12k1PoagfFpafvRIgzoaDhQbfYCa5PGZBEefAgcgefzI02ytIllHP1RD8yWbfqWOJDUwNPM2GmMfOgbEz4cmjJ6R9gCyXwZjI_ymordHbthHt55rjXSf5Nm9ZfGuiyvCzPpBiYXL55k",
      "kty": "RSA",
      "q": "uM-NP1oxXmQMpXVWgGdu33bHj1tiAVy_tSiQfiQ9c-32t5BRt03atO_A64J7mMXmKxaNET_EBN_AJTgDGn28Pi9rjSbPQ3o291ZrNnUl31mQmw1H_uKWyIJRuoEtAobZraXeHy-o2pbnDjujbuuYuFH7iFDDrEGRAiANRrd99ds",
      "d": "YLTNXacFDXnDpNx7g4oeGtpvhP97aBUgMkFVs41TtMR2yfsiK0CVYujE4B6C3W4mFJIx5fMMPJwyVdj6om80mNznnNowH1scIkZCWu9HHQ__l7hqGqc7Egx8ba8ZA1FkXHqav1kR5jZXHfVn8APmzR7FVgnqe6LgGAQMdUcLMY9Qrn3KOuX25bXCCghEITepBjXCYZMAAS5viphPOGoDGBnqAwBtH08ymxlpQHfu3N9udO4nby7RKWaUKjMfn0-7c8kKiwTu2Pd3SoeY1JOssDQvG7nBlI0_IbMEi3uB7QIzBxi8xFRULSEGdNrYLJwoI8_IMjeMUj4EVjofd4n3MQ",
      "e": "AQAB",
      "use": "sig",
      "qi": "HH29lYheb9nBwoXMBQructQ8OCzSmpYy2U_jy_2eCat_VS1eunaw6ut8eu7ITwhQ02e2uu7HJzhjO4mCsVG8poLdaP4VnX073IckFJ4pHhHcKlxnc54ClSdeP3m7ruZLCEKCRkYheTjrbynPTz4xO5pbOP5q2ud-g9MZ4F4P-wU",
      "dp": "YjBfrjggnul2rZ3gBvsRzD1Zm6eYHmfc_d4PbD4pAlHA0DXohi8qaf8ku8wDNSE8gaNkk62OrrNMHzfQrR8j16f0eNAB4oYsRrNaNN8yIKr15Ai--tm5pYP5q_BsMPyhlGLYxs6XjL8VO9gNgUCtnYyBcPhFyQhPU4Qm-Zsr2HE",
      "alg": "RS256",
      "dq": "uJraRMYbOmZGG6Cx32FyZtWHUbO-mg3DkXoLm3UnzX2OTJ5kge3K4aH720RjoZ9M4w2LrAc-DoBSttrUfsnKF3PWwxBZSNXzwe0Y-zTZt9kHkVoa6If-hhtm-B3AkB2Totlkn1JEINVLx_PatRmxW6zIzMmgK5jy-GR73n-72rE",
      "n": "iT00g-QN1s5SFxgy9IGohPS-UCQZ1HFgEb9UlKWFn9KnCU6UHzaqxG_dXqZ2fAL38w1Yd88vkOmdjKNPt2nsbqHs7eknzf6Fys7C7IB2kHH0MOSTZ7JhNIV0X6eFII8EoMZzGl50mJP40UFfcAaZ5tSgGRitNO4wAsXCELosHidQ876HACcUKA8fEVfonxuiqw5L9Ct_SG95HLvRnUxIbFrexVzp6XBLzN1tNS9EMoSH2_dtEiSVs5Wf2-FS0mi2KOdogazXKpNmvG7MEahdeSxJ_9OxvRyHFdkH5uEXN65s9nMx9mCmIMzRjw1pY7Ld6BCPltqrGDc_Pd2mDsmM4w"
    }
  ]
}
public_client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "alg": "RS256",
      "n": "iT00g-QN1s5SFxgy9IGohPS-UCQZ1HFgEb9UlKWFn9KnCU6UHzaqxG_dXqZ2fAL38w1Yd88vkOmdjKNPt2nsbqHs7eknzf6Fys7C7IB2kHH0MOSTZ7JhNIV0X6eFII8EoMZzGl50mJP40UFfcAaZ5tSgGRitNO4wAsXCELosHidQ876HACcUKA8fEVfonxuiqw5L9Ct_SG95HLvRnUxIbFrexVzp6XBLzN1tNS9EMoSH2_dtEiSVs5Wf2-FS0mi2KOdogazXKpNmvG7MEahdeSxJ_9OxvRyHFdkH5uEXN65s9nMx9mCmIMzRjw1pY7Ld6BCPltqrGDc_Pd2mDsmM4w"
    }
  ]
}
2022-11-27 17:09:08 SUCCESS
CheckDistinctKeyIdValueInClientJWKs
Distinct 'kid' value in all keys of client_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2022-11-27 17:09:08
CreateEmptyDynamicRegistrationRequest
Created empty dynamic registration request
2022-11-27 17:09:08
AddClientNameToDynamicRegistrationRequest
Added client_name to registration request
client_name
Ristretto Core Conformance Test Dynamic Client Two BKM0UhVjklHUbnx
2022-11-27 17:09:08
AddAuthorizationCodeGrantTypeToDynamicRegistrationRequest
Added 'authorization_code' to 'grant_types'
grant_types
[
  "authorization_code"
]
2022-11-27 17:09:08
AddImplicitGrantTypeToDynamicRegistrationRequest
Added 'implicit' to 'grant_types'
grant_types
[
  "authorization_code",
  "implicit"
]
2022-11-27 17:09:08
AddPublicJwksToDynamicRegistrationRequest
Added client public JWKS to dynamic registration request
dynamic_registration_request
{
  "client_name": "Ristretto Core Conformance Test Dynamic Client Two BKM0UhVjklHUbnx",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "iT00g-QN1s5SFxgy9IGohPS-UCQZ1HFgEb9UlKWFn9KnCU6UHzaqxG_dXqZ2fAL38w1Yd88vkOmdjKNPt2nsbqHs7eknzf6Fys7C7IB2kHH0MOSTZ7JhNIV0X6eFII8EoMZzGl50mJP40UFfcAaZ5tSgGRitNO4wAsXCELosHidQ876HACcUKA8fEVfonxuiqw5L9Ct_SG95HLvRnUxIbFrexVzp6XBLzN1tNS9EMoSH2_dtEiSVs5Wf2-FS0mi2KOdogazXKpNmvG7MEahdeSxJ_9OxvRyHFdkH5uEXN65s9nMx9mCmIMzRjw1pY7Ld6BCPltqrGDc_Pd2mDsmM4w"
      }
    ]
  }
}
2022-11-27 17:09:08
AddTokenEndpointAuthMethodToDynamicRegistrationRequestFromEnvironment
Added token endpoint auth method to dynamic registration request
dynamic_registration_request
{
  "client_name": "Ristretto Core Conformance Test Dynamic Client Two BKM0UhVjklHUbnx",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "iT00g-QN1s5SFxgy9IGohPS-UCQZ1HFgEb9UlKWFn9KnCU6UHzaqxG_dXqZ2fAL38w1Yd88vkOmdjKNPt2nsbqHs7eknzf6Fys7C7IB2kHH0MOSTZ7JhNIV0X6eFII8EoMZzGl50mJP40UFfcAaZ5tSgGRitNO4wAsXCELosHidQ876HACcUKA8fEVfonxuiqw5L9Ct_SG95HLvRnUxIbFrexVzp6XBLzN1tNS9EMoSH2_dtEiSVs5Wf2-FS0mi2KOdogazXKpNmvG7MEahdeSxJ_9OxvRyHFdkH5uEXN65s9nMx9mCmIMzRjw1pY7Ld6BCPltqrGDc_Pd2mDsmM4w"
      }
    ]
  },
  "token_endpoint_auth_method": "client_secret_basic"
}
2022-11-27 17:09:08
AddResponseTypesArrayToDynamicRegistrationRequestFromEnvironment
Added response_types array to dynamic registration request
dynamic_registration_request
{
  "client_name": "Ristretto Core Conformance Test Dynamic Client Two BKM0UhVjklHUbnx",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "iT00g-QN1s5SFxgy9IGohPS-UCQZ1HFgEb9UlKWFn9KnCU6UHzaqxG_dXqZ2fAL38w1Yd88vkOmdjKNPt2nsbqHs7eknzf6Fys7C7IB2kHH0MOSTZ7JhNIV0X6eFII8EoMZzGl50mJP40UFfcAaZ5tSgGRitNO4wAsXCELosHidQ876HACcUKA8fEVfonxuiqw5L9Ct_SG95HLvRnUxIbFrexVzp6XBLzN1tNS9EMoSH2_dtEiSVs5Wf2-FS0mi2KOdogazXKpNmvG7MEahdeSxJ_9OxvRyHFdkH5uEXN65s9nMx9mCmIMzRjw1pY7Ld6BCPltqrGDc_Pd2mDsmM4w"
      }
    ]
  },
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code id_token"
  ]
}
2022-11-27 17:09:08
AddRedirectUriToDynamicRegistrationRequest
Added redirect_uris array to dynamic registration request
dynamic_registration_request
{
  "client_name": "Ristretto Core Conformance Test Dynamic Client Two BKM0UhVjklHUbnx",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "iT00g-QN1s5SFxgy9IGohPS-UCQZ1HFgEb9UlKWFn9KnCU6UHzaqxG_dXqZ2fAL38w1Yd88vkOmdjKNPt2nsbqHs7eknzf6Fys7C7IB2kHH0MOSTZ7JhNIV0X6eFII8EoMZzGl50mJP40UFfcAaZ5tSgGRitNO4wAsXCELosHidQ876HACcUKA8fEVfonxuiqw5L9Ct_SG95HLvRnUxIbFrexVzp6XBLzN1tNS9EMoSH2_dtEiSVs5Wf2-FS0mi2KOdogazXKpNmvG7MEahdeSxJ_9OxvRyHFdkH5uEXN65s9nMx9mCmIMzRjw1pY7Ld6BCPltqrGDc_Pd2mDsmM4w"
      }
    ]
  },
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code id_token"
  ],
  "redirect_uris": [
    "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"
  ]
}
2022-11-27 17:09:08
AddContactsToDynamicRegistrationRequest
Added contacts array to dynamic registration request
dynamic_registration_request
{
  "client_name": "Ristretto Core Conformance Test Dynamic Client Two BKM0UhVjklHUbnx",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "iT00g-QN1s5SFxgy9IGohPS-UCQZ1HFgEb9UlKWFn9KnCU6UHzaqxG_dXqZ2fAL38w1Yd88vkOmdjKNPt2nsbqHs7eknzf6Fys7C7IB2kHH0MOSTZ7JhNIV0X6eFII8EoMZzGl50mJP40UFfcAaZ5tSgGRitNO4wAsXCELosHidQ876HACcUKA8fEVfonxuiqw5L9Ct_SG95HLvRnUxIbFrexVzp6XBLzN1tNS9EMoSH2_dtEiSVs5Wf2-FS0mi2KOdogazXKpNmvG7MEahdeSxJ_9OxvRyHFdkH5uEXN65s9nMx9mCmIMzRjw1pY7Ld6BCPltqrGDc_Pd2mDsmM4w"
      }
    ]
  },
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code id_token"
  ],
  "redirect_uris": [
    "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"
  ],
  "contacts": [
    "certification@oidf.org"
  ]
}
2022-11-27 17:09:08
AddRefreshTokenGrantTypeToDynamicRegistrationRequest
Added 'refresh_token' to 'grant_types'
grant_types
[
  "authorization_code",
  "implicit",
  "refresh_token"
]
2022-11-27 17:09:08
CallDynamicRegistrationEndpoint
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register
request_method
POST
request_headers
{
  "accept": "application/json",
  "accept-charset": "utf-8",
  "content-type": "application/json",
  "content-length": "785"
}
request_body
{"client_name":"Ristretto Core Conformance Test Dynamic Client Two BKM0UhVjklHUbnx","grant_types":["authorization_code","implicit","refresh_token"],"jwks":{"keys":[{"kty":"RSA","e":"AQAB","use":"sig","alg":"RS256","n":"iT00g-QN1s5SFxgy9IGohPS-UCQZ1HFgEb9UlKWFn9KnCU6UHzaqxG_dXqZ2fAL38w1Yd88vkOmdjKNPt2nsbqHs7eknzf6Fys7C7IB2kHH0MOSTZ7JhNIV0X6eFII8EoMZzGl50mJP40UFfcAaZ5tSgGRitNO4wAsXCELosHidQ876HACcUKA8fEVfonxuiqw5L9Ct_SG95HLvRnUxIbFrexVzp6XBLzN1tNS9EMoSH2_dtEiSVs5Wf2-FS0mi2KOdogazXKpNmvG7MEahdeSxJ_9OxvRyHFdkH5uEXN65s9nMx9mCmIMzRjw1pY7Ld6BCPltqrGDc_Pd2mDsmM4w"}]},"token_endpoint_auth_method":"client_secret_basic","response_types":["code id_token"],"redirect_uris":["https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"],"contacts":["certification@oidf.org"]}
2022-11-27 17:09:09 RESPONSE
CallDynamicRegistrationEndpoint
HTTP response
response_status_code
201 CREATED
response_status_text
Created
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK2b255f3d-4ccd-422e-af24-debeb035f511",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c281638399b407abd3a3",
  "content-length": "1453",
  "date": "Sun, 27 Nov 2022 17:09:09 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:lXEiX9ftsrbxSriDO7Gmg9lAm7CyvdlGKOTyWlmM9XU\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:57871319; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003dB92CBC7FC4D0120431F4B6998AB9C212~-1~YAAQXXYGF2C3xYSEAQAApW0QugixeQPl1Bp2n3RNlWEPXLQXZNGMh9T3/U67af62Y+CXc+IQKhim2t7f66vIrzuQRNciWX1cPqPBDYQLQ2wU0Hyk4WPZ5ewCshaezkZZo1tu9R5QDL3oLIddDXRao1ipIRLxN3ctFWHCc6Mu83w/62sYXH7ZC7Pqvc1v5e/JPdzkgT6/CtFDrdpn5M9h7qXyJrkU+++cQVNsOh9kcQh0zpzP0JPVM0jBt3OE7Y4lpQulymjY6F+WwKxXjSsE7sgyxgTeZkuJyYcdHSytsSqYQzV2GLnATF41uFcCqQzeDnV5eTuvwEuKfhrA/LsBzlA1pnghenTONggBetqaXL/fQ4fRzuIEL/erOzoNuL8AgsKulN8\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 27 Nov 2023 17:09:09 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003dD67F7FDFF4ECD67F1F4D99E00793DC97~YAAQXXYGF2G3xYSEAQAApW0QuhHF1ozI9Yd+bEk1Inz6+WrKXyxJ+O46x77Dt85BiZVTYUHI/uUTeR8XUCPFrJy7/3vCLNRjkmUcAQpJV5KzirsAQdQq7hmYIoyM/G0Vsr+gxN2slcEny/+40zh2piUofV/ikGxp9kCtQYDoBArKBNzXCVnBAiGsWy0gMdKK9juG/gOYwR2SLo+v5nmwIHrVmSz0BVTUKkeb6z+hhEYzb0C4Cl5TX8VA1IcZPs46xfsM9z99dvDvx/15KBWGCsxbjSrPdSrpnXPWfoJq7Wlqggbtwtf9f+cB1S6T~3162934~3422514; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dSun, 27 Nov 2022 21:09:08 GMT; Max-Age\u003d14399; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d99",
    "origin; dur\u003d1351"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"all_users_entitled":true,"client_id":"7180ed1f-b547-407e-9b5f-b28ca220df14","client_id_issued_at":"2022-11-27T17:09:08Z","client_name":"Ristretto Core Conformance Test Dynamic Client Two BKM0UhVjklHUbnx","client_secret":"ic50XEEz9c","client_secret_expires_at":0,"consent_action":"always_prompt","enforce_pkce":false,"grant_types":["authorization_code","implicit","refresh_token"],"id_token_map":[],"id_token_signed_response_alg":"RS256","initiate_login_uri":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com","jwks":{"keys":[{"use":"sig","kty":"RSA","alg":"RS256","n":"iT00g-QN1s5SFxgy9IGohPS-UCQZ1HFgEb9UlKWFn9KnCU6UHzaqxG_dXqZ2fAL38w1Yd88vkOmdjKNPt2nsbqHs7eknzf6Fys7C7IB2kHH0MOSTZ7JhNIV0X6eFII8EoMZzGl50mJP40UFfcAaZ5tSgGRitNO4wAsXCELosHidQ876HACcUKA8fEVfonxuiqw5L9Ct_SG95HLvRnUxIbFrexVzp6XBLzN1tNS9EMoSH2_dtEiSVs5Wf2-FS0mi2KOdogazXKpNmvG7MEahdeSxJ_9OxvRyHFdkH5uEXN65s9nMx9mCmIMzRjw1pY7Ld6BCPltqrGDc_Pd2mDsmM4w","e":"AQAB"}]},"redirect_uris":["https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"],"registration_access_token":"tHSFpH3mZZ2JEb352Sn2eGibn0ckimF1kTCkO8uqf3s.yRBBSV3tQpjQbbVdSSPl4aJpa7RXShMIuouTyFp2czWiVfhr5ORu32hDcnNW9bA5sP3k8pVOJ9unDEUvDfPgmg.M18xNjY5NTY4OTQ5XzE4","registration_client_uri":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register/7180ed1f-b547-407e-9b5f-b28ca220df14","response_types":["code id_token"],"token_endpoint_auth_method":"client_secret_basic","token_map":[]}
2022-11-27 17:09:09
CallDynamicRegistrationEndpoint
Parsed registration endpoint response
status
201
endpoint_name
dynamic registration
headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK2b255f3d-4ccd-422e-af24-debeb035f511",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c281638399b407abd3a3",
  "content-length": "1453",
  "date": "Sun, 27 Nov 2022 17:09:09 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:lXEiX9ftsrbxSriDO7Gmg9lAm7CyvdlGKOTyWlmM9XU\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:57871319; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003dB92CBC7FC4D0120431F4B6998AB9C212~-1~YAAQXXYGF2C3xYSEAQAApW0QugixeQPl1Bp2n3RNlWEPXLQXZNGMh9T3/U67af62Y+CXc+IQKhim2t7f66vIrzuQRNciWX1cPqPBDYQLQ2wU0Hyk4WPZ5ewCshaezkZZo1tu9R5QDL3oLIddDXRao1ipIRLxN3ctFWHCc6Mu83w/62sYXH7ZC7Pqvc1v5e/JPdzkgT6/CtFDrdpn5M9h7qXyJrkU+++cQVNsOh9kcQh0zpzP0JPVM0jBt3OE7Y4lpQulymjY6F+WwKxXjSsE7sgyxgTeZkuJyYcdHSytsSqYQzV2GLnATF41uFcCqQzeDnV5eTuvwEuKfhrA/LsBzlA1pnghenTONggBetqaXL/fQ4fRzuIEL/erOzoNuL8AgsKulN8\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 27 Nov 2023 17:09:09 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003dD67F7FDFF4ECD67F1F4D99E00793DC97~YAAQXXYGF2G3xYSEAQAApW0QuhHF1ozI9Yd+bEk1Inz6+WrKXyxJ+O46x77Dt85BiZVTYUHI/uUTeR8XUCPFrJy7/3vCLNRjkmUcAQpJV5KzirsAQdQq7hmYIoyM/G0Vsr+gxN2slcEny/+40zh2piUofV/ikGxp9kCtQYDoBArKBNzXCVnBAiGsWy0gMdKK9juG/gOYwR2SLo+v5nmwIHrVmSz0BVTUKkeb6z+hhEYzb0C4Cl5TX8VA1IcZPs46xfsM9z99dvDvx/15KBWGCsxbjSrPdSrpnXPWfoJq7Wlqggbtwtf9f+cB1S6T~3162934~3422514; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dSun, 27 Nov 2022 21:09:08 GMT; Max-Age\u003d14399; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d99",
    "origin; dur\u003d1351"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
body
{"all_users_entitled":true,"client_id":"7180ed1f-b547-407e-9b5f-b28ca220df14","client_id_issued_at":"2022-11-27T17:09:08Z","client_name":"Ristretto Core Conformance Test Dynamic Client Two BKM0UhVjklHUbnx","client_secret":"ic50XEEz9c","client_secret_expires_at":0,"consent_action":"always_prompt","enforce_pkce":false,"grant_types":["authorization_code","implicit","refresh_token"],"id_token_map":[],"id_token_signed_response_alg":"RS256","initiate_login_uri":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com","jwks":{"keys":[{"use":"sig","kty":"RSA","alg":"RS256","n":"iT00g-QN1s5SFxgy9IGohPS-UCQZ1HFgEb9UlKWFn9KnCU6UHzaqxG_dXqZ2fAL38w1Yd88vkOmdjKNPt2nsbqHs7eknzf6Fys7C7IB2kHH0MOSTZ7JhNIV0X6eFII8EoMZzGl50mJP40UFfcAaZ5tSgGRitNO4wAsXCELosHidQ876HACcUKA8fEVfonxuiqw5L9Ct_SG95HLvRnUxIbFrexVzp6XBLzN1tNS9EMoSH2_dtEiSVs5Wf2-FS0mi2KOdogazXKpNmvG7MEahdeSxJ_9OxvRyHFdkH5uEXN65s9nMx9mCmIMzRjw1pY7Ld6BCPltqrGDc_Pd2mDsmM4w","e":"AQAB"}]},"redirect_uris":["https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"],"registration_access_token":"tHSFpH3mZZ2JEb352Sn2eGibn0ckimF1kTCkO8uqf3s.yRBBSV3tQpjQbbVdSSPl4aJpa7RXShMIuouTyFp2czWiVfhr5ORu32hDcnNW9bA5sP3k8pVOJ9unDEUvDfPgmg.M18xNjY5NTY4OTQ5XzE4","registration_client_uri":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register/7180ed1f-b547-407e-9b5f-b28ca220df14","response_types":["code id_token"],"token_endpoint_auth_method":"client_secret_basic","token_map":[]}
body_json
{
  "all_users_entitled": true,
  "client_id": "7180ed1f-b547-407e-9b5f-b28ca220df14",
  "client_id_issued_at": "2022-11-27T17:09:08Z",
  "client_name": "Ristretto Core Conformance Test Dynamic Client Two BKM0UhVjklHUbnx",
  "client_secret": "ic50XEEz9c",
  "client_secret_expires_at": 0,
  "consent_action": "always_prompt",
  "enforce_pkce": false,
  "grant_types": [
    "authorization_code",
    "implicit",
    "refresh_token"
  ],
  "id_token_map": [],
  "id_token_signed_response_alg": "RS256",
  "initiate_login_uri": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com",
  "jwks": {
    "keys": [
      {
        "use": "sig",
        "kty": "RSA",
        "alg": "RS256",
        "n": "iT00g-QN1s5SFxgy9IGohPS-UCQZ1HFgEb9UlKWFn9KnCU6UHzaqxG_dXqZ2fAL38w1Yd88vkOmdjKNPt2nsbqHs7eknzf6Fys7C7IB2kHH0MOSTZ7JhNIV0X6eFII8EoMZzGl50mJP40UFfcAaZ5tSgGRitNO4wAsXCELosHidQ876HACcUKA8fEVfonxuiqw5L9Ct_SG95HLvRnUxIbFrexVzp6XBLzN1tNS9EMoSH2_dtEiSVs5Wf2-FS0mi2KOdogazXKpNmvG7MEahdeSxJ_9OxvRyHFdkH5uEXN65s9nMx9mCmIMzRjw1pY7Ld6BCPltqrGDc_Pd2mDsmM4w",
        "e": "AQAB"
      }
    ]
  },
  "redirect_uris": [
    "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"
  ],
  "registration_access_token": "tHSFpH3mZZ2JEb352Sn2eGibn0ckimF1kTCkO8uqf3s.yRBBSV3tQpjQbbVdSSPl4aJpa7RXShMIuouTyFp2czWiVfhr5ORu32hDcnNW9bA5sP3k8pVOJ9unDEUvDfPgmg.M18xNjY5NTY4OTQ5XzE4",
  "registration_client_uri": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register/7180ed1f-b547-407e-9b5f-b28ca220df14",
  "response_types": [
    "code id_token"
  ],
  "token_endpoint_auth_method": "client_secret_basic",
  "token_map": []
}
2022-11-27 17:09:09 SUCCESS
EnsureContentTypeJson
endpoint_response Content-Type: header is application/json
2022-11-27 17:09:09 SUCCESS
EnsureHttpStatusCodeIs201
dynamic registration endpoint returned the expected http status
expected_status
201
http_status
201
2022-11-27 17:09:09 SUCCESS
CheckNoErrorFromDynamicRegistrationEndpoint
Dynamic registration endpoint did not return an error.
2022-11-27 17:09:09 SUCCESS
ExtractDynamicRegistrationResponse
Extracted client from dynamic registration response
client_id
7180ed1f-b547-407e-9b5f-b28ca220df14
2022-11-27 17:09:09 SUCCESS
VerifyClientManagementCredentials
Verified dynamic registration management credentials
registration_client_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register/7180ed1f-b547-407e-9b5f-b28ca220df14
registration_access_token
tHSFpH3mZZ2JEb352Sn2eGibn0ckimF1kTCkO8uqf3s.yRBBSV3tQpjQbbVdSSPl4aJpa7RXShMIuouTyFp2czWiVfhr5ORu32hDcnNW9bA5sP3k8pVOJ9unDEUvDfPgmg.M18xNjY5NTY4OTQ5XzE4
2022-11-27 17:09:09
SetScopeInClientConfigurationToOpenId
Set scope in client configuration to "openid"
scope
openid
2022-11-27 17:09:09
SetScopeInClientConfigurationToOpenIdOfflineAccessIfServerSupportsOfflineAccess
scopes supported does not contain 'offline_access' so not adding it to the list of scopes to be requested
scopes_supported
[
  "openid",
  "profile",
  "email",
  "phone",
  "address"
]
2022-11-27 17:09:09 SUCCESS
EnsureServerConfigurationSupportsClientSecretBasic
Contents of 'token_endpoint_auth_methods_supported' in discovery document matches expectations.
actual
[
  "client_secret_basic",
  "client_secret_post",
  "private_key_jwt",
  "tls_client_auth"
]
expected
[
  "client_secret_basic"
]
minimum_matches_required
1
2022-11-27 17:09:09 SUCCESS
SetProtectedResourceUrlToUserInfoEndpoint
userinfo_endpoint will be used to test access token. The user info is not a mandatory to implement feature in the OpenID Connect specification, but is mandatory for certification.
protected_resource_url
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/userinfo
2022-11-27 17:09:09
oidcc-refresh-token
Setup Done
Make request to authorization endpoint
2022-11-27 17:09:09 SUCCESS
CreateAuthorizationEndpointRequestFromClientInformation
Created authorization endpoint request
client_id
d8685040-49f8-4e3a-91c9-9ac58967391c
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
scope
openid
2022-11-27 17:09:09
CreateRandomStateValue
Created state value
requested_state_length
10
state
AnqK8KOWYA
2022-11-27 17:09:09 SUCCESS
AddStateToAuthorizationEndpointRequest
Added state parameter to request
client_id
d8685040-49f8-4e3a-91c9-9ac58967391c
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
scope
openid
state
AnqK8KOWYA
2022-11-27 17:09:09
CreateRandomNonceValue
Created nonce value
requested_nonce_length
10
nonce
YvXaPjCMsL
2022-11-27 17:09:09 SUCCESS
AddNonceToAuthorizationEndpointRequest
Added nonce parameter to request
client_id
d8685040-49f8-4e3a-91c9-9ac58967391c
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
scope
openid
state
AnqK8KOWYA
nonce
YvXaPjCMsL
2022-11-27 17:09:09 SUCCESS
SetAuthorizationEndpointRequestResponseTypeFromEnvironment
Added response_type parameter to request
client_id
d8685040-49f8-4e3a-91c9-9ac58967391c
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
scope
openid
state
AnqK8KOWYA
nonce
YvXaPjCMsL
response_type
code id_token
2022-11-27 17:09:09 SUCCESS
AddPromptConsentToAuthorizationEndpointRequestIfScopeContainsOfflineAccess
Not adding prompt=consent as the scope in the configuration does not contain offline_access
2022-11-27 17:09:09 SUCCESS
BuildPlainRedirectToAuthorizationEndpoint
Sending to authorization endpoint
auth_request
{
  "client_id": "d8685040-49f8-4e3a-91c9-9ac58967391c",
  "redirect_uri": "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback",
  "scope": "openid",
  "state": "AnqK8KOWYA",
  "nonce": "YvXaPjCMsL",
  "response_type": "code id_token"
}
redirect_to_authorization_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/authorize?client_id=d8685040-49f8-4e3a-91c9-9ac58967391c&redirect_uri=https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback&scope=openid&state=AnqK8KOWYA&nonce=YvXaPjCMsL&response_type=code%20id_token
2022-11-27 17:09:09 REDIRECT
oidcc-refresh-token
Redirecting to authorization endpoint
redirect_to
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/authorize?client_id=d8685040-49f8-4e3a-91c9-9ac58967391c&redirect_uri=https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback&scope=openid&state=AnqK8KOWYA&nonce=YvXaPjCMsL&response_type=code%20id_token
2022-11-27 17:09:15 INCOMING
oidcc-refresh-token
Incoming HTTP request to /test/a/isv_op_oidc_core_test/callback
incoming_headers
{
  "host": "www.certification.openid.net",
  "cache-control": "max-age\u003d0",
  "upgrade-insecure-requests": "1",
  "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,image/avif,image/webp,image/apng,*/*;q\u003d0.8,application/signed-exchange;v\u003db3;q\u003d0.9",
  "sec-fetch-site": "cross-site",
  "sec-fetch-mode": "navigate",
  "sec-fetch-user": "?1",
  "sec-fetch-dest": "document",
  "sec-ch-ua": "\"Google Chrome\";v\u003d\"107\", \"Chromium\";v\u003d\"107\", \"Not\u003dA?Brand\";v\u003d\"24\"",
  "sec-ch-ua-mobile": "?0",
  "sec-ch-ua-platform": "\"Windows\"",
  "referer": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-US,en;q\u003d0.9,zh-CN;q\u003d0.8,zh;q\u003d0.7",
  "cookie": "__utmz\u003d201319536.1668662898.14.3.utmcsr\u003dcertification.openid.net|utmccn\u003d(referral)|utmcmd\u003dreferral|utmcct\u003d/; __utmc\u003d201319536; __utma\u003d201319536.1094656506.1667372526.1669169819.1669192421.17; JSESSIONID\u003dA99EA218D2554846F38BDDE459E8C220",
  "connection": "close"
}
incoming_path
/test/a/isv_op_oidc_core_test/callback
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cert
incoming_query_string_params
{}
incoming_body
incoming_tls_chain
[
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL"
]
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_body_json
2022-11-27 17:09:15 SUCCESS
CreateRandomImplicitSubmitUrl
Created random implicit submission URL
implicit_submit
{
  "path": "implicit/yGzfzYLAPUWDyiRBox6d",
  "fullUrl": "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/implicit/yGzfzYLAPUWDyiRBox6d"
}
2022-11-27 17:09:15 OUTGOING
oidcc-refresh-token
Response to HTTP request to test instance BKM0UhVjklHUbnx
outgoing
ModelAndView [view="implicitCallback"; model={implicitSubmitUrl=https://www.certification.openid.net/test/a/isv_op_oidc_core_test/implicit/yGzfzYLAPUWDyiRBox6d, returnUrl=/log-detail.html?log=BKM0UhVjklHUbnx}]
outgoing_path
callback
2022-11-27 17:09:16 INCOMING
oidcc-refresh-token
Incoming HTTP request to /test/a/isv_op_oidc_core_test/implicit/yGzfzYLAPUWDyiRBox6d
incoming_headers
{
  "host": "www.certification.openid.net",
  "sec-ch-ua": "\"Google Chrome\";v\u003d\"107\", \"Chromium\";v\u003d\"107\", \"Not\u003dA?Brand\";v\u003d\"24\"",
  "accept": "*/*",
  "content-type": "text/plain",
  "x-requested-with": "XMLHttpRequest",
  "sec-ch-ua-mobile": "?0",
  "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36",
  "sec-ch-ua-platform": "\"Windows\"",
  "origin": "https://www.certification.openid.net",
  "sec-fetch-site": "same-origin",
  "sec-fetch-mode": "cors",
  "sec-fetch-dest": "empty",
  "referer": "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-US,en;q\u003d0.9,zh-CN;q\u003d0.8,zh;q\u003d0.7",
  "cookie": "__utmz\u003d201319536.1668662898.14.3.utmcsr\u003dcertification.openid.net|utmccn\u003d(referral)|utmcmd\u003dreferral|utmcct\u003d/; __utmc\u003d201319536; __utma\u003d201319536.1094656506.1667372526.1669169819.1669192421.17; JSESSIONID\u003dA99EA218D2554846F38BDDE459E8C220",
  "connection": "close",
  "content-length": "1278"
}
incoming_path
/test/a/isv_op_oidc_core_test/implicit/yGzfzYLAPUWDyiRBox6d
incoming_body_form_params
incoming_method
POST
incoming_tls_version
TLSv1.2
incoming_tls_cert
incoming_query_string_params
{}
incoming_body
#code=n1onLAYLmcmzPL-bCrX56O0gyyrxAU-7ji1B27bfBkA.d_FgL7dtXa7YtrRc0Yqqvz3PLJHlgynw-emQSIdg8Yno33x0AwhhHVFli_koPgKq6O9H0RSq0EFOfNum-hEdXQ&id_token=eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF1ZCI6WyJkODY4NTA0MC00OWY4LTRlM2EtOTFjOS05YWM1ODk2NzM5MWMiXSwiYXV0aF90aW1lIjoxNjY5NTY4NDA4LCJjX2hhc2giOiJfaWNpQmZpcWVWWlE3cEhYTm8xLVVBIiwiZXhwIjoxNjY5NTc2MTU1LCJpYXQiOjE2Njk1Njg5NTUsImlzcyI6Imh0dHBzOi8vb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tL29hdXRoMiIsImp0aSI6ImMwZDZkZDY3LWZlNjktNGM3Yi1iODIyLWMxNGFiYzk0NDY3ZiIsIm5hbWUiOiJJU1YgRGV2Iiwibm9uY2UiOiJZdlhhUGpDTXNMIiwicHJlZmVycmVkX3VzZXJuYW1lIjoiaXN2ZGV2QGlibS5jb20iLCJyYXQiOjE2Njk1Njg5NTMsInJlYWxtTmFtZSI6ImNsb3VkSWRlbnRpdHlSZWFsbSIsInNfaGFzaCI6IlRLSE9uMlNiV1U3UEFjeEJmcDFYcEEiLCJzdWIiOiI2MTYwMDE3TjY3In0.VdAVMBJS6rYa5ZgjeavHApdKGgrSQvoeYPLLl1fDLbMWX6bAx_vuAt4OeYb3QUHSB1U-3ippqD8LB5e_kApsskFdNXWudtQ9uy-wv0xscqfnge0WCAXvhoXL1DVTJ1vFKqgqySaGMylT1XcK2OV9RMd8ZtZdamiLsrt2VXvQVzcQyF3m0jVAMnAxGfjy-BZpGPMhD6xbVtJMJk7TSvZzxoScp9lVPFl8k-KEU-WnHjF3zPbic2FjUTpIYk0gWNggB4dMpZ4ZkyPTZ9VPNApQute0KfleukNchPe9RK1DSgG7ccpRxiBvxGv_LwAbU-L-Tz1kdf4FsoqacLM8CmIL5g&iss=https%3A%2F%2Foidc-conformance.rel.verify.ibmcloudsecurity.com%2Foauth2&state=AnqK8KOWYA
incoming_tls_chain
[
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL"
]
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_body_json
2022-11-27 17:09:16 OUTGOING
oidcc-refresh-token
Response to HTTP request to test instance BKM0UhVjklHUbnx
outgoing_status_code
204
outgoing_headers
{}
outgoing_body

                                
outgoing_path
implicit/yGzfzYLAPUWDyiRBox6d
2022-11-27 17:09:16
ExtractImplicitHashToCallbackResponse
Extracted response from URL fragment
parameters
[
  {
    "name": "code",
    "value": "n1onLAYLmcmzPL-bCrX56O0gyyrxAU-7ji1B27bfBkA.d_FgL7dtXa7YtrRc0Yqqvz3PLJHlgynw-emQSIdg8Yno33x0AwhhHVFli_koPgKq6O9H0RSq0EFOfNum-hEdXQ"
  },
  {
    "name": "id_token",
    "value": "eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF1ZCI6WyJkODY4NTA0MC00OWY4LTRlM2EtOTFjOS05YWM1ODk2NzM5MWMiXSwiYXV0aF90aW1lIjoxNjY5NTY4NDA4LCJjX2hhc2giOiJfaWNpQmZpcWVWWlE3cEhYTm8xLVVBIiwiZXhwIjoxNjY5NTc2MTU1LCJpYXQiOjE2Njk1Njg5NTUsImlzcyI6Imh0dHBzOi8vb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tL29hdXRoMiIsImp0aSI6ImMwZDZkZDY3LWZlNjktNGM3Yi1iODIyLWMxNGFiYzk0NDY3ZiIsIm5hbWUiOiJJU1YgRGV2Iiwibm9uY2UiOiJZdlhhUGpDTXNMIiwicHJlZmVycmVkX3VzZXJuYW1lIjoiaXN2ZGV2QGlibS5jb20iLCJyYXQiOjE2Njk1Njg5NTMsInJlYWxtTmFtZSI6ImNsb3VkSWRlbnRpdHlSZWFsbSIsInNfaGFzaCI6IlRLSE9uMlNiV1U3UEFjeEJmcDFYcEEiLCJzdWIiOiI2MTYwMDE3TjY3In0.VdAVMBJS6rYa5ZgjeavHApdKGgrSQvoeYPLLl1fDLbMWX6bAx_vuAt4OeYb3QUHSB1U-3ippqD8LB5e_kApsskFdNXWudtQ9uy-wv0xscqfnge0WCAXvhoXL1DVTJ1vFKqgqySaGMylT1XcK2OV9RMd8ZtZdamiLsrt2VXvQVzcQyF3m0jVAMnAxGfjy-BZpGPMhD6xbVtJMJk7TSvZzxoScp9lVPFl8k-KEU-WnHjF3zPbic2FjUTpIYk0gWNggB4dMpZ4ZkyPTZ9VPNApQute0KfleukNchPe9RK1DSgG7ccpRxiBvxGv_LwAbU-L-Tz1kdf4FsoqacLM8CmIL5g"
  },
  {
    "name": "iss",
    "value": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2"
  },
  {
    "name": "state",
    "value": "AnqK8KOWYA"
  }
]
2022-11-27 17:09:16 SUCCESS
ExtractImplicitHashToCallbackResponse
Extracted the hash values
code
n1onLAYLmcmzPL-bCrX56O0gyyrxAU-7ji1B27bfBkA.d_FgL7dtXa7YtrRc0Yqqvz3PLJHlgynw-emQSIdg8Yno33x0AwhhHVFli_koPgKq6O9H0RSq0EFOfNum-hEdXQ
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF1ZCI6WyJkODY4NTA0MC00OWY4LTRlM2EtOTFjOS05YWM1ODk2NzM5MWMiXSwiYXV0aF90aW1lIjoxNjY5NTY4NDA4LCJjX2hhc2giOiJfaWNpQmZpcWVWWlE3cEhYTm8xLVVBIiwiZXhwIjoxNjY5NTc2MTU1LCJpYXQiOjE2Njk1Njg5NTUsImlzcyI6Imh0dHBzOi8vb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tL29hdXRoMiIsImp0aSI6ImMwZDZkZDY3LWZlNjktNGM3Yi1iODIyLWMxNGFiYzk0NDY3ZiIsIm5hbWUiOiJJU1YgRGV2Iiwibm9uY2UiOiJZdlhhUGpDTXNMIiwicHJlZmVycmVkX3VzZXJuYW1lIjoiaXN2ZGV2QGlibS5jb20iLCJyYXQiOjE2Njk1Njg5NTMsInJlYWxtTmFtZSI6ImNsb3VkSWRlbnRpdHlSZWFsbSIsInNfaGFzaCI6IlRLSE9uMlNiV1U3UEFjeEJmcDFYcEEiLCJzdWIiOiI2MTYwMDE3TjY3In0.VdAVMBJS6rYa5ZgjeavHApdKGgrSQvoeYPLLl1fDLbMWX6bAx_vuAt4OeYb3QUHSB1U-3ippqD8LB5e_kApsskFdNXWudtQ9uy-wv0xscqfnge0WCAXvhoXL1DVTJ1vFKqgqySaGMylT1XcK2OV9RMd8ZtZdamiLsrt2VXvQVzcQyF3m0jVAMnAxGfjy-BZpGPMhD6xbVtJMJk7TSvZzxoScp9lVPFl8k-KEU-WnHjF3zPbic2FjUTpIYk0gWNggB4dMpZ4ZkyPTZ9VPNApQute0KfleukNchPe9RK1DSgG7ccpRxiBvxGv_LwAbU-L-Tz1kdf4FsoqacLM8CmIL5g
iss
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2
state
AnqK8KOWYA
2022-11-27 17:09:16 REDIRECT-IN
oidcc-refresh-token
Authorization endpoint response captured
url_query
{}
headers
{
  "host": "www.certification.openid.net",
  "cache-control": "max-age\u003d0",
  "upgrade-insecure-requests": "1",
  "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,image/avif,image/webp,image/apng,*/*;q\u003d0.8,application/signed-exchange;v\u003db3;q\u003d0.9",
  "sec-fetch-site": "cross-site",
  "sec-fetch-mode": "navigate",
  "sec-fetch-user": "?1",
  "sec-fetch-dest": "document",
  "sec-ch-ua": "\"Google Chrome\";v\u003d\"107\", \"Chromium\";v\u003d\"107\", \"Not\u003dA?Brand\";v\u003d\"24\"",
  "sec-ch-ua-mobile": "?0",
  "sec-ch-ua-platform": "\"Windows\"",
  "referer": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-US,en;q\u003d0.9,zh-CN;q\u003d0.8,zh;q\u003d0.7",
  "cookie": "__utmz\u003d201319536.1668662898.14.3.utmcsr\u003dcertification.openid.net|utmccn\u003d(referral)|utmcmd\u003dreferral|utmcct\u003d/; __utmc\u003d201319536; __utma\u003d201319536.1094656506.1667372526.1669169819.1669192421.17; JSESSIONID\u003dA99EA218D2554846F38BDDE459E8C220",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "x-forwarded-proto": "https",
  "x-forwarded-port": "443",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
http_method
GET
url_fragment
{
  "code": "n1onLAYLmcmzPL-bCrX56O0gyyrxAU-7ji1B27bfBkA.d_FgL7dtXa7YtrRc0Yqqvz3PLJHlgynw-emQSIdg8Yno33x0AwhhHVFli_koPgKq6O9H0RSq0EFOfNum-hEdXQ",
  "id_token": "eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF1ZCI6WyJkODY4NTA0MC00OWY4LTRlM2EtOTFjOS05YWM1ODk2NzM5MWMiXSwiYXV0aF90aW1lIjoxNjY5NTY4NDA4LCJjX2hhc2giOiJfaWNpQmZpcWVWWlE3cEhYTm8xLVVBIiwiZXhwIjoxNjY5NTc2MTU1LCJpYXQiOjE2Njk1Njg5NTUsImlzcyI6Imh0dHBzOi8vb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tL29hdXRoMiIsImp0aSI6ImMwZDZkZDY3LWZlNjktNGM3Yi1iODIyLWMxNGFiYzk0NDY3ZiIsIm5hbWUiOiJJU1YgRGV2Iiwibm9uY2UiOiJZdlhhUGpDTXNMIiwicHJlZmVycmVkX3VzZXJuYW1lIjoiaXN2ZGV2QGlibS5jb20iLCJyYXQiOjE2Njk1Njg5NTMsInJlYWxtTmFtZSI6ImNsb3VkSWRlbnRpdHlSZWFsbSIsInNfaGFzaCI6IlRLSE9uMlNiV1U3UEFjeEJmcDFYcEEiLCJzdWIiOiI2MTYwMDE3TjY3In0.VdAVMBJS6rYa5ZgjeavHApdKGgrSQvoeYPLLl1fDLbMWX6bAx_vuAt4OeYb3QUHSB1U-3ippqD8LB5e_kApsskFdNXWudtQ9uy-wv0xscqfnge0WCAXvhoXL1DVTJ1vFKqgqySaGMylT1XcK2OV9RMd8ZtZdamiLsrt2VXvQVzcQyF3m0jVAMnAxGfjy-BZpGPMhD6xbVtJMJk7TSvZzxoScp9lVPFl8k-KEU-WnHjF3zPbic2FjUTpIYk0gWNggB4dMpZ4ZkyPTZ9VPNApQute0KfleukNchPe9RK1DSgG7ccpRxiBvxGv_LwAbU-L-Tz1kdf4FsoqacLM8CmIL5g",
  "iss": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "state": "AnqK8KOWYA"
}
post_body
Verify authorization endpoint response
2022-11-27 17:09:16 SUCCESS
RejectAuthCodeInUrlQuery
Authorization code is not present in URL query returned from authorization endpoint
2022-11-27 17:09:16 SUCCESS
RejectErrorInUrlQuery
'error' is not present in URL query returned from authorization endpoint
2022-11-27 17:09:16 SUCCESS
CheckMatchingCallbackParameters
Callback parameters successfully verified
2022-11-27 17:09:16 SUCCESS
ValidateIssInAuthorizationResponse
'iss' parameter in authorization response matches server's issuer value.
2022-11-27 17:09:16 SUCCESS
CheckIfAuthorizationEndpointError
No error from authorization endpoint
2022-11-27 17:09:16 SUCCESS
CheckStateInAuthorizationResponse
State in response correctly returned
state
AnqK8KOWYA
2022-11-27 17:09:16 SUCCESS
ExtractAuthorizationCodeFromAuthorizationResponse
Found authorization code
code
n1onLAYLmcmzPL-bCrX56O0gyyrxAU-7ji1B27bfBkA.d_FgL7dtXa7YtrRc0Yqqvz3PLJHlgynw-emQSIdg8Yno33x0AwhhHVFli_koPgKq6O9H0RSq0EFOfNum-hEdXQ
2022-11-27 17:09:16 SUCCESS
ExtractIdTokenFromAuthorizationResponse
Found and parsed the id_token from authorization_endpoint_response
value
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF1ZCI6WyJkODY4NTA0MC00OWY4LTRlM2EtOTFjOS05YWM1ODk2NzM5MWMiXSwiYXV0aF90aW1lIjoxNjY5NTY4NDA4LCJjX2hhc2giOiJfaWNpQmZpcWVWWlE3cEhYTm8xLVVBIiwiZXhwIjoxNjY5NTc2MTU1LCJpYXQiOjE2Njk1Njg5NTUsImlzcyI6Imh0dHBzOi8vb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tL29hdXRoMiIsImp0aSI6ImMwZDZkZDY3LWZlNjktNGM3Yi1iODIyLWMxNGFiYzk0NDY3ZiIsIm5hbWUiOiJJU1YgRGV2Iiwibm9uY2UiOiJZdlhhUGpDTXNMIiwicHJlZmVycmVkX3VzZXJuYW1lIjoiaXN2ZGV2QGlibS5jb20iLCJyYXQiOjE2Njk1Njg5NTMsInJlYWxtTmFtZSI6ImNsb3VkSWRlbnRpdHlSZWFsbSIsInNfaGFzaCI6IlRLSE9uMlNiV1U3UEFjeEJmcDFYcEEiLCJzdWIiOiI2MTYwMDE3TjY3In0.VdAVMBJS6rYa5ZgjeavHApdKGgrSQvoeYPLLl1fDLbMWX6bAx_vuAt4OeYb3QUHSB1U-3ippqD8LB5e_kApsskFdNXWudtQ9uy-wv0xscqfnge0WCAXvhoXL1DVTJ1vFKqgqySaGMylT1XcK2OV9RMd8ZtZdamiLsrt2VXvQVzcQyF3m0jVAMnAxGfjy-BZpGPMhD6xbVtJMJk7TSvZzxoScp9lVPFl8k-KEU-WnHjF3zPbic2FjUTpIYk0gWNggB4dMpZ4ZkyPTZ9VPNApQute0KfleukNchPe9RK1DSgG7ccpRxiBvxGv_LwAbU-L-Tz1kdf4FsoqacLM8CmIL5g
header
{
  "kid": "server",
  "alg": "RS256"
}
claims
{
  "sub": "6160017N67",
  "rat": 1669568953,
  "realmName": "cloudIdentityRealm",
  "amr": [
    "password"
  ],
  "iss": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "preferred_username": "isvdev@ibm.com",
  "nonce": "YvXaPjCMsL",
  "acr": "urn:ibm:security:policy:id:1",
  "aud": "d8685040-49f8-4e3a-91c9-9ac58967391c",
  "c_hash": "_iciBfiqeVZQ7pHXNo1-UA",
  "s_hash": "TKHOn2SbWU7PAcxBfp1XpA",
  "auth_time": 1669568408,
  "name": "ISV Dev",
  "exp": 1669576155,
  "iat": 1669568955,
  "jti": "c0d6dd67-fe69-4c7b-b822-c14abc94467f"
}
2022-11-27 17:09:16 SUCCESS
ValidateIdToken
ID token iss, aud, exp, iat, auth_time, acr & nbf claims passed validation checks
2022-11-27 17:09:16
ValidateIdTokenStandardClaims
sub is a string with content
2022-11-27 17:09:16
ValidateIdTokenStandardClaims
Skipping unknown claim: rat
2022-11-27 17:09:16
ValidateIdTokenStandardClaims
Skipping unknown claim: realmName
2022-11-27 17:09:16
ValidateIdTokenStandardClaims
preferred_username is a string with content
2022-11-27 17:09:16
ValidateIdTokenStandardClaims
name is a string with content
2022-11-27 17:09:16 SUCCESS
ValidateIdTokenStandardClaims
id_token claims are valid
2022-11-27 17:09:16 SUCCESS
ValidateIdTokenNonce
Nonce values match
nonce
YvXaPjCMsL
2022-11-27 17:09:16 SUCCESS
ValidateIdTokenACRClaimAgainstRequest
Nothing to check; the conformance suite did not request an acr claim in request object
2022-11-27 17:09:16 SUCCESS
ValidateIdTokenSignature
id_token signature validated
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF1ZCI6WyJkODY4NTA0MC00OWY4LTRlM2EtOTFjOS05YWM1ODk2NzM5MWMiXSwiYXV0aF90aW1lIjoxNjY5NTY4NDA4LCJjX2hhc2giOiJfaWNpQmZpcWVWWlE3cEhYTm8xLVVBIiwiZXhwIjoxNjY5NTc2MTU1LCJpYXQiOjE2Njk1Njg5NTUsImlzcyI6Imh0dHBzOi8vb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tL29hdXRoMiIsImp0aSI6ImMwZDZkZDY3LWZlNjktNGM3Yi1iODIyLWMxNGFiYzk0NDY3ZiIsIm5hbWUiOiJJU1YgRGV2Iiwibm9uY2UiOiJZdlhhUGpDTXNMIiwicHJlZmVycmVkX3VzZXJuYW1lIjoiaXN2ZGV2QGlibS5jb20iLCJyYXQiOjE2Njk1Njg5NTMsInJlYWxtTmFtZSI6ImNsb3VkSWRlbnRpdHlSZWFsbSIsInNfaGFzaCI6IlRLSE9uMlNiV1U3UEFjeEJmcDFYcEEiLCJzdWIiOiI2MTYwMDE3TjY3In0.VdAVMBJS6rYa5ZgjeavHApdKGgrSQvoeYPLLl1fDLbMWX6bAx_vuAt4OeYb3QUHSB1U-3ippqD8LB5e_kApsskFdNXWudtQ9uy-wv0xscqfnge0WCAXvhoXL1DVTJ1vFKqgqySaGMylT1XcK2OV9RMd8ZtZdamiLsrt2VXvQVzcQyF3m0jVAMnAxGfjy-BZpGPMhD6xbVtJMJk7TSvZzxoScp9lVPFl8k-KEU-WnHjF3zPbic2FjUTpIYk0gWNggB4dMpZ4ZkyPTZ9VPNApQute0KfleukNchPe9RK1DSgG7ccpRxiBvxGv_LwAbU-L-Tz1kdf4FsoqacLM8CmIL5g
2022-11-27 17:09:16 SUCCESS
ValidateIdTokenSignatureUsingKid
id_token signature validated
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF1ZCI6WyJkODY4NTA0MC00OWY4LTRlM2EtOTFjOS05YWM1ODk2NzM5MWMiXSwiYXV0aF90aW1lIjoxNjY5NTY4NDA4LCJjX2hhc2giOiJfaWNpQmZpcWVWWlE3cEhYTm8xLVVBIiwiZXhwIjoxNjY5NTc2MTU1LCJpYXQiOjE2Njk1Njg5NTUsImlzcyI6Imh0dHBzOi8vb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tL29hdXRoMiIsImp0aSI6ImMwZDZkZDY3LWZlNjktNGM3Yi1iODIyLWMxNGFiYzk0NDY3ZiIsIm5hbWUiOiJJU1YgRGV2Iiwibm9uY2UiOiJZdlhhUGpDTXNMIiwicHJlZmVycmVkX3VzZXJuYW1lIjoiaXN2ZGV2QGlibS5jb20iLCJyYXQiOjE2Njk1Njg5NTMsInJlYWxtTmFtZSI6ImNsb3VkSWRlbnRpdHlSZWFsbSIsInNfaGFzaCI6IlRLSE9uMlNiV1U3UEFjeEJmcDFYcEEiLCJzdWIiOiI2MTYwMDE3TjY3In0.VdAVMBJS6rYa5ZgjeavHApdKGgrSQvoeYPLLl1fDLbMWX6bAx_vuAt4OeYb3QUHSB1U-3ippqD8LB5e_kApsskFdNXWudtQ9uy-wv0xscqfnge0WCAXvhoXL1DVTJ1vFKqgqySaGMylT1XcK2OV9RMd8ZtZdamiLsrt2VXvQVzcQyF3m0jVAMnAxGfjy-BZpGPMhD6xbVtJMJk7TSvZzxoScp9lVPFl8k-KEU-WnHjF3zPbic2FjUTpIYk0gWNggB4dMpZ4ZkyPTZ9VPNApQute0KfleukNchPe9RK1DSgG7ccpRxiBvxGv_LwAbU-L-Tz1kdf4FsoqacLM8CmIL5g
2022-11-27 17:09:16 SUCCESS
CheckForSubjectInIdToken
Found 'sub' in id_token
sub
6160017N67
2022-11-27 17:09:16
EnsureIdTokenUpdatedAtValid
id_token response does not contain 'updated_at'
2022-11-27 17:09:16 INFO
ValidateEncryptedIdTokenHasKid
Skipped evaluation due to missing required element: id_token jwe_header
path
jwe_header
mapped
object
id_token
2022-11-27 17:09:16 SUCCESS
CreateTokenEndpointRequestForAuthorizationCodeGrant
Created token endpoint request
grant_type
authorization_code
code
n1onLAYLmcmzPL-bCrX56O0gyyrxAU-7ji1B27bfBkA.d_FgL7dtXa7YtrRc0Yqqvz3PLJHlgynw-emQSIdg8Yno33x0AwhhHVFli_koPgKq6O9H0RSq0EFOfNum-hEdXQ
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
2022-11-27 17:09:16 SUCCESS
AddBasicAuthClientSecretAuthenticationParameters
Added basic authorization header
Authorization
Basic ZDg2ODUwNDAtNDlmOC00ZTNhLTkxYzktOWFjNTg5NjczOTFjOk80b2EzT1NrUmM=
2022-11-27 17:09:16
CallTokenEndpoint
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/token
request_method
POST
request_headers
{
  "accept": "application/json",
  "authorization": "Basic ZDg2ODUwNDAtNDlmOC00ZTNhLTkxYzktOWFjNTg5NjczOTFjOk80b2EzT1NrUmM\u003d",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "267"
}
request_body
grant_type=authorization_code&code=n1onLAYLmcmzPL-bCrX56O0gyyrxAU-7ji1B27bfBkA.d_FgL7dtXa7YtrRc0Yqqvz3PLJHlgynw-emQSIdg8Yno33x0AwhhHVFli_koPgKq6O9H0RSq0EFOfNum-hEdXQ&redirect_uri=https%3A%2F%2Fwww.certification.openid.net%2Ftest%2Fa%2Fisv_op_oidc_core_test%2Fcallback
2022-11-27 17:09:16 RESPONSE
CallTokenEndpoint
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK07799a53-fc79-4b01-8bdd-68ca21412ded",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c281638399bc351127d1",
  "content-length": "1498",
  "date": "Sun, 27 Nov 2022 17:09:16 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:4m+QwSYvS/eZ3ZDYuNQz3kL7MCrIzUFAlaMfHyCwJ7Q\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:57871319; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003dD01628B3F6A8FAEC61379D280DFCD540~-1~YAAQXXYGF5O4xYSEAQAAZIgQugiS+sI8hqS86WDUaUtjPMEusrsYhSvZty+BdpQhbQ8KmBwTWomStKGa5m10PI1PC2MGOJrpSRHylHKa4McbfxsTKgcR2pp6X/ZLEdTTATi4Sb7QgcVpJRL0EzWq0Yys8BM6f2o5iS+DHO9P6SUyses1DliB+cBcEO6kXzbw78cClxqzlux3r8YJ3n92YT1jsLFq+GmAgQHxhVyIGyT4X4zS1Em1jQGnxxcOHYDOe/x5GMnpVAS134uxu5gWggWC4+AUC8iTfYqNoTxuCNXcd67wg95SaN4b2J502jIpK0mvoaocNxRW3JRvUWhPJw5rDfTu/pj8RYv4kEpaYa/jFdBTMioEXSEDZpESVDZyjwOy8gQ\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 27 Nov 2023 17:09:16 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003dF7E03BED6DAF6EEAEBE52041E5C82CB1~YAAQXXYGF5S4xYSEAQAAZIgQuhF2I/x1kbEwmIAUwF+J8Fa7qqFEPIpn/Umagn14Sa5uX2uiOK+25V6w1/DE+Ea7iAFW7REeoCMU/C6F/QCQjI1h9zfIJzjTdO9O0+hrNomTFlOmW5iX0usq+Ug5UpE/jC/qlI7Qf/nnXcphsqzpshOllR3VxV37aaCpXfeP3M7HmdogL8IRDEA0aq3pSfdHsBY/ZWaWCvO9SGfscJ1ZhOq4JF4aWkgGQvt+6EBB/oESc5P+K0vGffCy4tLiFmZZh6HIiXl9fE6ctf1cptEO7/ENV0JFVebTImBZ~3552833~4408117; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dSun, 27 Nov 2022 21:09:16 GMT; Max-Age\u003d14400; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d95",
    "origin; dur\u003d172"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"access_token":"awdxzQ_XkxXj9Oan1N3JsCPNQgYNtOl_MlUfwKjZDLI.B55IS2NJhhSYFLV1hyVIQ_SAHq5vA4qvT9jwrS0KzqBk-1YvHopvkgSJXHN0TiQ_Zf2NHB3XFmoSk8Q4njH4Dw.M18xNjY5NTY4OTU2XzE4","expires_in":7199,"id_token":"eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJZS0NrLWRSZ3NLQzJNY0wtUWJ0bERnIiwiYXVkIjpbImQ4Njg1MDQwLTQ5ZjgtNGUzYS05MWM5LTlhYzU4OTY3MzkxYyJdLCJhdXRoX3RpbWUiOjE2Njk1Njg0MDgsImV4cCI6MTY2OTU3NjE1NiwiaWF0IjoxNjY5NTY4OTU2LCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiI4NzU5N2MwYS02NDYxLTQ4ZWUtOTAzMC1kZmI0ZTE2NGYyMjUiLCJuYW1lIjoiSVNWIERldiIsIm5vbmNlIjoiWXZYYVBqQ01zTCIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NTY4OTUzLCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoiQTZCYWFQZjNyZktNZ25rN19PUTB5USIsInNfaGFzaCI6IlRLSE9uMlNiV1U3UEFjeEJmcDFYcEEiLCJzdWIiOiI2MTYwMDE3TjY3In0.CO954dQ3IC8sbZp6kbnehrVOPV3myhlR-kKX5-WA40a4utqW_JWIEHDejA6ZhqjDZQpyGDXLkYb-kBJvQTF_Nt3DMP-ilMcETJdbVfSFjzjiOlRkC0zYbiAmptir-siRy3_3fUb2C3yMA3yTdHzhFU4PZsrQ5Hf40lsxI7bLRhyD7Qwwp2MJ8kz_jrWt4ji_Bu-tU8moA5incWfFcwDvgT-e1yeQTQchdES5bpt7BcqjqoMU2j6GD7Ezg3QPBMD7EqwC3Pde068AbBhxl5M3X3nDtHwaxmXlcGKYAs4wo2gwrKVBP2G_ljCmlFjLTVKs0UePpQBPgwEsuyg5dOHhHw","refresh_token":"-SiFushSBqRtv19yrGu3iSVBPkRkkvqnZ9zEBnedsHI.eStevUx7wlmic3LXj4KfHRapSa8JhFjn_wTnXrhWwchTCZgQZ6gJp9veIE2iSP6BTvDrjaty4KLyJ3Ab8Whilg.M18xNjY5NTY4OTU2XzE4","scope":"openid","token_type":"bearer"}
2022-11-27 17:09:16 SUCCESS
CallTokenEndpoint
Parsed token endpoint response
access_token
awdxzQ_XkxXj9Oan1N3JsCPNQgYNtOl_MlUfwKjZDLI.B55IS2NJhhSYFLV1hyVIQ_SAHq5vA4qvT9jwrS0KzqBk-1YvHopvkgSJXHN0TiQ_Zf2NHB3XFmoSk8Q4njH4Dw.M18xNjY5NTY4OTU2XzE4
expires_in
7199
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJZS0NrLWRSZ3NLQzJNY0wtUWJ0bERnIiwiYXVkIjpbImQ4Njg1MDQwLTQ5ZjgtNGUzYS05MWM5LTlhYzU4OTY3MzkxYyJdLCJhdXRoX3RpbWUiOjE2Njk1Njg0MDgsImV4cCI6MTY2OTU3NjE1NiwiaWF0IjoxNjY5NTY4OTU2LCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiI4NzU5N2MwYS02NDYxLTQ4ZWUtOTAzMC1kZmI0ZTE2NGYyMjUiLCJuYW1lIjoiSVNWIERldiIsIm5vbmNlIjoiWXZYYVBqQ01zTCIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NTY4OTUzLCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoiQTZCYWFQZjNyZktNZ25rN19PUTB5USIsInNfaGFzaCI6IlRLSE9uMlNiV1U3UEFjeEJmcDFYcEEiLCJzdWIiOiI2MTYwMDE3TjY3In0.CO954dQ3IC8sbZp6kbnehrVOPV3myhlR-kKX5-WA40a4utqW_JWIEHDejA6ZhqjDZQpyGDXLkYb-kBJvQTF_Nt3DMP-ilMcETJdbVfSFjzjiOlRkC0zYbiAmptir-siRy3_3fUb2C3yMA3yTdHzhFU4PZsrQ5Hf40lsxI7bLRhyD7Qwwp2MJ8kz_jrWt4ji_Bu-tU8moA5incWfFcwDvgT-e1yeQTQchdES5bpt7BcqjqoMU2j6GD7Ezg3QPBMD7EqwC3Pde068AbBhxl5M3X3nDtHwaxmXlcGKYAs4wo2gwrKVBP2G_ljCmlFjLTVKs0UePpQBPgwEsuyg5dOHhHw
refresh_token
-SiFushSBqRtv19yrGu3iSVBPkRkkvqnZ9zEBnedsHI.eStevUx7wlmic3LXj4KfHRapSa8JhFjn_wTnXrhWwchTCZgQZ6gJp9veIE2iSP6BTvDrjaty4KLyJ3Ab8Whilg.M18xNjY5NTY4OTU2XzE4
scope
openid
token_type
bearer
2022-11-27 17:09:16 SUCCESS
CheckIfTokenEndpointResponseError
No error from token endpoint
2022-11-27 17:09:16 SUCCESS
CheckForAccessTokenValue
Found an access token
access_token
awdxzQ_XkxXj9Oan1N3JsCPNQgYNtOl_MlUfwKjZDLI.B55IS2NJhhSYFLV1hyVIQ_SAHq5vA4qvT9jwrS0KzqBk-1YvHopvkgSJXHN0TiQ_Zf2NHB3XFmoSk8Q4njH4Dw.M18xNjY5NTY4OTU2XzE4
2022-11-27 17:09:16 SUCCESS
ExtractAccessTokenFromTokenResponse
Extracted the access token
value
awdxzQ_XkxXj9Oan1N3JsCPNQgYNtOl_MlUfwKjZDLI.B55IS2NJhhSYFLV1hyVIQ_SAHq5vA4qvT9jwrS0KzqBk-1YvHopvkgSJXHN0TiQ_Zf2NHB3XFmoSk8Q4njH4Dw.M18xNjY5NTY4OTU2XzE4
type
bearer
2022-11-27 17:09:16 SUCCESS
ExtractExpiresInFromTokenEndpointResponse
Extracted 'expires_in'
expires_in
7199
2022-11-27 17:09:16 SUCCESS
ValidateExpiresIn
expires_in passed all validation checks
expires_in
7199
2022-11-27 17:09:16 SUCCESS
CheckForRefreshTokenValue
Found a refresh token
refresh_token
-SiFushSBqRtv19yrGu3iSVBPkRkkvqnZ9zEBnedsHI.eStevUx7wlmic3LXj4KfHRapSa8JhFjn_wTnXrhWwchTCZgQZ6gJp9veIE2iSP6BTvDrjaty4KLyJ3Ab8Whilg.M18xNjY5NTY4OTU2XzE4
2022-11-27 17:09:16 SUCCESS
ExtractIdTokenFromTokenResponse
Found and parsed the id_token from token_endpoint_response
value
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJZS0NrLWRSZ3NLQzJNY0wtUWJ0bERnIiwiYXVkIjpbImQ4Njg1MDQwLTQ5ZjgtNGUzYS05MWM5LTlhYzU4OTY3MzkxYyJdLCJhdXRoX3RpbWUiOjE2Njk1Njg0MDgsImV4cCI6MTY2OTU3NjE1NiwiaWF0IjoxNjY5NTY4OTU2LCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiI4NzU5N2MwYS02NDYxLTQ4ZWUtOTAzMC1kZmI0ZTE2NGYyMjUiLCJuYW1lIjoiSVNWIERldiIsIm5vbmNlIjoiWXZYYVBqQ01zTCIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NTY4OTUzLCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoiQTZCYWFQZjNyZktNZ25rN19PUTB5USIsInNfaGFzaCI6IlRLSE9uMlNiV1U3UEFjeEJmcDFYcEEiLCJzdWIiOiI2MTYwMDE3TjY3In0.CO954dQ3IC8sbZp6kbnehrVOPV3myhlR-kKX5-WA40a4utqW_JWIEHDejA6ZhqjDZQpyGDXLkYb-kBJvQTF_Nt3DMP-ilMcETJdbVfSFjzjiOlRkC0zYbiAmptir-siRy3_3fUb2C3yMA3yTdHzhFU4PZsrQ5Hf40lsxI7bLRhyD7Qwwp2MJ8kz_jrWt4ji_Bu-tU8moA5incWfFcwDvgT-e1yeQTQchdES5bpt7BcqjqoMU2j6GD7Ezg3QPBMD7EqwC3Pde068AbBhxl5M3X3nDtHwaxmXlcGKYAs4wo2gwrKVBP2G_ljCmlFjLTVKs0UePpQBPgwEsuyg5dOHhHw
header
{
  "kid": "server",
  "alg": "RS256"
}
claims
{
  "at_hash": "YKCk-dRgsKC2McL-QbtlDg",
  "sub": "6160017N67",
  "rat": 1669568953,
  "realmName": "cloudIdentityRealm",
  "amr": [
    "password"
  ],
  "iss": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "preferred_username": "isvdev@ibm.com",
  "nonce": "YvXaPjCMsL",
  "rt_hash": "A6BaaPf3rfKMgnk7_OQ0yQ",
  "acr": "urn:ibm:security:policy:id:1",
  "aud": "d8685040-49f8-4e3a-91c9-9ac58967391c",
  "s_hash": "TKHOn2SbWU7PAcxBfp1XpA",
  "auth_time": 1669568408,
  "name": "ISV Dev",
  "exp": 1669576156,
  "iat": 1669568956,
  "jti": "87597c0a-6461-48ee-9030-dfb4e164f225"
}
2022-11-27 17:09:16 SUCCESS
ValidateIdToken
ID token iss, aud, exp, iat, auth_time, acr & nbf claims passed validation checks
2022-11-27 17:09:16
ValidateIdTokenStandardClaims
sub is a string with content
2022-11-27 17:09:16
ValidateIdTokenStandardClaims
Skipping unknown claim: rat
2022-11-27 17:09:16
ValidateIdTokenStandardClaims
Skipping unknown claim: realmName
2022-11-27 17:09:16
ValidateIdTokenStandardClaims
preferred_username is a string with content
2022-11-27 17:09:16
ValidateIdTokenStandardClaims
Skipping unknown claim: rt_hash
2022-11-27 17:09:16
ValidateIdTokenStandardClaims
name is a string with content
2022-11-27 17:09:16 SUCCESS
ValidateIdTokenStandardClaims
id_token claims are valid
2022-11-27 17:09:16 SUCCESS
ValidateIdTokenNonce
Nonce values match
nonce
YvXaPjCMsL
2022-11-27 17:09:16 SUCCESS
ValidateIdTokenACRClaimAgainstRequest
Nothing to check; the conformance suite did not request an acr claim in request object
2022-11-27 17:09:16 SUCCESS
ValidateIdTokenSignature
id_token signature validated
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJZS0NrLWRSZ3NLQzJNY0wtUWJ0bERnIiwiYXVkIjpbImQ4Njg1MDQwLTQ5ZjgtNGUzYS05MWM5LTlhYzU4OTY3MzkxYyJdLCJhdXRoX3RpbWUiOjE2Njk1Njg0MDgsImV4cCI6MTY2OTU3NjE1NiwiaWF0IjoxNjY5NTY4OTU2LCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiI4NzU5N2MwYS02NDYxLTQ4ZWUtOTAzMC1kZmI0ZTE2NGYyMjUiLCJuYW1lIjoiSVNWIERldiIsIm5vbmNlIjoiWXZYYVBqQ01zTCIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NTY4OTUzLCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoiQTZCYWFQZjNyZktNZ25rN19PUTB5USIsInNfaGFzaCI6IlRLSE9uMlNiV1U3UEFjeEJmcDFYcEEiLCJzdWIiOiI2MTYwMDE3TjY3In0.CO954dQ3IC8sbZp6kbnehrVOPV3myhlR-kKX5-WA40a4utqW_JWIEHDejA6ZhqjDZQpyGDXLkYb-kBJvQTF_Nt3DMP-ilMcETJdbVfSFjzjiOlRkC0zYbiAmptir-siRy3_3fUb2C3yMA3yTdHzhFU4PZsrQ5Hf40lsxI7bLRhyD7Qwwp2MJ8kz_jrWt4ji_Bu-tU8moA5incWfFcwDvgT-e1yeQTQchdES5bpt7BcqjqoMU2j6GD7Ezg3QPBMD7EqwC3Pde068AbBhxl5M3X3nDtHwaxmXlcGKYAs4wo2gwrKVBP2G_ljCmlFjLTVKs0UePpQBPgwEsuyg5dOHhHw
2022-11-27 17:09:16 SUCCESS
ValidateIdTokenSignatureUsingKid
id_token signature validated
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJZS0NrLWRSZ3NLQzJNY0wtUWJ0bERnIiwiYXVkIjpbImQ4Njg1MDQwLTQ5ZjgtNGUzYS05MWM5LTlhYzU4OTY3MzkxYyJdLCJhdXRoX3RpbWUiOjE2Njk1Njg0MDgsImV4cCI6MTY2OTU3NjE1NiwiaWF0IjoxNjY5NTY4OTU2LCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiI4NzU5N2MwYS02NDYxLTQ4ZWUtOTAzMC1kZmI0ZTE2NGYyMjUiLCJuYW1lIjoiSVNWIERldiIsIm5vbmNlIjoiWXZYYVBqQ01zTCIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NTY4OTUzLCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoiQTZCYWFQZjNyZktNZ25rN19PUTB5USIsInNfaGFzaCI6IlRLSE9uMlNiV1U3UEFjeEJmcDFYcEEiLCJzdWIiOiI2MTYwMDE3TjY3In0.CO954dQ3IC8sbZp6kbnehrVOPV3myhlR-kKX5-WA40a4utqW_JWIEHDejA6ZhqjDZQpyGDXLkYb-kBJvQTF_Nt3DMP-ilMcETJdbVfSFjzjiOlRkC0zYbiAmptir-siRy3_3fUb2C3yMA3yTdHzhFU4PZsrQ5Hf40lsxI7bLRhyD7Qwwp2MJ8kz_jrWt4ji_Bu-tU8moA5incWfFcwDvgT-e1yeQTQchdES5bpt7BcqjqoMU2j6GD7Ezg3QPBMD7EqwC3Pde068AbBhxl5M3X3nDtHwaxmXlcGKYAs4wo2gwrKVBP2G_ljCmlFjLTVKs0UePpQBPgwEsuyg5dOHhHw
2022-11-27 17:09:16 SUCCESS
CheckForSubjectInIdToken
Found 'sub' in id_token
sub
6160017N67
2022-11-27 17:09:16
EnsureIdTokenUpdatedAtValid
id_token response does not contain 'updated_at'
2022-11-27 17:09:16 INFO
ValidateEncryptedIdTokenHasKid
Skipped evaluation due to missing required element: id_token jwe_header
path
jwe_header
mapped
object
id_token
2022-11-27 17:09:16 SUCCESS
VerifyIdTokenSubConsistentHybridFlow
authorization endpoint and token endpoint id_token have same sub
sub_auth_endpoint
6160017N67
sub_token_endpoint
6160017N67
2022-11-27 17:09:16 SUCCESS
ExtractRefreshTokenFromTokenResponse
Extracted refresh token from response
refresh_token
-SiFushSBqRtv19yrGu3iSVBPkRkkvqnZ9zEBnedsHI.eStevUx7wlmic3LXj4KfHRapSa8JhFjn_wTnXrhWwchTCZgQZ6gJp9veIE2iSP6BTvDrjaty4KLyJ3Ab8Whilg.M18xNjY5NTY4OTU2XzE4
2022-11-27 17:09:16 SUCCESS
EnsureServerConfigurationSupportsRefreshToken
The server configuration indicates support for refresh tokens
supported_grant_types
[
  "authorization_code",
  "implicit",
  "password",
  "refresh_token",
  "client_credentials"
]
2022-11-27 17:09:16 SUCCESS
EnsureRefreshTokenContainsAllowedCharactersOnly
Refresh token does not contain any illegal characters
Refresh Token Request
2022-11-27 17:09:16 SUCCESS
CreateRefreshTokenRequest
Created token endpoint request parameters
grant_type
refresh_token
refresh_token
-SiFushSBqRtv19yrGu3iSVBPkRkkvqnZ9zEBnedsHI.eStevUx7wlmic3LXj4KfHRapSa8JhFjn_wTnXrhWwchTCZgQZ6gJp9veIE2iSP6BTvDrjaty4KLyJ3Ab8Whilg.M18xNjY5NTY4OTU2XzE4
2022-11-27 17:09:16 SUCCESS
AddScopeToTokenEndpointRequest
Added scope of 'openid' to token endpoint request
grant_type
refresh_token
refresh_token
-SiFushSBqRtv19yrGu3iSVBPkRkkvqnZ9zEBnedsHI.eStevUx7wlmic3LXj4KfHRapSa8JhFjn_wTnXrhWwchTCZgQZ6gJp9veIE2iSP6BTvDrjaty4KLyJ3Ab8Whilg.M18xNjY5NTY4OTU2XzE4
scope
openid
2022-11-27 17:09:16 SUCCESS
AddBasicAuthClientSecretAuthenticationParameters
Added basic authorization header
Authorization
Basic ZDg2ODUwNDAtNDlmOC00ZTNhLTkxYzktOWFjNTg5NjczOTFjOk80b2EzT1NrUmM=
2022-11-27 17:09:16 SUCCESS
WaitForOneSecond
Pausing for 1 seconds
2022-11-27 17:09:17 SUCCESS
WaitForOneSecond
Woke up after 1 seconds sleep
2022-11-27 17:09:17
CallTokenEndpointAndReturnFullResponse
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/token
request_method
POST
request_headers
{
  "accept": "application/json",
  "authorization": "Basic ZDg2ODUwNDAtNDlmOC00ZTNhLTkxYzktOWFjNTg5NjczOTFjOk80b2EzT1NrUmM\u003d",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "203"
}
request_body
grant_type=refresh_token&refresh_token=-SiFushSBqRtv19yrGu3iSVBPkRkkvqnZ9zEBnedsHI.eStevUx7wlmic3LXj4KfHRapSa8JhFjn_wTnXrhWwchTCZgQZ6gJp9veIE2iSP6BTvDrjaty4KLyJ3Ab8Whilg.M18xNjY5NTY4OTU2XzE4&scope=openid
2022-11-27 17:09:17 RESPONSE
CallTokenEndpointAndReturnFullResponse
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AKd0b77c79-a6fd-421b-9fe1-6de4c432cef3",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c281638399bd35112d81",
  "content-length": "1425",
  "date": "Sun, 27 Nov 2022 17:09:17 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:KnZtwt1lwzsYtEp7eqGB3TK1eUGcnuapfFn3tzu1KuE\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:61017047; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003dA5DCF32CD07120567192E9B2CB6DD32D~-1~YAAQXXYGF7C4xYSEAQAAro0QughlkBHUmFhG/b7nmMI6gMAS8fMdOftGnl0te7TEdLGylzf4EpS28bP1ntb8mqj0FmHBvTiMtsPfsLfhOsxykTTf7bAMs9LzpSvl6dX6czDkEcLgPDEdBPHYHNRHiDjgydnhjA8z0K4/0wtscyi63pjDCG4HZr8kN3Cb4Sa6tAl07rZRZW/1KbWRG5YcR6Iys30TiHseapvnngqHpSebta6OkQQNgNLLcc595IZmmMWwOmo2BOR+bfor9LkV2DbWZKIDauVNT3I+bEsKRW01dXPimLVhUpY2d9xUyWrxP1q96OaTlzrtJn0e72JaOzC1vZK1MyvUV8wDBiMisl0VdN00HU3emUUfssPSRCrZtTClp+M\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 27 Nov 2023 17:09:17 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003dD2FC9AEEB9B94B09DF20459011D79C81~YAAQXXYGF7G4xYSEAQAAro0QuhGF1ysgSwi3LomCLkXS4sz1ZP7OrATnuVJOk2YR/psenABi3P3+j+X7P+TOcnFpvBDdY3pwOgB/a4/Uzc50l+NpoA6qIBNV1Tg6RaPr2M2mgllnX9/fQvydbDnIByV9rIN8U9vetY2fDlm2p+11jN3YDvMsg/kDlr51o8p79x0tX0dcFAdU88ceE4hL5cdtClIhgkr5TNT70B5Q2f/lBS2BNVAUGlWDe9KEmxPvbWwvrMBC7hgqdNvJHtAESWDMTT0coiGZqUfJnywNjQ9DO2J0abrwwBQd71/i~3356737~4272182; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dSun, 27 Nov 2022 21:09:17 GMT; Max-Age\u003d14400; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d95",
    "origin; dur\u003d163"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"access_token":"co_S7cbCssznDYh0Q3_qIQsE_wPOmenK4mYRbJG9F68.y5PVm069A1uYYrQgoUHSDIfR7GfPxxxjKDbx2oj-gJqZoAyJcPjHuQzTRlqLH9zmu3bchp_WmBNiNik6FoQCIw.M18xNjY5NTY4OTU3XzE4","expires_in":7200,"id_token":"eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJHM25mYXBQdk5kU1Q5VGttSkpKN093IiwiYXVkIjpbImQ4Njg1MDQwLTQ5ZjgtNGUzYS05MWM5LTlhYzU4OTY3MzkxYyJdLCJhdXRoX3RpbWUiOjE2Njk1Njg0MDgsImV4cCI6MTY2OTU3NjE1NywiaWF0IjoxNjY5NTY4OTU3LCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiJlNGI4YzVjMS1kMDJhLTQxNjgtYWYzYi00YzM1NDdlMjFhMzUiLCJuYW1lIjoiSVNWIERldiIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NTY4OTUzLCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoiNmVMNEUxa25OQUNqM3JjTHpHa0JqZyIsInN1YiI6IjYxNjAwMTdONjcifQ.afL-6pITjdZ1tDQqsEWONTpdo4Oj1pGv8lfT4d27DeInWX3IbXRZnUz3pc87-45biF4TdGshUC99R3cGpVnx_7-SD8mgKY8LoiWFKea9FrNX8m64Jadwmg8T-1njnY1xB7O3Ar2Y5im5SBDvNVORhvMlnbM8hNiB0WpgdHvBKduE28M0T0i2CTwYsgwc19lCAnVdbHOI7pOfUOmT4y8T9jwBGQeJ_POv8mUZyl__zXYyuReHj5ss1cFwAG8iA_76IKnfcWu1zupu1gP10QsPNMl_HMCt9VsMoYLTLFN4VRAj5smhBQlmg-n7Ma_pEYkJJGCZgaklvmVCFFwrdM1O_Q","refresh_token":"hVD2sj4L9TNMAP4gqRkWAqCnDXcVixfTPOs-CLfyXmQ.0xrioX2iEnMKhhOlbRt5Y7WARCvwBb-3NLpOt2qA6f-i28x1rCJq_eaJD0K2gC89UWkUgt3xl4qU69oblRWZWg.M18xNjY5NTY4OTU3XzE4","scope":"openid","token_type":"bearer"}
2022-11-27 17:09:17 SUCCESS
CallTokenEndpointAndReturnFullResponse
Parsed token endpoint response
access_token
co_S7cbCssznDYh0Q3_qIQsE_wPOmenK4mYRbJG9F68.y5PVm069A1uYYrQgoUHSDIfR7GfPxxxjKDbx2oj-gJqZoAyJcPjHuQzTRlqLH9zmu3bchp_WmBNiNik6FoQCIw.M18xNjY5NTY4OTU3XzE4
expires_in
7200
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJHM25mYXBQdk5kU1Q5VGttSkpKN093IiwiYXVkIjpbImQ4Njg1MDQwLTQ5ZjgtNGUzYS05MWM5LTlhYzU4OTY3MzkxYyJdLCJhdXRoX3RpbWUiOjE2Njk1Njg0MDgsImV4cCI6MTY2OTU3NjE1NywiaWF0IjoxNjY5NTY4OTU3LCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiJlNGI4YzVjMS1kMDJhLTQxNjgtYWYzYi00YzM1NDdlMjFhMzUiLCJuYW1lIjoiSVNWIERldiIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NTY4OTUzLCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoiNmVMNEUxa25OQUNqM3JjTHpHa0JqZyIsInN1YiI6IjYxNjAwMTdONjcifQ.afL-6pITjdZ1tDQqsEWONTpdo4Oj1pGv8lfT4d27DeInWX3IbXRZnUz3pc87-45biF4TdGshUC99R3cGpVnx_7-SD8mgKY8LoiWFKea9FrNX8m64Jadwmg8T-1njnY1xB7O3Ar2Y5im5SBDvNVORhvMlnbM8hNiB0WpgdHvBKduE28M0T0i2CTwYsgwc19lCAnVdbHOI7pOfUOmT4y8T9jwBGQeJ_POv8mUZyl__zXYyuReHj5ss1cFwAG8iA_76IKnfcWu1zupu1gP10QsPNMl_HMCt9VsMoYLTLFN4VRAj5smhBQlmg-n7Ma_pEYkJJGCZgaklvmVCFFwrdM1O_Q
refresh_token
hVD2sj4L9TNMAP4gqRkWAqCnDXcVixfTPOs-CLfyXmQ.0xrioX2iEnMKhhOlbRt5Y7WARCvwBb-3NLpOt2qA6f-i28x1rCJq_eaJD0K2gC89UWkUgt3xl4qU69oblRWZWg.M18xNjY5NTY4OTU3XzE4
scope
openid
token_type
bearer
2022-11-27 17:09:17 SUCCESS
CheckTokenEndpointHttpStatus200
Token endpoint http status code was 200
2022-11-27 17:09:17 SUCCESS
CheckTokenEndpointReturnedJsonContentType
token_endpoint_response_headers Content-Type: header is application/json
2022-11-27 17:09:17 SUCCESS
CheckTokenEndpointCacheHeaders
'cache-control' header in token endpoint response contains expected value.
cache_control_header
no-store
2022-11-27 17:09:17 SUCCESS
CheckIfTokenEndpointResponseError
No error from token endpoint
2022-11-27 17:09:17 SUCCESS
ExtractAccessTokenFromTokenResponse
Extracted the access token
value
co_S7cbCssznDYh0Q3_qIQsE_wPOmenK4mYRbJG9F68.y5PVm069A1uYYrQgoUHSDIfR7GfPxxxjKDbx2oj-gJqZoAyJcPjHuQzTRlqLH9zmu3bchp_WmBNiNik6FoQCIw.M18xNjY5NTY4OTU3XzE4
type
bearer
2022-11-27 17:09:17 SUCCESS
CheckTokenTypeIsBearer
Token type is bearer
2022-11-27 17:09:17 SUCCESS
EnsureMinimumAccessTokenEntropy
Calculated shannon entropy seems sufficient
actual
869.2372412078875
expected
96.0
value
co_S7cbCssznDYh0Q3_qIQsE_wPOmenK4mYRbJG9F68.y5PVm069A1uYYrQgoUHSDIfR7GfPxxxjKDbx2oj-gJqZoAyJcPjHuQzTRlqLH9zmu3bchp_WmBNiNik6FoQCIw.M18xNjY5NTY4OTU3XzE4
2022-11-27 17:09:17 SUCCESS
EnsureAccessTokenContainsAllowedCharactersOnly
Access token does not contain any illegal characters
2022-11-27 17:09:17 SUCCESS
ExtractExpiresInFromTokenEndpointResponse
Extracted 'expires_in'
expires_in
7200
2022-11-27 17:09:17 SUCCESS
ValidateExpiresIn
expires_in passed all validation checks
expires_in
7200
2022-11-27 17:09:17 SUCCESS
EnsureAccessTokenValuesAreDifferent
Access token values are not the same
first_access_token
awdxzQ_XkxXj9Oan1N3JsCPNQgYNtOl_MlUfwKjZDLI.B55IS2NJhhSYFLV1hyVIQ_SAHq5vA4qvT9jwrS0KzqBk-1YvHopvkgSJXHN0TiQ_Zf2NHB3XFmoSk8Q4njH4Dw.M18xNjY5NTY4OTU2XzE4
second_access_token
co_S7cbCssznDYh0Q3_qIQsE_wPOmenK4mYRbJG9F68.y5PVm069A1uYYrQgoUHSDIfR7GfPxxxjKDbx2oj-gJqZoAyJcPjHuQzTRlqLH9zmu3bchp_WmBNiNik6FoQCIw.M18xNjY5NTY4OTU3XzE4
2022-11-27 17:09:17 SUCCESS
ExtractIdTokenFromTokenResponse
Found and parsed the id_token from token_endpoint_response
value
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJHM25mYXBQdk5kU1Q5VGttSkpKN093IiwiYXVkIjpbImQ4Njg1MDQwLTQ5ZjgtNGUzYS05MWM5LTlhYzU4OTY3MzkxYyJdLCJhdXRoX3RpbWUiOjE2Njk1Njg0MDgsImV4cCI6MTY2OTU3NjE1NywiaWF0IjoxNjY5NTY4OTU3LCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiJlNGI4YzVjMS1kMDJhLTQxNjgtYWYzYi00YzM1NDdlMjFhMzUiLCJuYW1lIjoiSVNWIERldiIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NTY4OTUzLCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoiNmVMNEUxa25OQUNqM3JjTHpHa0JqZyIsInN1YiI6IjYxNjAwMTdONjcifQ.afL-6pITjdZ1tDQqsEWONTpdo4Oj1pGv8lfT4d27DeInWX3IbXRZnUz3pc87-45biF4TdGshUC99R3cGpVnx_7-SD8mgKY8LoiWFKea9FrNX8m64Jadwmg8T-1njnY1xB7O3Ar2Y5im5SBDvNVORhvMlnbM8hNiB0WpgdHvBKduE28M0T0i2CTwYsgwc19lCAnVdbHOI7pOfUOmT4y8T9jwBGQeJ_POv8mUZyl__zXYyuReHj5ss1cFwAG8iA_76IKnfcWu1zupu1gP10QsPNMl_HMCt9VsMoYLTLFN4VRAj5smhBQlmg-n7Ma_pEYkJJGCZgaklvmVCFFwrdM1O_Q
header
{
  "kid": "server",
  "alg": "RS256"
}
claims
{
  "at_hash": "G3nfapPvNdST9TkmJJJ7Ow",
  "sub": "6160017N67",
  "rat": 1669568953,
  "realmName": "cloudIdentityRealm",
  "amr": [
    "password"
  ],
  "iss": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "preferred_username": "isvdev@ibm.com",
  "rt_hash": "6eL4E1knNACj3rcLzGkBjg",
  "acr": "urn:ibm:security:policy:id:1",
  "aud": "d8685040-49f8-4e3a-91c9-9ac58967391c",
  "auth_time": 1669568408,
  "name": "ISV Dev",
  "exp": 1669576157,
  "iat": 1669568957,
  "jti": "e4b8c5c1-d02a-4168-af3b-4c3547e21a35"
}
2022-11-27 17:09:17 SUCCESS
ExtractRefreshTokenFromTokenResponse
Extracted refresh token from response
refresh_token
hVD2sj4L9TNMAP4gqRkWAqCnDXcVixfTPOs-CLfyXmQ.0xrioX2iEnMKhhOlbRt5Y7WARCvwBb-3NLpOt2qA6f-i28x1rCJq_eaJD0K2gC89UWkUgt3xl4qU69oblRWZWg.M18xNjY5NTY4OTU3XzE4
2022-11-27 17:09:17 SUCCESS
EnsureMinimumRefreshTokenLength
Refresh token is of sufficient length
actual
1208
required
128
2022-11-27 17:09:17 SUCCESS
EnsureMinimumRefreshTokenEntropy
Calculated shannon entropy seems sufficient
actual
857.5277352633406
expected
96.0
value
hVD2sj4L9TNMAP4gqRkWAqCnDXcVixfTPOs-CLfyXmQ.0xrioX2iEnMKhhOlbRt5Y7WARCvwBb-3NLpOt2qA6f-i28x1rCJq_eaJD0K2gC89UWkUgt3xl4qU69oblRWZWg.M18xNjY5NTY4OTU3XzE4
2022-11-27 17:09:17 SUCCESS
CompareIdTokenClaims
Validated id token claims successfully
iss
{
  "first": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "second": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "note": "Values are expected to be equal"
}
sub
{
  "first": "6160017N67",
  "second": "6160017N67",
  "note": "Values are expected to be equal"
}
iat
{
  "first": 1669568956,
  "second": 1669568957,
  "note": "Values are expected to be different"
}
aud
{
  "first": "d8685040-49f8-4e3a-91c9-9ac58967391c",
  "second": "d8685040-49f8-4e3a-91c9-9ac58967391c",
  "note": "Values are expected to be equal"
}
auth_time
{
  "first": 1669568408,
  "second": 1669568408,
  "note": "Values are expected to be equal"
}
azp
Id tokens do not contain azp claims
Userinfo endpoint tests
2022-11-27 17:09:17
CallProtectedResource
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/userinfo
request_method
GET
request_headers
{
  "accept": "application/json",
  "authorization": "bearer co_S7cbCssznDYh0Q3_qIQsE_wPOmenK4mYRbJG9F68.y5PVm069A1uYYrQgoUHSDIfR7GfPxxxjKDbx2oj-gJqZoAyJcPjHuQzTRlqLH9zmu3bchp_WmBNiNik6FoQCIw.M18xNjY5NTY4OTU3XzE4",
  "content-length": "0"
}
request_body

                                
2022-11-27 17:09:18 RESPONSE
CallProtectedResource
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK018b6cd1-8ebd-4061-9eb4-1493f8df9991",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c281638399be10d021b9",
  "content-length": "324",
  "date": "Sun, 27 Nov 2022 17:09:18 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:bEj29vqHfL82n9CUgFWZF3vCRDzf6NxtYYJ5RoivjFQ\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:57871319; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d3C18E40C7B05F675A70CA26A91152940~-1~YAAQXXYGF7O4xYSEAQAA2Y4QughMjKMptnwtIx1925Yy62CmQYJl5tR5W0RnPdO8co3CRFlWGQt8T+qZYpdikkPbqC+ATp2tukv8OOMFXLhdvY1Yigx9oaMc3yQ9U433/lTykobqQcxrrpCfSsuwpAbUUg4aUGFPCeNTUYqmmfk73pJlVw6B+RwXF7s9q/2+9kkKtKZjMov38NWqRM3SVaYXmjAGBzYaP8xy05Uk2Yhs4V4ys003YlnxVoDhyOS7LJa2gO5IgOhowxSD78avRgLSd+WJtE/OdcsdJwcYix/tnpekEDLxJu2aVR7iE0VQ5SbMhlUobF86FBQCu/W7sHXNS4avNgAOm9eDdtWna3i4nG0Qich7soadqLRLbBjf294HE1M\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 27 Nov 2023 17:09:18 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d97C771189A9B401E6DDCDF262446AD50~YAAQXXYGF7S4xYSEAQAA2Y4QuhFxcQ+NEJ8yI6l5SVnBdbH8gpbQJfV3YEirDYRmkjkYsMuwscmYdqYWd5HjrPr5tYJsO06GOVloLUP//RLpNyi3BXTroi8fe+kKbWEED9/3Ea/hhZgvwQ7iqylHwKrniYRmKZRnv+NH+araLJD/yA+3T+xYHgQJU5F3Rw3wAGS6AF9juF9P5XXSr9DNz8UvLVML4A5ik4BFegu+7jbdZ+anuRPc6iGBdsN/J/ZDsZ02pBReW+I275c7NgzT6K9iSJwi7AiBZxRx90O/p0HdIcZfiCFl/6lTdB1p~3356737~4272182; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dSun, 27 Nov 2022 21:09:17 GMT; Max-Age\u003d14399; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d99",
    "origin; dur\u003d106"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"acr":"urn:ibm:security:policy:id:1","amr":["password"],"aud":["d8685040-49f8-4e3a-91c9-9ac58967391c"],"auth_time":1669568408,"iss":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2","name":"ISV Dev","preferred_username":"isvdev@ibm.com","rat":1669568953,"realmName":"cloudIdentityRealm","sub":"6160017N67"}
2022-11-27 17:09:18 SUCCESS
CallProtectedResource
Got a response from the resource endpoint
status
200
endpoint_name
resource
headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK018b6cd1-8ebd-4061-9eb4-1493f8df9991",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c281638399be10d021b9",
  "content-length": "324",
  "date": "Sun, 27 Nov 2022 17:09:18 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:bEj29vqHfL82n9CUgFWZF3vCRDzf6NxtYYJ5RoivjFQ\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:57871319; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d3C18E40C7B05F675A70CA26A91152940~-1~YAAQXXYGF7O4xYSEAQAA2Y4QughMjKMptnwtIx1925Yy62CmQYJl5tR5W0RnPdO8co3CRFlWGQt8T+qZYpdikkPbqC+ATp2tukv8OOMFXLhdvY1Yigx9oaMc3yQ9U433/lTykobqQcxrrpCfSsuwpAbUUg4aUGFPCeNTUYqmmfk73pJlVw6B+RwXF7s9q/2+9kkKtKZjMov38NWqRM3SVaYXmjAGBzYaP8xy05Uk2Yhs4V4ys003YlnxVoDhyOS7LJa2gO5IgOhowxSD78avRgLSd+WJtE/OdcsdJwcYix/tnpekEDLxJu2aVR7iE0VQ5SbMhlUobF86FBQCu/W7sHXNS4avNgAOm9eDdtWna3i4nG0Qich7soadqLRLbBjf294HE1M\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 27 Nov 2023 17:09:18 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d97C771189A9B401E6DDCDF262446AD50~YAAQXXYGF7S4xYSEAQAA2Y4QuhFxcQ+NEJ8yI6l5SVnBdbH8gpbQJfV3YEirDYRmkjkYsMuwscmYdqYWd5HjrPr5tYJsO06GOVloLUP//RLpNyi3BXTroi8fe+kKbWEED9/3Ea/hhZgvwQ7iqylHwKrniYRmKZRnv+NH+araLJD/yA+3T+xYHgQJU5F3Rw3wAGS6AF9juF9P5XXSr9DNz8UvLVML4A5ik4BFegu+7jbdZ+anuRPc6iGBdsN/J/ZDsZ02pBReW+I275c7NgzT6K9iSJwi7AiBZxRx90O/p0HdIcZfiCFl/6lTdB1p~3356737~4272182; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dSun, 27 Nov 2022 21:09:17 GMT; Max-Age\u003d14399; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d99",
    "origin; dur\u003d106"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
body
{"acr":"urn:ibm:security:policy:id:1","amr":["password"],"aud":["d8685040-49f8-4e3a-91c9-9ac58967391c"],"auth_time":1669568408,"iss":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2","name":"ISV Dev","preferred_username":"isvdev@ibm.com","rat":1669568953,"realmName":"cloudIdentityRealm","sub":"6160017N67"}
2022-11-27 17:09:18 SUCCESS
EnsureHttpStatusCodeIs200
resource endpoint returned the expected http status
expected_status
200
http_status
200
Second client: Make request to authorization endpoint
2022-11-27 17:09:18 SUCCESS
CreateAuthorizationEndpointRequestFromClientInformation
Created authorization endpoint request
client_id
7180ed1f-b547-407e-9b5f-b28ca220df14
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
scope
openid
2022-11-27 17:09:18
CreateRandomStateValue
Created state value
requested_state_length
10
state
lZtVzp6dAE
2022-11-27 17:09:18 SUCCESS
AddStateToAuthorizationEndpointRequest
Added state parameter to request
client_id
7180ed1f-b547-407e-9b5f-b28ca220df14
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
scope
openid
state
lZtVzp6dAE
2022-11-27 17:09:18
CreateRandomNonceValue
Created nonce value
requested_nonce_length
10
nonce
FpXjtlwG8I
2022-11-27 17:09:18 SUCCESS
AddNonceToAuthorizationEndpointRequest
Added nonce parameter to request
client_id
7180ed1f-b547-407e-9b5f-b28ca220df14
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
scope
openid
state
lZtVzp6dAE
nonce
FpXjtlwG8I
2022-11-27 17:09:18 SUCCESS
SetAuthorizationEndpointRequestResponseTypeFromEnvironment
Added response_type parameter to request
client_id
7180ed1f-b547-407e-9b5f-b28ca220df14
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
scope
openid
state
lZtVzp6dAE
nonce
FpXjtlwG8I
response_type
code id_token
2022-11-27 17:09:18 SUCCESS
AddPromptConsentToAuthorizationEndpointRequestIfScopeContainsOfflineAccess
Not adding prompt=consent as the scope in the configuration does not contain offline_access
2022-11-27 17:09:18 SUCCESS
BuildPlainRedirectToAuthorizationEndpoint
Sending to authorization endpoint
auth_request
{
  "client_id": "7180ed1f-b547-407e-9b5f-b28ca220df14",
  "redirect_uri": "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback",
  "scope": "openid",
  "state": "lZtVzp6dAE",
  "nonce": "FpXjtlwG8I",
  "response_type": "code id_token"
}
redirect_to_authorization_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/authorize?client_id=7180ed1f-b547-407e-9b5f-b28ca220df14&redirect_uri=https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback&scope=openid&state=lZtVzp6dAE&nonce=FpXjtlwG8I&response_type=code%20id_token
2022-11-27 17:09:18 REDIRECT
oidcc-refresh-token
Redirecting to authorization endpoint
redirect_to
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/authorize?client_id=7180ed1f-b547-407e-9b5f-b28ca220df14&redirect_uri=https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback&scope=openid&state=lZtVzp6dAE&nonce=FpXjtlwG8I&response_type=code%20id_token
2022-11-27 17:09:25 INCOMING
oidcc-refresh-token
Incoming HTTP request to /test/a/isv_op_oidc_core_test/callback
incoming_headers
{
  "host": "www.certification.openid.net",
  "cache-control": "max-age\u003d0",
  "upgrade-insecure-requests": "1",
  "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,image/avif,image/webp,image/apng,*/*;q\u003d0.8,application/signed-exchange;v\u003db3;q\u003d0.9",
  "sec-fetch-site": "cross-site",
  "sec-fetch-mode": "navigate",
  "sec-fetch-user": "?1",
  "sec-fetch-dest": "document",
  "sec-ch-ua": "\"Google Chrome\";v\u003d\"107\", \"Chromium\";v\u003d\"107\", \"Not\u003dA?Brand\";v\u003d\"24\"",
  "sec-ch-ua-mobile": "?0",
  "sec-ch-ua-platform": "\"Windows\"",
  "referer": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-US,en;q\u003d0.9,zh-CN;q\u003d0.8,zh;q\u003d0.7",
  "cookie": "__utmz\u003d201319536.1668662898.14.3.utmcsr\u003dcertification.openid.net|utmccn\u003d(referral)|utmcmd\u003dreferral|utmcct\u003d/; __utmc\u003d201319536; __utma\u003d201319536.1094656506.1667372526.1669169819.1669192421.17; JSESSIONID\u003dA99EA218D2554846F38BDDE459E8C220",
  "connection": "close"
}
incoming_path
/test/a/isv_op_oidc_core_test/callback
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cert
incoming_query_string_params
{}
incoming_body
incoming_tls_chain
[
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL"
]
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_body_json
2022-11-27 17:09:25 SUCCESS
CreateRandomImplicitSubmitUrl
Created random implicit submission URL
implicit_submit
{
  "path": "implicit/PU7OvHMWUkIszVOXOSy1",
  "fullUrl": "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/implicit/PU7OvHMWUkIszVOXOSy1"
}
2022-11-27 17:09:25 OUTGOING
oidcc-refresh-token
Response to HTTP request to test instance BKM0UhVjklHUbnx
outgoing
ModelAndView [view="implicitCallback"; model={implicitSubmitUrl=https://www.certification.openid.net/test/a/isv_op_oidc_core_test/implicit/PU7OvHMWUkIszVOXOSy1, returnUrl=/log-detail.html?log=BKM0UhVjklHUbnx}]
outgoing_path
callback
2022-11-27 17:09:25 INCOMING
oidcc-refresh-token
Incoming HTTP request to /test/a/isv_op_oidc_core_test/implicit/PU7OvHMWUkIszVOXOSy1
incoming_headers
{
  "host": "www.certification.openid.net",
  "sec-ch-ua": "\"Google Chrome\";v\u003d\"107\", \"Chromium\";v\u003d\"107\", \"Not\u003dA?Brand\";v\u003d\"24\"",
  "accept": "*/*",
  "content-type": "text/plain",
  "x-requested-with": "XMLHttpRequest",
  "sec-ch-ua-mobile": "?0",
  "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36",
  "sec-ch-ua-platform": "\"Windows\"",
  "origin": "https://www.certification.openid.net",
  "sec-fetch-site": "same-origin",
  "sec-fetch-mode": "cors",
  "sec-fetch-dest": "empty",
  "referer": "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-US,en;q\u003d0.9,zh-CN;q\u003d0.8,zh;q\u003d0.7",
  "cookie": "__utmz\u003d201319536.1668662898.14.3.utmcsr\u003dcertification.openid.net|utmccn\u003d(referral)|utmcmd\u003dreferral|utmcct\u003d/; __utmc\u003d201319536; __utma\u003d201319536.1094656506.1667372526.1669169819.1669192421.17; JSESSIONID\u003dA99EA218D2554846F38BDDE459E8C220",
  "connection": "close",
  "content-length": "1278"
}
incoming_path
/test/a/isv_op_oidc_core_test/implicit/PU7OvHMWUkIszVOXOSy1
incoming_body_form_params
incoming_method
POST
incoming_tls_version
TLSv1.2
incoming_tls_cert
incoming_query_string_params
{}
incoming_body
#code=5AUiB45vXitvwhViilNYmfK_Luf8PSeAV9kZF7TyxxQ.eyNtmWmqHxE9AU3iOWbcaoF5fRz3-qEah8NEXTc_4B0psFIzol2Leh8wTSSjDhQzHCgpmf0ytiXXlcu4luOk5A&id_token=eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF1ZCI6WyI3MTgwZWQxZi1iNTQ3LTQwN2UtOWI1Zi1iMjhjYTIyMGRmMTQiXSwiYXV0aF90aW1lIjoxNjY5NTY4NDA4LCJjX2hhc2giOiJoVTRaRjUxMHdyVWJtR0xLTHpsODVRIiwiZXhwIjoxNjY5NTc2MTY0LCJpYXQiOjE2Njk1Njg5NjQsImlzcyI6Imh0dHBzOi8vb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tL29hdXRoMiIsImp0aSI6IjZkMjM5ZmUwLWEyMWQtNDk0ZS05MGE4LTk5Y2ZhN2UzZDgyZSIsIm5hbWUiOiJJU1YgRGV2Iiwibm9uY2UiOiJGcFhqdGx3RzhJIiwicHJlZmVycmVkX3VzZXJuYW1lIjoiaXN2ZGV2QGlibS5jb20iLCJyYXQiOjE2Njk1Njg5NjIsInJlYWxtTmFtZSI6ImNsb3VkSWRlbnRpdHlSZWFsbSIsInNfaGFzaCI6IjNfSWVGWkNBQU90YXZ6QVhzRlh4dnciLCJzdWIiOiI2MTYwMDE3TjY3In0.mmaToAGAjHyOMYd6ZnZgcI7WJ14-5x3NfIWP-olDFO_OnJAlGN22yh7DPxsJbDVbpYkR4g90QEi8uqEt39AYvaxx4NiL6JNgy2nxHJp3hXbyp4D7KtA0YRYbYhxkgjmDDxTXLotthIFKKH0RFwzse8tsw2-tONRHBXIwqixYraUVZDdVQYZGUM1uWPTbBFi3BPG0dsoVhB69PoJW9u9c2w3Eovlv_cUKxqi1e3vYUordjxeqZTTPf4yywTJu_ZkGyQrXZEy0sl6x9J3kTIqNbicUsBqFs7giXj44k3mAT9_kPd5y_mI7tNkyE9ua0AEdrOf2Gd8xJDeMMSulonxTXw&iss=https%3A%2F%2Foidc-conformance.rel.verify.ibmcloudsecurity.com%2Foauth2&state=lZtVzp6dAE
incoming_tls_chain
[
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL"
]
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_body_json
2022-11-27 17:09:25 OUTGOING
oidcc-refresh-token
Response to HTTP request to test instance BKM0UhVjklHUbnx
outgoing_status_code
204
outgoing_headers
{}
outgoing_body

                                
outgoing_path
implicit/PU7OvHMWUkIszVOXOSy1
2022-11-27 17:09:25
ExtractImplicitHashToCallbackResponse
Extracted response from URL fragment
parameters
[
  {
    "name": "code",
    "value": "5AUiB45vXitvwhViilNYmfK_Luf8PSeAV9kZF7TyxxQ.eyNtmWmqHxE9AU3iOWbcaoF5fRz3-qEah8NEXTc_4B0psFIzol2Leh8wTSSjDhQzHCgpmf0ytiXXlcu4luOk5A"
  },
  {
    "name": "id_token",
    "value": "eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF1ZCI6WyI3MTgwZWQxZi1iNTQ3LTQwN2UtOWI1Zi1iMjhjYTIyMGRmMTQiXSwiYXV0aF90aW1lIjoxNjY5NTY4NDA4LCJjX2hhc2giOiJoVTRaRjUxMHdyVWJtR0xLTHpsODVRIiwiZXhwIjoxNjY5NTc2MTY0LCJpYXQiOjE2Njk1Njg5NjQsImlzcyI6Imh0dHBzOi8vb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tL29hdXRoMiIsImp0aSI6IjZkMjM5ZmUwLWEyMWQtNDk0ZS05MGE4LTk5Y2ZhN2UzZDgyZSIsIm5hbWUiOiJJU1YgRGV2Iiwibm9uY2UiOiJGcFhqdGx3RzhJIiwicHJlZmVycmVkX3VzZXJuYW1lIjoiaXN2ZGV2QGlibS5jb20iLCJyYXQiOjE2Njk1Njg5NjIsInJlYWxtTmFtZSI6ImNsb3VkSWRlbnRpdHlSZWFsbSIsInNfaGFzaCI6IjNfSWVGWkNBQU90YXZ6QVhzRlh4dnciLCJzdWIiOiI2MTYwMDE3TjY3In0.mmaToAGAjHyOMYd6ZnZgcI7WJ14-5x3NfIWP-olDFO_OnJAlGN22yh7DPxsJbDVbpYkR4g90QEi8uqEt39AYvaxx4NiL6JNgy2nxHJp3hXbyp4D7KtA0YRYbYhxkgjmDDxTXLotthIFKKH0RFwzse8tsw2-tONRHBXIwqixYraUVZDdVQYZGUM1uWPTbBFi3BPG0dsoVhB69PoJW9u9c2w3Eovlv_cUKxqi1e3vYUordjxeqZTTPf4yywTJu_ZkGyQrXZEy0sl6x9J3kTIqNbicUsBqFs7giXj44k3mAT9_kPd5y_mI7tNkyE9ua0AEdrOf2Gd8xJDeMMSulonxTXw"
  },
  {
    "name": "iss",
    "value": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2"
  },
  {
    "name": "state",
    "value": "lZtVzp6dAE"
  }
]
2022-11-27 17:09:25 SUCCESS
ExtractImplicitHashToCallbackResponse
Extracted the hash values
code
5AUiB45vXitvwhViilNYmfK_Luf8PSeAV9kZF7TyxxQ.eyNtmWmqHxE9AU3iOWbcaoF5fRz3-qEah8NEXTc_4B0psFIzol2Leh8wTSSjDhQzHCgpmf0ytiXXlcu4luOk5A
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF1ZCI6WyI3MTgwZWQxZi1iNTQ3LTQwN2UtOWI1Zi1iMjhjYTIyMGRmMTQiXSwiYXV0aF90aW1lIjoxNjY5NTY4NDA4LCJjX2hhc2giOiJoVTRaRjUxMHdyVWJtR0xLTHpsODVRIiwiZXhwIjoxNjY5NTc2MTY0LCJpYXQiOjE2Njk1Njg5NjQsImlzcyI6Imh0dHBzOi8vb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tL29hdXRoMiIsImp0aSI6IjZkMjM5ZmUwLWEyMWQtNDk0ZS05MGE4LTk5Y2ZhN2UzZDgyZSIsIm5hbWUiOiJJU1YgRGV2Iiwibm9uY2UiOiJGcFhqdGx3RzhJIiwicHJlZmVycmVkX3VzZXJuYW1lIjoiaXN2ZGV2QGlibS5jb20iLCJyYXQiOjE2Njk1Njg5NjIsInJlYWxtTmFtZSI6ImNsb3VkSWRlbnRpdHlSZWFsbSIsInNfaGFzaCI6IjNfSWVGWkNBQU90YXZ6QVhzRlh4dnciLCJzdWIiOiI2MTYwMDE3TjY3In0.mmaToAGAjHyOMYd6ZnZgcI7WJ14-5x3NfIWP-olDFO_OnJAlGN22yh7DPxsJbDVbpYkR4g90QEi8uqEt39AYvaxx4NiL6JNgy2nxHJp3hXbyp4D7KtA0YRYbYhxkgjmDDxTXLotthIFKKH0RFwzse8tsw2-tONRHBXIwqixYraUVZDdVQYZGUM1uWPTbBFi3BPG0dsoVhB69PoJW9u9c2w3Eovlv_cUKxqi1e3vYUordjxeqZTTPf4yywTJu_ZkGyQrXZEy0sl6x9J3kTIqNbicUsBqFs7giXj44k3mAT9_kPd5y_mI7tNkyE9ua0AEdrOf2Gd8xJDeMMSulonxTXw
iss
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2
state
lZtVzp6dAE
2022-11-27 17:09:25 REDIRECT-IN
oidcc-refresh-token
Authorization endpoint response captured
url_query
{}
headers
{
  "host": "www.certification.openid.net",
  "cache-control": "max-age\u003d0",
  "upgrade-insecure-requests": "1",
  "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,image/avif,image/webp,image/apng,*/*;q\u003d0.8,application/signed-exchange;v\u003db3;q\u003d0.9",
  "sec-fetch-site": "cross-site",
  "sec-fetch-mode": "navigate",
  "sec-fetch-user": "?1",
  "sec-fetch-dest": "document",
  "sec-ch-ua": "\"Google Chrome\";v\u003d\"107\", \"Chromium\";v\u003d\"107\", \"Not\u003dA?Brand\";v\u003d\"24\"",
  "sec-ch-ua-mobile": "?0",
  "sec-ch-ua-platform": "\"Windows\"",
  "referer": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-US,en;q\u003d0.9,zh-CN;q\u003d0.8,zh;q\u003d0.7",
  "cookie": "__utmz\u003d201319536.1668662898.14.3.utmcsr\u003dcertification.openid.net|utmccn\u003d(referral)|utmcmd\u003dreferral|utmcct\u003d/; __utmc\u003d201319536; __utma\u003d201319536.1094656506.1667372526.1669169819.1669192421.17; JSESSIONID\u003dA99EA218D2554846F38BDDE459E8C220",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "x-forwarded-proto": "https",
  "x-forwarded-port": "443",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
http_method
GET
url_fragment
{
  "code": "5AUiB45vXitvwhViilNYmfK_Luf8PSeAV9kZF7TyxxQ.eyNtmWmqHxE9AU3iOWbcaoF5fRz3-qEah8NEXTc_4B0psFIzol2Leh8wTSSjDhQzHCgpmf0ytiXXlcu4luOk5A",
  "id_token": "eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF1ZCI6WyI3MTgwZWQxZi1iNTQ3LTQwN2UtOWI1Zi1iMjhjYTIyMGRmMTQiXSwiYXV0aF90aW1lIjoxNjY5NTY4NDA4LCJjX2hhc2giOiJoVTRaRjUxMHdyVWJtR0xLTHpsODVRIiwiZXhwIjoxNjY5NTc2MTY0LCJpYXQiOjE2Njk1Njg5NjQsImlzcyI6Imh0dHBzOi8vb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tL29hdXRoMiIsImp0aSI6IjZkMjM5ZmUwLWEyMWQtNDk0ZS05MGE4LTk5Y2ZhN2UzZDgyZSIsIm5hbWUiOiJJU1YgRGV2Iiwibm9uY2UiOiJGcFhqdGx3RzhJIiwicHJlZmVycmVkX3VzZXJuYW1lIjoiaXN2ZGV2QGlibS5jb20iLCJyYXQiOjE2Njk1Njg5NjIsInJlYWxtTmFtZSI6ImNsb3VkSWRlbnRpdHlSZWFsbSIsInNfaGFzaCI6IjNfSWVGWkNBQU90YXZ6QVhzRlh4dnciLCJzdWIiOiI2MTYwMDE3TjY3In0.mmaToAGAjHyOMYd6ZnZgcI7WJ14-5x3NfIWP-olDFO_OnJAlGN22yh7DPxsJbDVbpYkR4g90QEi8uqEt39AYvaxx4NiL6JNgy2nxHJp3hXbyp4D7KtA0YRYbYhxkgjmDDxTXLotthIFKKH0RFwzse8tsw2-tONRHBXIwqixYraUVZDdVQYZGUM1uWPTbBFi3BPG0dsoVhB69PoJW9u9c2w3Eovlv_cUKxqi1e3vYUordjxeqZTTPf4yywTJu_ZkGyQrXZEy0sl6x9J3kTIqNbicUsBqFs7giXj44k3mAT9_kPd5y_mI7tNkyE9ua0AEdrOf2Gd8xJDeMMSulonxTXw",
  "iss": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "state": "lZtVzp6dAE"
}
post_body
Second client: Verify authorization endpoint response
2022-11-27 17:09:25 SUCCESS
RejectAuthCodeInUrlQuery
Authorization code is not present in URL query returned from authorization endpoint
2022-11-27 17:09:25 SUCCESS
RejectErrorInUrlQuery
'error' is not present in URL query returned from authorization endpoint
2022-11-27 17:09:25 SUCCESS
CheckMatchingCallbackParameters
Callback parameters successfully verified
2022-11-27 17:09:25 SUCCESS
ValidateIssInAuthorizationResponse
'iss' parameter in authorization response matches server's issuer value.
2022-11-27 17:09:25 SUCCESS
CheckIfAuthorizationEndpointError
No error from authorization endpoint
2022-11-27 17:09:25 SUCCESS
CheckStateInAuthorizationResponse
State in response correctly returned
state
lZtVzp6dAE
2022-11-27 17:09:25 SUCCESS
ExtractAuthorizationCodeFromAuthorizationResponse
Found authorization code
code
5AUiB45vXitvwhViilNYmfK_Luf8PSeAV9kZF7TyxxQ.eyNtmWmqHxE9AU3iOWbcaoF5fRz3-qEah8NEXTc_4B0psFIzol2Leh8wTSSjDhQzHCgpmf0ytiXXlcu4luOk5A
2022-11-27 17:09:25 SUCCESS
ExtractIdTokenFromAuthorizationResponse
Found and parsed the id_token from authorization_endpoint_response
value
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF1ZCI6WyI3MTgwZWQxZi1iNTQ3LTQwN2UtOWI1Zi1iMjhjYTIyMGRmMTQiXSwiYXV0aF90aW1lIjoxNjY5NTY4NDA4LCJjX2hhc2giOiJoVTRaRjUxMHdyVWJtR0xLTHpsODVRIiwiZXhwIjoxNjY5NTc2MTY0LCJpYXQiOjE2Njk1Njg5NjQsImlzcyI6Imh0dHBzOi8vb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tL29hdXRoMiIsImp0aSI6IjZkMjM5ZmUwLWEyMWQtNDk0ZS05MGE4LTk5Y2ZhN2UzZDgyZSIsIm5hbWUiOiJJU1YgRGV2Iiwibm9uY2UiOiJGcFhqdGx3RzhJIiwicHJlZmVycmVkX3VzZXJuYW1lIjoiaXN2ZGV2QGlibS5jb20iLCJyYXQiOjE2Njk1Njg5NjIsInJlYWxtTmFtZSI6ImNsb3VkSWRlbnRpdHlSZWFsbSIsInNfaGFzaCI6IjNfSWVGWkNBQU90YXZ6QVhzRlh4dnciLCJzdWIiOiI2MTYwMDE3TjY3In0.mmaToAGAjHyOMYd6ZnZgcI7WJ14-5x3NfIWP-olDFO_OnJAlGN22yh7DPxsJbDVbpYkR4g90QEi8uqEt39AYvaxx4NiL6JNgy2nxHJp3hXbyp4D7KtA0YRYbYhxkgjmDDxTXLotthIFKKH0RFwzse8tsw2-tONRHBXIwqixYraUVZDdVQYZGUM1uWPTbBFi3BPG0dsoVhB69PoJW9u9c2w3Eovlv_cUKxqi1e3vYUordjxeqZTTPf4yywTJu_ZkGyQrXZEy0sl6x9J3kTIqNbicUsBqFs7giXj44k3mAT9_kPd5y_mI7tNkyE9ua0AEdrOf2Gd8xJDeMMSulonxTXw
header
{
  "kid": "server",
  "alg": "RS256"
}
claims
{
  "sub": "6160017N67",
  "rat": 1669568962,
  "realmName": "cloudIdentityRealm",
  "amr": [
    "password"
  ],
  "iss": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "preferred_username": "isvdev@ibm.com",
  "nonce": "FpXjtlwG8I",
  "acr": "urn:ibm:security:policy:id:1",
  "aud": "7180ed1f-b547-407e-9b5f-b28ca220df14",
  "c_hash": "hU4ZF510wrUbmGLKLzl85Q",
  "s_hash": "3_IeFZCAAOtavzAXsFXxvw",
  "auth_time": 1669568408,
  "name": "ISV Dev",
  "exp": 1669576164,
  "iat": 1669568964,
  "jti": "6d239fe0-a21d-494e-90a8-99cfa7e3d82e"
}
2022-11-27 17:09:25 SUCCESS
ValidateIdToken
ID token iss, aud, exp, iat, auth_time, acr & nbf claims passed validation checks
2022-11-27 17:09:25
ValidateIdTokenStandardClaims
sub is a string with content
2022-11-27 17:09:25
ValidateIdTokenStandardClaims
Skipping unknown claim: rat
2022-11-27 17:09:25
ValidateIdTokenStandardClaims
Skipping unknown claim: realmName
2022-11-27 17:09:25
ValidateIdTokenStandardClaims
preferred_username is a string with content
2022-11-27 17:09:25
ValidateIdTokenStandardClaims
name is a string with content
2022-11-27 17:09:25 SUCCESS
ValidateIdTokenStandardClaims
id_token claims are valid
2022-11-27 17:09:25 SUCCESS
ValidateIdTokenNonce
Nonce values match
nonce
FpXjtlwG8I
2022-11-27 17:09:25 SUCCESS
ValidateIdTokenACRClaimAgainstRequest
Nothing to check; the conformance suite did not request an acr claim in request object
2022-11-27 17:09:25 SUCCESS
ValidateIdTokenSignature
id_token signature validated
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF1ZCI6WyI3MTgwZWQxZi1iNTQ3LTQwN2UtOWI1Zi1iMjhjYTIyMGRmMTQiXSwiYXV0aF90aW1lIjoxNjY5NTY4NDA4LCJjX2hhc2giOiJoVTRaRjUxMHdyVWJtR0xLTHpsODVRIiwiZXhwIjoxNjY5NTc2MTY0LCJpYXQiOjE2Njk1Njg5NjQsImlzcyI6Imh0dHBzOi8vb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tL29hdXRoMiIsImp0aSI6IjZkMjM5ZmUwLWEyMWQtNDk0ZS05MGE4LTk5Y2ZhN2UzZDgyZSIsIm5hbWUiOiJJU1YgRGV2Iiwibm9uY2UiOiJGcFhqdGx3RzhJIiwicHJlZmVycmVkX3VzZXJuYW1lIjoiaXN2ZGV2QGlibS5jb20iLCJyYXQiOjE2Njk1Njg5NjIsInJlYWxtTmFtZSI6ImNsb3VkSWRlbnRpdHlSZWFsbSIsInNfaGFzaCI6IjNfSWVGWkNBQU90YXZ6QVhzRlh4dnciLCJzdWIiOiI2MTYwMDE3TjY3In0.mmaToAGAjHyOMYd6ZnZgcI7WJ14-5x3NfIWP-olDFO_OnJAlGN22yh7DPxsJbDVbpYkR4g90QEi8uqEt39AYvaxx4NiL6JNgy2nxHJp3hXbyp4D7KtA0YRYbYhxkgjmDDxTXLotthIFKKH0RFwzse8tsw2-tONRHBXIwqixYraUVZDdVQYZGUM1uWPTbBFi3BPG0dsoVhB69PoJW9u9c2w3Eovlv_cUKxqi1e3vYUordjxeqZTTPf4yywTJu_ZkGyQrXZEy0sl6x9J3kTIqNbicUsBqFs7giXj44k3mAT9_kPd5y_mI7tNkyE9ua0AEdrOf2Gd8xJDeMMSulonxTXw
2022-11-27 17:09:25 SUCCESS
ValidateIdTokenSignatureUsingKid
id_token signature validated
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF1ZCI6WyI3MTgwZWQxZi1iNTQ3LTQwN2UtOWI1Zi1iMjhjYTIyMGRmMTQiXSwiYXV0aF90aW1lIjoxNjY5NTY4NDA4LCJjX2hhc2giOiJoVTRaRjUxMHdyVWJtR0xLTHpsODVRIiwiZXhwIjoxNjY5NTc2MTY0LCJpYXQiOjE2Njk1Njg5NjQsImlzcyI6Imh0dHBzOi8vb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tL29hdXRoMiIsImp0aSI6IjZkMjM5ZmUwLWEyMWQtNDk0ZS05MGE4LTk5Y2ZhN2UzZDgyZSIsIm5hbWUiOiJJU1YgRGV2Iiwibm9uY2UiOiJGcFhqdGx3RzhJIiwicHJlZmVycmVkX3VzZXJuYW1lIjoiaXN2ZGV2QGlibS5jb20iLCJyYXQiOjE2Njk1Njg5NjIsInJlYWxtTmFtZSI6ImNsb3VkSWRlbnRpdHlSZWFsbSIsInNfaGFzaCI6IjNfSWVGWkNBQU90YXZ6QVhzRlh4dnciLCJzdWIiOiI2MTYwMDE3TjY3In0.mmaToAGAjHyOMYd6ZnZgcI7WJ14-5x3NfIWP-olDFO_OnJAlGN22yh7DPxsJbDVbpYkR4g90QEi8uqEt39AYvaxx4NiL6JNgy2nxHJp3hXbyp4D7KtA0YRYbYhxkgjmDDxTXLotthIFKKH0RFwzse8tsw2-tONRHBXIwqixYraUVZDdVQYZGUM1uWPTbBFi3BPG0dsoVhB69PoJW9u9c2w3Eovlv_cUKxqi1e3vYUordjxeqZTTPf4yywTJu_ZkGyQrXZEy0sl6x9J3kTIqNbicUsBqFs7giXj44k3mAT9_kPd5y_mI7tNkyE9ua0AEdrOf2Gd8xJDeMMSulonxTXw
2022-11-27 17:09:25 SUCCESS
CheckForSubjectInIdToken
Found 'sub' in id_token
sub
6160017N67
2022-11-27 17:09:25
EnsureIdTokenUpdatedAtValid
id_token response does not contain 'updated_at'
2022-11-27 17:09:25 INFO
ValidateEncryptedIdTokenHasKid
Skipped evaluation due to missing required element: id_token jwe_header
path
jwe_header
mapped
object
id_token
2022-11-27 17:09:25 SUCCESS
CreateTokenEndpointRequestForAuthorizationCodeGrant
Created token endpoint request
grant_type
authorization_code
code
5AUiB45vXitvwhViilNYmfK_Luf8PSeAV9kZF7TyxxQ.eyNtmWmqHxE9AU3iOWbcaoF5fRz3-qEah8NEXTc_4B0psFIzol2Leh8wTSSjDhQzHCgpmf0ytiXXlcu4luOk5A
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
2022-11-27 17:09:25 SUCCESS
AddBasicAuthClientSecretAuthenticationParameters
Added basic authorization header
Authorization
Basic NzE4MGVkMWYtYjU0Ny00MDdlLTliNWYtYjI4Y2EyMjBkZjE0OmljNTBYRUV6OWM=
2022-11-27 17:09:25
CallTokenEndpoint
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/token
request_method
POST
request_headers
{
  "accept": "application/json",
  "authorization": "Basic NzE4MGVkMWYtYjU0Ny00MDdlLTliNWYtYjI4Y2EyMjBkZjE0OmljNTBYRUV6OWM\u003d",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "267"
}
request_body
grant_type=authorization_code&code=5AUiB45vXitvwhViilNYmfK_Luf8PSeAV9kZF7TyxxQ.eyNtmWmqHxE9AU3iOWbcaoF5fRz3-qEah8NEXTc_4B0psFIzol2Leh8wTSSjDhQzHCgpmf0ytiXXlcu4luOk5A&redirect_uri=https%3A%2F%2Fwww.certification.openid.net%2Ftest%2Fa%2Fisv_op_oidc_core_test%2Fcallback
2022-11-27 17:09:26 RESPONSE
CallTokenEndpoint
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AKfb19a2af-4a3e-44a0-9a9e-9fef8726e045",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c281638399c5351145c1",
  "content-length": "1498",
  "date": "Sun, 27 Nov 2022 17:09:26 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:+QeR339hPCJYaMTo8KARrBu5FLccKGZLUv6Kzljsj2w\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:61017047; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d9A72BFF1C2450C30E4B83E507FA93F3C~-1~YAAQ7fnerevLh3yEAQAA4a0QughvdgEQIMrAxaLOmx9mvKaUgRhLuEDw/Z8tDS8Sp42fa7ZJKomaiAoOc0Ys3AYxtbmILA8VOZGa4hPYdYmI9dmAORIDbhJ3OlP//Ev0lGsSRnaKGYG6GtRDRtWhA5Ij5ly2xkcMeraUA7F9R1Wipb4cIfguDEb8fGUejhrGRDpXsQzLVsgLFgpjhHso/lUaicYRqrqdR8bUe7b110z/QNBxjysw8XnswlUEFODu3pA9p6BelDaaZ8iLfrzzyNzCFwtgf2HtaO+2gOWbAj0hegvqNnDkTEafEzKso44Tydiqu+PbVO0l+CogtSjN06pY5lCQq/qM9dixNnbckdcrWP7kA3p18dQIZCs/iIpbDmwTuNo\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 27 Nov 2023 17:09:26 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003dFECDE28F909C08E22EA865960B523632~YAAQ7fnerezLh3yEAQAA4a0QuhGJwI1/Cozwp3Jn5xtpZDlpKOebkHcVVTCTINkoKVlg4hPbQMZKwDI4L9CEc7bXFWxndlfd7zxJRjpPUbSaKu9G29Rg3xzj62bSB9gslQafmgb+RllMLOUyFKsGdjHfgAaE3jeazIcSi7le8BdTKdQkTvc0m7NVqacmmsiij4UhoLoh2niQqxZke960DUl+Xi45p2uIoJQfNv4ytm1CbNAdyoZKlQwNs9avZCk2DLzWyUpsd+XBrG61WReZBcI0MVK3B6Fbt8BuIo50LxFaxSxR0e7MGWH8c/mK~4473668~3684153; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dSun, 27 Nov 2022 21:09:25 GMT; Max-Age\u003d14399; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d101",
    "origin; dur\u003d191"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"access_token":"63jC1-_cRKN7yRlN3yXYfo_YQxoVSryAODZLTSrVk7I.0MbgX79U0dc2OCq_oTQCWuFGKUhESbDWxVd0ePEsArBU6t-wrRBfNHdtY0dxkQOAGL7siSyBEzZcXBvO-Rgr3g.M18xNjY5NTY4OTY1XzE4","expires_in":7199,"id_token":"eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiI1c254b0lWcEFJUGszZG5wdFRKVlpnIiwiYXVkIjpbIjcxODBlZDFmLWI1NDctNDA3ZS05YjVmLWIyOGNhMjIwZGYxNCJdLCJhdXRoX3RpbWUiOjE2Njk1Njg0MDgsImV4cCI6MTY2OTU3NjE2NiwiaWF0IjoxNjY5NTY4OTY2LCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiIxN2Y0MGU4Yy1mN2I1LTRmNTktOGQ4Ny1lNWZlZGRiMTA4ZWEiLCJuYW1lIjoiSVNWIERldiIsIm5vbmNlIjoiRnBYanRsd0c4SSIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NTY4OTYyLCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoiX1F5dnpWME9tQlJrbVpFSjdUczhhZyIsInNfaGFzaCI6IjNfSWVGWkNBQU90YXZ6QVhzRlh4dnciLCJzdWIiOiI2MTYwMDE3TjY3In0.jgn5Dpi__uFhP_7G61RRSOT_9nclpho8MgI_3da_erA3JAR3glRE4pu996SFRtQS8A_iOJUhcHbWIAddopCYY3CPsb5UPY4kfMRRk5Za65HyP8YSy4cQV4RtF76EJi_iSkyErqYqKguWh7zWnEMeRLxZFC4Qr3VcwOqCdL-qyAhIv6sJU_stT1_65gO1M-ueNkMboFw-P5MsCgKy2frk4sf8aYt-l9uUs65r4QeTP69C9ALaTcpfY9muQl1CijLmkY7hRtLNIYvEGWc840HhO7jq9JrpV2Tk09c2Xc56FkZT4-71TdkgVTQLS7eDAyH2UrljrA84x4Pu2xBzlsrzRg","refresh_token":"ENPyFzBkREkPeQyJL-ioN8RD8jmsZ-bV6AA6m_VUQvY.zymuFuYehSk5vZaKJOr89erTnIAGSkZKKULOqST_0zu4TJeOKhIjbPJPJ0RJjQPed52GS30KjpfF4biz7Dr9MA.M18xNjY5NTY4OTY1XzE4","scope":"openid","token_type":"bearer"}
2022-11-27 17:09:26 SUCCESS
CallTokenEndpoint
Parsed token endpoint response
access_token
63jC1-_cRKN7yRlN3yXYfo_YQxoVSryAODZLTSrVk7I.0MbgX79U0dc2OCq_oTQCWuFGKUhESbDWxVd0ePEsArBU6t-wrRBfNHdtY0dxkQOAGL7siSyBEzZcXBvO-Rgr3g.M18xNjY5NTY4OTY1XzE4
expires_in
7199
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiI1c254b0lWcEFJUGszZG5wdFRKVlpnIiwiYXVkIjpbIjcxODBlZDFmLWI1NDctNDA3ZS05YjVmLWIyOGNhMjIwZGYxNCJdLCJhdXRoX3RpbWUiOjE2Njk1Njg0MDgsImV4cCI6MTY2OTU3NjE2NiwiaWF0IjoxNjY5NTY4OTY2LCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiIxN2Y0MGU4Yy1mN2I1LTRmNTktOGQ4Ny1lNWZlZGRiMTA4ZWEiLCJuYW1lIjoiSVNWIERldiIsIm5vbmNlIjoiRnBYanRsd0c4SSIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NTY4OTYyLCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoiX1F5dnpWME9tQlJrbVpFSjdUczhhZyIsInNfaGFzaCI6IjNfSWVGWkNBQU90YXZ6QVhzRlh4dnciLCJzdWIiOiI2MTYwMDE3TjY3In0.jgn5Dpi__uFhP_7G61RRSOT_9nclpho8MgI_3da_erA3JAR3glRE4pu996SFRtQS8A_iOJUhcHbWIAddopCYY3CPsb5UPY4kfMRRk5Za65HyP8YSy4cQV4RtF76EJi_iSkyErqYqKguWh7zWnEMeRLxZFC4Qr3VcwOqCdL-qyAhIv6sJU_stT1_65gO1M-ueNkMboFw-P5MsCgKy2frk4sf8aYt-l9uUs65r4QeTP69C9ALaTcpfY9muQl1CijLmkY7hRtLNIYvEGWc840HhO7jq9JrpV2Tk09c2Xc56FkZT4-71TdkgVTQLS7eDAyH2UrljrA84x4Pu2xBzlsrzRg
refresh_token
ENPyFzBkREkPeQyJL-ioN8RD8jmsZ-bV6AA6m_VUQvY.zymuFuYehSk5vZaKJOr89erTnIAGSkZKKULOqST_0zu4TJeOKhIjbPJPJ0RJjQPed52GS30KjpfF4biz7Dr9MA.M18xNjY5NTY4OTY1XzE4
scope
openid
token_type
bearer
2022-11-27 17:09:26 SUCCESS
CheckIfTokenEndpointResponseError
No error from token endpoint
2022-11-27 17:09:26 SUCCESS
CheckForAccessTokenValue
Found an access token
access_token
63jC1-_cRKN7yRlN3yXYfo_YQxoVSryAODZLTSrVk7I.0MbgX79U0dc2OCq_oTQCWuFGKUhESbDWxVd0ePEsArBU6t-wrRBfNHdtY0dxkQOAGL7siSyBEzZcXBvO-Rgr3g.M18xNjY5NTY4OTY1XzE4
2022-11-27 17:09:26 SUCCESS
ExtractAccessTokenFromTokenResponse
Extracted the access token
value
63jC1-_cRKN7yRlN3yXYfo_YQxoVSryAODZLTSrVk7I.0MbgX79U0dc2OCq_oTQCWuFGKUhESbDWxVd0ePEsArBU6t-wrRBfNHdtY0dxkQOAGL7siSyBEzZcXBvO-Rgr3g.M18xNjY5NTY4OTY1XzE4
type
bearer
2022-11-27 17:09:26 SUCCESS
ExtractExpiresInFromTokenEndpointResponse
Extracted 'expires_in'
expires_in
7199
2022-11-27 17:09:26 SUCCESS
ValidateExpiresIn
expires_in passed all validation checks
expires_in
7199
2022-11-27 17:09:26 SUCCESS
CheckForRefreshTokenValue
Found a refresh token
refresh_token
ENPyFzBkREkPeQyJL-ioN8RD8jmsZ-bV6AA6m_VUQvY.zymuFuYehSk5vZaKJOr89erTnIAGSkZKKULOqST_0zu4TJeOKhIjbPJPJ0RJjQPed52GS30KjpfF4biz7Dr9MA.M18xNjY5NTY4OTY1XzE4
2022-11-27 17:09:26 SUCCESS
ExtractIdTokenFromTokenResponse
Found and parsed the id_token from token_endpoint_response
value
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiI1c254b0lWcEFJUGszZG5wdFRKVlpnIiwiYXVkIjpbIjcxODBlZDFmLWI1NDctNDA3ZS05YjVmLWIyOGNhMjIwZGYxNCJdLCJhdXRoX3RpbWUiOjE2Njk1Njg0MDgsImV4cCI6MTY2OTU3NjE2NiwiaWF0IjoxNjY5NTY4OTY2LCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiIxN2Y0MGU4Yy1mN2I1LTRmNTktOGQ4Ny1lNWZlZGRiMTA4ZWEiLCJuYW1lIjoiSVNWIERldiIsIm5vbmNlIjoiRnBYanRsd0c4SSIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NTY4OTYyLCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoiX1F5dnpWME9tQlJrbVpFSjdUczhhZyIsInNfaGFzaCI6IjNfSWVGWkNBQU90YXZ6QVhzRlh4dnciLCJzdWIiOiI2MTYwMDE3TjY3In0.jgn5Dpi__uFhP_7G61RRSOT_9nclpho8MgI_3da_erA3JAR3glRE4pu996SFRtQS8A_iOJUhcHbWIAddopCYY3CPsb5UPY4kfMRRk5Za65HyP8YSy4cQV4RtF76EJi_iSkyErqYqKguWh7zWnEMeRLxZFC4Qr3VcwOqCdL-qyAhIv6sJU_stT1_65gO1M-ueNkMboFw-P5MsCgKy2frk4sf8aYt-l9uUs65r4QeTP69C9ALaTcpfY9muQl1CijLmkY7hRtLNIYvEGWc840HhO7jq9JrpV2Tk09c2Xc56FkZT4-71TdkgVTQLS7eDAyH2UrljrA84x4Pu2xBzlsrzRg
header
{
  "kid": "server",
  "alg": "RS256"
}
claims
{
  "at_hash": "5snxoIVpAIPk3dnptTJVZg",
  "sub": "6160017N67",
  "rat": 1669568962,
  "realmName": "cloudIdentityRealm",
  "amr": [
    "password"
  ],
  "iss": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "preferred_username": "isvdev@ibm.com",
  "nonce": "FpXjtlwG8I",
  "rt_hash": "_QyvzV0OmBRkmZEJ7Ts8ag",
  "acr": "urn:ibm:security:policy:id:1",
  "aud": "7180ed1f-b547-407e-9b5f-b28ca220df14",
  "s_hash": "3_IeFZCAAOtavzAXsFXxvw",
  "auth_time": 1669568408,
  "name": "ISV Dev",
  "exp": 1669576166,
  "iat": 1669568966,
  "jti": "17f40e8c-f7b5-4f59-8d87-e5feddb108ea"
}
2022-11-27 17:09:26 SUCCESS
ValidateIdToken
ID token iss, aud, exp, iat, auth_time, acr & nbf claims passed validation checks
2022-11-27 17:09:26
ValidateIdTokenStandardClaims
sub is a string with content
2022-11-27 17:09:26
ValidateIdTokenStandardClaims
Skipping unknown claim: rat
2022-11-27 17:09:26
ValidateIdTokenStandardClaims
Skipping unknown claim: realmName
2022-11-27 17:09:26
ValidateIdTokenStandardClaims
preferred_username is a string with content
2022-11-27 17:09:26
ValidateIdTokenStandardClaims
Skipping unknown claim: rt_hash
2022-11-27 17:09:26
ValidateIdTokenStandardClaims
name is a string with content
2022-11-27 17:09:26 SUCCESS
ValidateIdTokenStandardClaims
id_token claims are valid
2022-11-27 17:09:26 SUCCESS
ValidateIdTokenNonce
Nonce values match
nonce
FpXjtlwG8I
2022-11-27 17:09:26 SUCCESS
ValidateIdTokenACRClaimAgainstRequest
Nothing to check; the conformance suite did not request an acr claim in request object
2022-11-27 17:09:26 SUCCESS
ValidateIdTokenSignature
id_token signature validated
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiI1c254b0lWcEFJUGszZG5wdFRKVlpnIiwiYXVkIjpbIjcxODBlZDFmLWI1NDctNDA3ZS05YjVmLWIyOGNhMjIwZGYxNCJdLCJhdXRoX3RpbWUiOjE2Njk1Njg0MDgsImV4cCI6MTY2OTU3NjE2NiwiaWF0IjoxNjY5NTY4OTY2LCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiIxN2Y0MGU4Yy1mN2I1LTRmNTktOGQ4Ny1lNWZlZGRiMTA4ZWEiLCJuYW1lIjoiSVNWIERldiIsIm5vbmNlIjoiRnBYanRsd0c4SSIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NTY4OTYyLCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoiX1F5dnpWME9tQlJrbVpFSjdUczhhZyIsInNfaGFzaCI6IjNfSWVGWkNBQU90YXZ6QVhzRlh4dnciLCJzdWIiOiI2MTYwMDE3TjY3In0.jgn5Dpi__uFhP_7G61RRSOT_9nclpho8MgI_3da_erA3JAR3glRE4pu996SFRtQS8A_iOJUhcHbWIAddopCYY3CPsb5UPY4kfMRRk5Za65HyP8YSy4cQV4RtF76EJi_iSkyErqYqKguWh7zWnEMeRLxZFC4Qr3VcwOqCdL-qyAhIv6sJU_stT1_65gO1M-ueNkMboFw-P5MsCgKy2frk4sf8aYt-l9uUs65r4QeTP69C9ALaTcpfY9muQl1CijLmkY7hRtLNIYvEGWc840HhO7jq9JrpV2Tk09c2Xc56FkZT4-71TdkgVTQLS7eDAyH2UrljrA84x4Pu2xBzlsrzRg
2022-11-27 17:09:26 SUCCESS
ValidateIdTokenSignatureUsingKid
id_token signature validated
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiI1c254b0lWcEFJUGszZG5wdFRKVlpnIiwiYXVkIjpbIjcxODBlZDFmLWI1NDctNDA3ZS05YjVmLWIyOGNhMjIwZGYxNCJdLCJhdXRoX3RpbWUiOjE2Njk1Njg0MDgsImV4cCI6MTY2OTU3NjE2NiwiaWF0IjoxNjY5NTY4OTY2LCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiIxN2Y0MGU4Yy1mN2I1LTRmNTktOGQ4Ny1lNWZlZGRiMTA4ZWEiLCJuYW1lIjoiSVNWIERldiIsIm5vbmNlIjoiRnBYanRsd0c4SSIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NTY4OTYyLCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoiX1F5dnpWME9tQlJrbVpFSjdUczhhZyIsInNfaGFzaCI6IjNfSWVGWkNBQU90YXZ6QVhzRlh4dnciLCJzdWIiOiI2MTYwMDE3TjY3In0.jgn5Dpi__uFhP_7G61RRSOT_9nclpho8MgI_3da_erA3JAR3glRE4pu996SFRtQS8A_iOJUhcHbWIAddopCYY3CPsb5UPY4kfMRRk5Za65HyP8YSy4cQV4RtF76EJi_iSkyErqYqKguWh7zWnEMeRLxZFC4Qr3VcwOqCdL-qyAhIv6sJU_stT1_65gO1M-ueNkMboFw-P5MsCgKy2frk4sf8aYt-l9uUs65r4QeTP69C9ALaTcpfY9muQl1CijLmkY7hRtLNIYvEGWc840HhO7jq9JrpV2Tk09c2Xc56FkZT4-71TdkgVTQLS7eDAyH2UrljrA84x4Pu2xBzlsrzRg
2022-11-27 17:09:26 SUCCESS
CheckForSubjectInIdToken
Found 'sub' in id_token
sub
6160017N67
2022-11-27 17:09:26
EnsureIdTokenUpdatedAtValid
id_token response does not contain 'updated_at'
2022-11-27 17:09:26 INFO
ValidateEncryptedIdTokenHasKid
Skipped evaluation due to missing required element: id_token jwe_header
path
jwe_header
mapped
object
id_token
2022-11-27 17:09:26 SUCCESS
VerifyIdTokenSubConsistentHybridFlow
authorization endpoint and token endpoint id_token have same sub
sub_auth_endpoint
6160017N67
sub_token_endpoint
6160017N67
2022-11-27 17:09:26 SUCCESS
ExtractRefreshTokenFromTokenResponse
Extracted refresh token from response
refresh_token
ENPyFzBkREkPeQyJL-ioN8RD8jmsZ-bV6AA6m_VUQvY.zymuFuYehSk5vZaKJOr89erTnIAGSkZKKULOqST_0zu4TJeOKhIjbPJPJ0RJjQPed52GS30KjpfF4biz7Dr9MA.M18xNjY5NTY4OTY1XzE4
2022-11-27 17:09:26 SUCCESS
EnsureServerConfigurationSupportsRefreshToken
The server configuration indicates support for refresh tokens
supported_grant_types
[
  "authorization_code",
  "implicit",
  "password",
  "refresh_token",
  "client_credentials"
]
2022-11-27 17:09:26 SUCCESS
EnsureRefreshTokenContainsAllowedCharactersOnly
Refresh token does not contain any illegal characters
Second client: Refresh Token Request
2022-11-27 17:09:26 SUCCESS
CreateRefreshTokenRequest
Created token endpoint request parameters
grant_type
refresh_token
refresh_token
ENPyFzBkREkPeQyJL-ioN8RD8jmsZ-bV6AA6m_VUQvY.zymuFuYehSk5vZaKJOr89erTnIAGSkZKKULOqST_0zu4TJeOKhIjbPJPJ0RJjQPed52GS30KjpfF4biz7Dr9MA.M18xNjY5NTY4OTY1XzE4
2022-11-27 17:09:26 SUCCESS
AddBasicAuthClientSecretAuthenticationParameters
Added basic authorization header
Authorization
Basic NzE4MGVkMWYtYjU0Ny00MDdlLTliNWYtYjI4Y2EyMjBkZjE0OmljNTBYRUV6OWM=
2022-11-27 17:09:26 SUCCESS
WaitForOneSecond
Pausing for 1 seconds
2022-11-27 17:09:27 SUCCESS
WaitForOneSecond
Woke up after 1 seconds sleep
2022-11-27 17:09:27
CallTokenEndpointAndReturnFullResponse
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/token
request_method
POST
request_headers
{
  "accept": "application/json",
  "authorization": "Basic NzE4MGVkMWYtYjU0Ny00MDdlLTliNWYtYjI4Y2EyMjBkZjE0OmljNTBYRUV6OWM\u003d",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "190"
}
request_body
grant_type=refresh_token&refresh_token=ENPyFzBkREkPeQyJL-ioN8RD8jmsZ-bV6AA6m_VUQvY.zymuFuYehSk5vZaKJOr89erTnIAGSkZKKULOqST_0zu4TJeOKhIjbPJPJ0RJjQPed52GS30KjpfF4biz7Dr9MA.M18xNjY5NTY4OTY1XzE4
2022-11-27 17:09:27 RESPONSE
CallTokenEndpointAndReturnFullResponse
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AKa4b7914b-9495-47df-9b6d-9ad6d2428168",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c281638399c720436025",
  "content-length": "1425",
  "date": "Sun, 27 Nov 2022 17:09:27 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:cRK3ZtxSYjYK+/dLaW9s6BrBzmZ3+rC/fU5sy0V/fkY\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:54725591; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d4CCF8471940CFCD96085413702E145D6~-1~YAAQ7fnerfLLh3yEAQAALrMQugg2G5omHW8RzCm8yJEMDQjFXzhsxAZQIzPboMsgbeTVVvX2jCcO8XyR/KRJ6LFnTVqcYUrSiQjrEou6Eggog1QHh7r2TinrSIJG1dHMmKVrHFvAot5FBA8dSbjmcEkm0YXDl29TK7hXOxJ7jsI49VJIU8GY5Kl0lMUhfqzs6aje7vfPZmgc4BtVTaUy2rFA5t8vX0AW2NIOIl2maa4IPAL40RK7CH2GDT0UqP7uxgD+KeOwrR5qmf1bSK5bAnjloYWLeBH1jdbLPM8RoGG1IaUrel1rOzwkUUK1vRxMHkYqtMfjL0bV6D0vBpYF47qhzxjO43lYkoQFOdkvEx8euYlfdIbz1XgaB3VsO0Z8vAOxVlw\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 27 Nov 2023 17:09:27 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003dD87C36EB947345876BC11D91F7AC5C41~YAAQ7fnerfPLh3yEAQAALrMQuhGrk/jT9VBLmjFurjQZAQz2rVkTXXRLPADzjgk46LGIUEWW4qvlxr/ZA0ofn0evc64s4fvTp7TAVcbcHM+P3nP1yPMxKvTmi0zKH/xWG2lMJpzz+O/Fxf63LH7zP3v08hAs2/s5OEGwJwLvxfLVRLH8SHyc3KZG6Egi1RqxmR6N+cl8qTcaxs/adA81RipNHqoQguzZrXGcIYJmZkMoYn9p1JDmFjPwgNwOATMHiLhsBgALCzhsuNU3GzWPZzQAKeQGNLgBRE3uEsBJC/RtftUl/r0qY5kk2422~3617094~3688003; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dSun, 27 Nov 2022 21:09:27 GMT; Max-Age\u003d14400; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d95",
    "origin; dur\u003d166"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"access_token":"j0wuiss07EzrTC7jsVmk8eQiugkFZG2Ce3wHt_avOeg.R5RkuFad8xSJK5hQKl__GFQ5XGe98oAfvbZ5b97XfAsNpzg1PYEN8tySotgLiRc4BDqu6prGJAcFX-a_dF0xUw.M18xNjY5NTY4OTY3XzE4","expires_in":7199,"id_token":"eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJ4R2RJeDdrZVlhQmhTX1JNY3o2RUZBIiwiYXVkIjpbIjcxODBlZDFmLWI1NDctNDA3ZS05YjVmLWIyOGNhMjIwZGYxNCJdLCJhdXRoX3RpbWUiOjE2Njk1Njg0MDgsImV4cCI6MTY2OTU3NjE2NywiaWF0IjoxNjY5NTY4OTY3LCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiJhYmFlMDBkNi05ZTNhLTRkNjAtYTI0NS02NTNhYmRlYzNlNDAiLCJuYW1lIjoiSVNWIERldiIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NTY4OTYyLCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoiOGZjNDM2TmRRRlpQUFVabmY3eEN0dyIsInN1YiI6IjYxNjAwMTdONjcifQ.V4auxCvkL6xeBDBrKKs6I3S3bjSYm95cIRroT1R48cScvPs0oSMFvSnUnTcXrFL4sTPB_ik9r9XEl4NS0RVvVm_JP9Kqq516EaElAS0Pn5PLXbEIAE4rb9QAI0i1QNrF0LrloHwPbtYfbdSZlYdBwdvkMd7x8svk1jqRGqrr6dQ8rtmwkNd86aH87BgqAk5YEsetddhn7AJD8x2PcKnheuh0up6F4m9FN1rPufoFNkzhzDbXGSo3KgH0yPk0UC84SVo6SyT33tt1dyg_Y7FzUnwRVGSdcVnFePWsM9j_wq-TmDt32QMXaaa71mOq7znlWIiranlsrvDeHDUFtw808Q","refresh_token":"Zn6dhG5SsJCyQViI2PErtHrbkwDyzNM38dkN0Uuu09k.DAETiiM_8mLXpq_76AsrDT9-n0_Ayq9KP6MWJo4btYCOS6TyqhBnoKOkaVDXuXV1cxcI1rmLycCHn6sbD87v_Q.M18xNjY5NTY4OTY3XzE4","scope":"openid","token_type":"bearer"}
2022-11-27 17:09:27 SUCCESS
CallTokenEndpointAndReturnFullResponse
Parsed token endpoint response
access_token
j0wuiss07EzrTC7jsVmk8eQiugkFZG2Ce3wHt_avOeg.R5RkuFad8xSJK5hQKl__GFQ5XGe98oAfvbZ5b97XfAsNpzg1PYEN8tySotgLiRc4BDqu6prGJAcFX-a_dF0xUw.M18xNjY5NTY4OTY3XzE4
expires_in
7199
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJ4R2RJeDdrZVlhQmhTX1JNY3o2RUZBIiwiYXVkIjpbIjcxODBlZDFmLWI1NDctNDA3ZS05YjVmLWIyOGNhMjIwZGYxNCJdLCJhdXRoX3RpbWUiOjE2Njk1Njg0MDgsImV4cCI6MTY2OTU3NjE2NywiaWF0IjoxNjY5NTY4OTY3LCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiJhYmFlMDBkNi05ZTNhLTRkNjAtYTI0NS02NTNhYmRlYzNlNDAiLCJuYW1lIjoiSVNWIERldiIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NTY4OTYyLCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoiOGZjNDM2TmRRRlpQUFVabmY3eEN0dyIsInN1YiI6IjYxNjAwMTdONjcifQ.V4auxCvkL6xeBDBrKKs6I3S3bjSYm95cIRroT1R48cScvPs0oSMFvSnUnTcXrFL4sTPB_ik9r9XEl4NS0RVvVm_JP9Kqq516EaElAS0Pn5PLXbEIAE4rb9QAI0i1QNrF0LrloHwPbtYfbdSZlYdBwdvkMd7x8svk1jqRGqrr6dQ8rtmwkNd86aH87BgqAk5YEsetddhn7AJD8x2PcKnheuh0up6F4m9FN1rPufoFNkzhzDbXGSo3KgH0yPk0UC84SVo6SyT33tt1dyg_Y7FzUnwRVGSdcVnFePWsM9j_wq-TmDt32QMXaaa71mOq7znlWIiranlsrvDeHDUFtw808Q
refresh_token
Zn6dhG5SsJCyQViI2PErtHrbkwDyzNM38dkN0Uuu09k.DAETiiM_8mLXpq_76AsrDT9-n0_Ayq9KP6MWJo4btYCOS6TyqhBnoKOkaVDXuXV1cxcI1rmLycCHn6sbD87v_Q.M18xNjY5NTY4OTY3XzE4
scope
openid
token_type
bearer
2022-11-27 17:09:27 SUCCESS
CheckTokenEndpointHttpStatus200
Token endpoint http status code was 200
2022-11-27 17:09:27 SUCCESS
CheckTokenEndpointReturnedJsonContentType
token_endpoint_response_headers Content-Type: header is application/json
2022-11-27 17:09:27 SUCCESS
CheckTokenEndpointCacheHeaders
'cache-control' header in token endpoint response contains expected value.
cache_control_header
no-store
2022-11-27 17:09:27 SUCCESS
CheckIfTokenEndpointResponseError
No error from token endpoint
2022-11-27 17:09:27 SUCCESS
ExtractAccessTokenFromTokenResponse
Extracted the access token
value
j0wuiss07EzrTC7jsVmk8eQiugkFZG2Ce3wHt_avOeg.R5RkuFad8xSJK5hQKl__GFQ5XGe98oAfvbZ5b97XfAsNpzg1PYEN8tySotgLiRc4BDqu6prGJAcFX-a_dF0xUw.M18xNjY5NTY4OTY3XzE4
type
bearer
2022-11-27 17:09:27 SUCCESS
CheckTokenTypeIsBearer
Token type is bearer
2022-11-27 17:09:27 SUCCESS
EnsureMinimumAccessTokenEntropy
Calculated shannon entropy seems sufficient
actual
874.0919941801611
expected
96.0
value
j0wuiss07EzrTC7jsVmk8eQiugkFZG2Ce3wHt_avOeg.R5RkuFad8xSJK5hQKl__GFQ5XGe98oAfvbZ5b97XfAsNpzg1PYEN8tySotgLiRc4BDqu6prGJAcFX-a_dF0xUw.M18xNjY5NTY4OTY3XzE4
2022-11-27 17:09:27 SUCCESS
EnsureAccessTokenContainsAllowedCharactersOnly
Access token does not contain any illegal characters
2022-11-27 17:09:27 SUCCESS
ExtractExpiresInFromTokenEndpointResponse
Extracted 'expires_in'
expires_in
7199
2022-11-27 17:09:27 SUCCESS
ValidateExpiresIn
expires_in passed all validation checks
expires_in
7199
2022-11-27 17:09:27 SUCCESS
EnsureAccessTokenValuesAreDifferent
Access token values are not the same
first_access_token
63jC1-_cRKN7yRlN3yXYfo_YQxoVSryAODZLTSrVk7I.0MbgX79U0dc2OCq_oTQCWuFGKUhESbDWxVd0ePEsArBU6t-wrRBfNHdtY0dxkQOAGL7siSyBEzZcXBvO-Rgr3g.M18xNjY5NTY4OTY1XzE4
second_access_token
j0wuiss07EzrTC7jsVmk8eQiugkFZG2Ce3wHt_avOeg.R5RkuFad8xSJK5hQKl__GFQ5XGe98oAfvbZ5b97XfAsNpzg1PYEN8tySotgLiRc4BDqu6prGJAcFX-a_dF0xUw.M18xNjY5NTY4OTY3XzE4
2022-11-27 17:09:27 SUCCESS
ExtractIdTokenFromTokenResponse
Found and parsed the id_token from token_endpoint_response
value
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJ4R2RJeDdrZVlhQmhTX1JNY3o2RUZBIiwiYXVkIjpbIjcxODBlZDFmLWI1NDctNDA3ZS05YjVmLWIyOGNhMjIwZGYxNCJdLCJhdXRoX3RpbWUiOjE2Njk1Njg0MDgsImV4cCI6MTY2OTU3NjE2NywiaWF0IjoxNjY5NTY4OTY3LCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiJhYmFlMDBkNi05ZTNhLTRkNjAtYTI0NS02NTNhYmRlYzNlNDAiLCJuYW1lIjoiSVNWIERldiIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NTY4OTYyLCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoiOGZjNDM2TmRRRlpQUFVabmY3eEN0dyIsInN1YiI6IjYxNjAwMTdONjcifQ.V4auxCvkL6xeBDBrKKs6I3S3bjSYm95cIRroT1R48cScvPs0oSMFvSnUnTcXrFL4sTPB_ik9r9XEl4NS0RVvVm_JP9Kqq516EaElAS0Pn5PLXbEIAE4rb9QAI0i1QNrF0LrloHwPbtYfbdSZlYdBwdvkMd7x8svk1jqRGqrr6dQ8rtmwkNd86aH87BgqAk5YEsetddhn7AJD8x2PcKnheuh0up6F4m9FN1rPufoFNkzhzDbXGSo3KgH0yPk0UC84SVo6SyT33tt1dyg_Y7FzUnwRVGSdcVnFePWsM9j_wq-TmDt32QMXaaa71mOq7znlWIiranlsrvDeHDUFtw808Q
header
{
  "kid": "server",
  "alg": "RS256"
}
claims
{
  "at_hash": "xGdIx7keYaBhS_RMcz6EFA",
  "sub": "6160017N67",
  "rat": 1669568962,
  "realmName": "cloudIdentityRealm",
  "amr": [
    "password"
  ],
  "iss": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "preferred_username": "isvdev@ibm.com",
  "rt_hash": "8fc436NdQFZPPUZnf7xCtw",
  "acr": "urn:ibm:security:policy:id:1",
  "aud": "7180ed1f-b547-407e-9b5f-b28ca220df14",
  "auth_time": 1669568408,
  "name": "ISV Dev",
  "exp": 1669576167,
  "iat": 1669568967,
  "jti": "abae00d6-9e3a-4d60-a245-653abdec3e40"
}
2022-11-27 17:09:27 SUCCESS
ExtractRefreshTokenFromTokenResponse
Extracted refresh token from response
refresh_token
Zn6dhG5SsJCyQViI2PErtHrbkwDyzNM38dkN0Uuu09k.DAETiiM_8mLXpq_76AsrDT9-n0_Ayq9KP6MWJo4btYCOS6TyqhBnoKOkaVDXuXV1cxcI1rmLycCHn6sbD87v_Q.M18xNjY5NTY4OTY3XzE4
2022-11-27 17:09:27 SUCCESS
EnsureMinimumRefreshTokenLength
Refresh token is of sufficient length
actual
1208
required
128
2022-11-27 17:09:27 SUCCESS
EnsureMinimumRefreshTokenEntropy
Calculated shannon entropy seems sufficient
actual
865.2372412078875
expected
96.0
value
Zn6dhG5SsJCyQViI2PErtHrbkwDyzNM38dkN0Uuu09k.DAETiiM_8mLXpq_76AsrDT9-n0_Ayq9KP6MWJo4btYCOS6TyqhBnoKOkaVDXuXV1cxcI1rmLycCHn6sbD87v_Q.M18xNjY5NTY4OTY3XzE4
2022-11-27 17:09:27 SUCCESS
CompareIdTokenClaims
Validated id token claims successfully
iss
{
  "first": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "second": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "note": "Values are expected to be equal"
}
sub
{
  "first": "6160017N67",
  "second": "6160017N67",
  "note": "Values are expected to be equal"
}
iat
{
  "first": 1669568966,
  "second": 1669568967,
  "note": "Values are expected to be different"
}
aud
{
  "first": "7180ed1f-b547-407e-9b5f-b28ca220df14",
  "second": "7180ed1f-b547-407e-9b5f-b28ca220df14",
  "note": "Values are expected to be equal"
}
auth_time
{
  "first": 1669568408,
  "second": 1669568408,
  "note": "Values are expected to be equal"
}
azp
Id tokens do not contain azp claims
Second client: Userinfo endpoint tests
2022-11-27 17:09:27
CallProtectedResource
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/userinfo
request_method
GET
request_headers
{
  "accept": "application/json",
  "authorization": "bearer j0wuiss07EzrTC7jsVmk8eQiugkFZG2Ce3wHt_avOeg.R5RkuFad8xSJK5hQKl__GFQ5XGe98oAfvbZ5b97XfAsNpzg1PYEN8tySotgLiRc4BDqu6prGJAcFX-a_dF0xUw.M18xNjY5NTY4OTY3XzE4",
  "content-length": "0"
}
request_body

                                
2022-11-27 17:09:27 RESPONSE
CallProtectedResource
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AKac3e3164-ea99-4fd5-990e-9e522d323901",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c281638399c707abdd23",
  "content-length": "324",
  "date": "Sun, 27 Nov 2022 17:09:27 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:UHtjafG9t7gCje66BmDdG72Ywd8Jf6OIG4oFI3OAPdo\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:54725591; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003dD343449FE012239E7A2252D5AC7F3885~-1~YAAQ7fnerfTLh3yEAQAAYLQQugjq6pRJCqQ3uDCagf+nMjEY8Jp0zBpWVao1y61KEWubiid5/nxSg9bp5MYuhPj4VtuIDrD6r4X/0niBtbjVnzjv0FOPMMdtl1bqL9pVc7iHBywEmJox+OCPcQmJ3j2YQaO6UNiKW9BT4CiJA0SkKrq6prZAL07+LnQfVSWdLqsoca8tGq2SFC6kp2btqbqvrNMvxt5mLRmiABJ2Ycen2uPgvBjsL1ETNuurxabLcMApUmk7yaBMids2zoyPVLBVXe+uzLpxbLhbAs4Rh6HBxoSSO2oQouQzddbjLC5du3b4KtQgfkIXLEpk6dNREQ+HyeD8vLSABJy8iRZxDf/qIfKr1TOLMFamBb/oD+2NvAC85nQ\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 27 Nov 2023 17:09:27 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d98F3846D3C8929C17B394633A27ACC23~YAAQ7fnerfXLh3yEAQAAYLQQuhHDaVGssFovjg0l/iBkrfY7du17zKw+Wj1ctGz1EktaFjmQJIfYDtaYcUfwnlX9M+Fl02XUFVCbPWwM82oJnKmMZ4NKwTksQv5XvFdrDISAbKAvYKI2snQ66cnkcRO56Z42NnG3IKZCbrJnWIQNpmRXQALCikihlGM/ByKzjhraHXn4Eqv8sZVAsyzqv9CC0R+uQq7DsiCOw/i66oasUwJOdpMFGAU+z93+I8peWprH0qndQNQ9Z7/e/Vj1K+4xeWhHEgCJA9He583xPnuFUSbT3/Al0OaEesPg~3617094~3688003; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dSun, 27 Nov 2022 21:09:27 GMT; Max-Age\u003d14400; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d102",
    "origin; dur\u003d106"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"acr":"urn:ibm:security:policy:id:1","amr":["password"],"aud":["7180ed1f-b547-407e-9b5f-b28ca220df14"],"auth_time":1669568408,"iss":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2","name":"ISV Dev","preferred_username":"isvdev@ibm.com","rat":1669568962,"realmName":"cloudIdentityRealm","sub":"6160017N67"}
2022-11-27 17:09:27 SUCCESS
CallProtectedResource
Got a response from the resource endpoint
status
200
endpoint_name
resource
headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AKac3e3164-ea99-4fd5-990e-9e522d323901",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c281638399c707abdd23",
  "content-length": "324",
  "date": "Sun, 27 Nov 2022 17:09:27 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:UHtjafG9t7gCje66BmDdG72Ywd8Jf6OIG4oFI3OAPdo\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:54725591; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003dD343449FE012239E7A2252D5AC7F3885~-1~YAAQ7fnerfTLh3yEAQAAYLQQugjq6pRJCqQ3uDCagf+nMjEY8Jp0zBpWVao1y61KEWubiid5/nxSg9bp5MYuhPj4VtuIDrD6r4X/0niBtbjVnzjv0FOPMMdtl1bqL9pVc7iHBywEmJox+OCPcQmJ3j2YQaO6UNiKW9BT4CiJA0SkKrq6prZAL07+LnQfVSWdLqsoca8tGq2SFC6kp2btqbqvrNMvxt5mLRmiABJ2Ycen2uPgvBjsL1ETNuurxabLcMApUmk7yaBMids2zoyPVLBVXe+uzLpxbLhbAs4Rh6HBxoSSO2oQouQzddbjLC5du3b4KtQgfkIXLEpk6dNREQ+HyeD8vLSABJy8iRZxDf/qIfKr1TOLMFamBb/oD+2NvAC85nQ\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 27 Nov 2023 17:09:27 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d98F3846D3C8929C17B394633A27ACC23~YAAQ7fnerfXLh3yEAQAAYLQQuhHDaVGssFovjg0l/iBkrfY7du17zKw+Wj1ctGz1EktaFjmQJIfYDtaYcUfwnlX9M+Fl02XUFVCbPWwM82oJnKmMZ4NKwTksQv5XvFdrDISAbKAvYKI2snQ66cnkcRO56Z42NnG3IKZCbrJnWIQNpmRXQALCikihlGM/ByKzjhraHXn4Eqv8sZVAsyzqv9CC0R+uQq7DsiCOw/i66oasUwJOdpMFGAU+z93+I8peWprH0qndQNQ9Z7/e/Vj1K+4xeWhHEgCJA9He583xPnuFUSbT3/Al0OaEesPg~3617094~3688003; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dSun, 27 Nov 2022 21:09:27 GMT; Max-Age\u003d14400; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d102",
    "origin; dur\u003d106"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
body
{"acr":"urn:ibm:security:policy:id:1","amr":["password"],"aud":["7180ed1f-b547-407e-9b5f-b28ca220df14"],"auth_time":1669568408,"iss":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2","name":"ISV Dev","preferred_username":"isvdev@ibm.com","rat":1669568962,"realmName":"cloudIdentityRealm","sub":"6160017N67"}
2022-11-27 17:09:27 SUCCESS
EnsureHttpStatusCodeIs200
resource endpoint returned the expected http status
expected_status
200
http_status
200
Attempting to use refresh_token issued to client 2 with client 1
2022-11-27 17:09:27 SUCCESS
CreateRefreshTokenRequest
Created token endpoint request parameters
grant_type
refresh_token
refresh_token
Zn6dhG5SsJCyQViI2PErtHrbkwDyzNM38dkN0Uuu09k.DAETiiM_8mLXpq_76AsrDT9-n0_Ayq9KP6MWJo4btYCOS6TyqhBnoKOkaVDXuXV1cxcI1rmLycCHn6sbD87v_Q.M18xNjY5NTY4OTY3XzE4
2022-11-27 17:09:27 SUCCESS
AddScopeToTokenEndpointRequest
Added scope of 'openid' to token endpoint request
grant_type
refresh_token
refresh_token
Zn6dhG5SsJCyQViI2PErtHrbkwDyzNM38dkN0Uuu09k.DAETiiM_8mLXpq_76AsrDT9-n0_Ayq9KP6MWJo4btYCOS6TyqhBnoKOkaVDXuXV1cxcI1rmLycCHn6sbD87v_Q.M18xNjY5NTY4OTY3XzE4
scope
openid
2022-11-27 17:09:27 SUCCESS
AddBasicAuthClientSecretAuthenticationParameters
Added basic authorization header
Authorization
Basic ZDg2ODUwNDAtNDlmOC00ZTNhLTkxYzktOWFjNTg5NjczOTFjOk80b2EzT1NrUmM=
2022-11-27 17:09:27
CallTokenEndpointAndReturnFullResponse
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/token
request_method
POST
request_headers
{
  "accept": "application/json",
  "authorization": "Basic ZDg2ODUwNDAtNDlmOC00ZTNhLTkxYzktOWFjNTg5NjczOTFjOk80b2EzT1NrUmM\u003d",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "203"
}
request_body
grant_type=refresh_token&refresh_token=Zn6dhG5SsJCyQViI2PErtHrbkwDyzNM38dkN0Uuu09k.DAETiiM_8mLXpq_76AsrDT9-n0_Ayq9KP6MWJo4btYCOS6TyqhBnoKOkaVDXuXV1cxcI1rmLycCHn6sbD87v_Q.M18xNjY5NTY4OTY3XzE4&scope=openid
2022-11-27 17:09:28 RESPONSE
CallTokenEndpointAndReturnFullResponse
HTTP response
response_status_code
400 BAD_REQUEST
response_status_text
Bad Request
response_headers
{
  "x-backside-transport": "FAIL FAIL",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AKaba232c0-6485-4cdf-8250-f92a6656f0bb",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c281638399c720434a95",
  "content-length": "157",
  "date": "Sun, 27 Nov 2022 17:09:28 GMT",
  "connection": "close",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:VafgqxItl7KHx0Em2ZJ4D9Cpu3hFGNmZytS0uS1pq/8\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:61017047; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003dB9B16E6AA51F93207491326793B28476~-1~YAAQ7fnerf7Lh3yEAQAAmbUQughJZpnoFZAqn84JVaBCwDxDOU36MJb7owoLEDme0YEkMbVLIisKb0G7VzTnMXVlOrned+c/L7PpjVKHynN/K9mWA6V71tgfbvDItQHeBOccP4jCbk8nPlaFDRpf2G7e3/AF2M2tGkD+6gJTpKGP45M0kyvJc8dELO3Fu2nTXnqhw8RHFknx+fKp4qaeBgCAlj8DYQjVsMiiVCTY4S82mGShBwGbf4A2rpmb25pflgdAX11Dg0qU9aOBu1Uu9wgPcmNOFDQWFUg1anRJNyJgIpqJ+p+APx91KUyPsV8EmhjyT5GhHUjTFcgdehnJx1xTv+WHqQYf8lWl2PFCIzfpevFXc4kjRACQvd8blOJdMPbFpw4\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 27 Nov 2023 17:09:28 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003dC04E49361ED744B8EE4FE4127CF934E3~YAAQ7fnerf/Lh3yEAQAAmbUQuhGGBaxMaliYJzidUeJLXtrK6YL8hMp1Cq7dUBHIafOOi+SK8RTkSHWmS4sl5Q4ML56jEsQzSveJK92Uq9Urq/+id5Fx+saDsK7kA2k2b3KhXiaeck049aGOXPhS0dMACiOG/48Z6pkUSKz0+tNoOb5szE+QQGv/3HHdf6aqsH4txApXdCTXhOjkok73xcbsyPTAKaqEnBWoZM1sIXNzRsYURjPmdb/q3fE2xstorL+ba8mE/Fo4ZtKl2won/dhx4ulWd05AAOJge8XjqKS4actrEci0UUPc7FVI~3617094~3688003; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dSun, 27 Nov 2022 21:09:27 GMT; Max-Age\u003d14399; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d107",
    "origin; dur\u003d114"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"error":"invalid_grant","error_description":"CSIAQ5087E The OAuth 2.0 Client ID from this request does not match the ID during the initial token issuance."}
2022-11-27 17:09:28 SUCCESS
CallTokenEndpointAndReturnFullResponse
Parsed token endpoint response
error
invalid_grant
error_description
CSIAQ5087E The OAuth 2.0 Client ID from this request does not match the ID during the initial token issuance.
2022-11-27 17:09:28 SUCCESS
ValidateErrorFromTokenEndpointResponseError
Token endpoint response error returned valid 'error' field
error
invalid_grant
2022-11-27 17:09:28 SUCCESS
CheckTokenEndpointHttpStatus400
Token endpoint http status code was 400
2022-11-27 17:09:28 SUCCESS
CheckTokenEndpointReturnedJsonContentType
token_endpoint_response_headers Content-Type: header is application/json
2022-11-27 17:09:28 SUCCESS
CheckErrorFromTokenEndpointResponseErrorInvalidGrant
Token Endpoint response error returned expected 'error' of 'invalid_grant'
expected
[
  "invalid_grant"
]
2022-11-27 17:09:28 FINISHED
oidcc-refresh-token
Test has run to completion
testmodule_result
PASSED
Unregister dynamically registered client
2022-11-27 17:09:28
UnregisterDynamicallyRegisteredClient
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register/d8685040-49f8-4e3a-91c9-9ac58967391c
request_method
DELETE
request_headers
{
  "accept": "application/json",
  "authorization": "Bearer YcWZdbYzAjUFb0ZeaXSd05oKXYu2ffLHeKvUEVaErKo.S4oiB_043c5-1ajqZpMjprj4PrR8Igoe6iX3vcYbTmtk3Udvleqie-vq0h-yyG6tIJFtdkA8A51rOVucJpMcUA.M18xNjY5NTY4OTQ3XzE4",
  "content-length": "0"
}
request_body

                                
2022-11-27 17:09:29 RESPONSE
UnregisterDynamicallyRegisteredClient
HTTP response
response_status_code
204 NO_CONTENT
response_status_text
No Content
response_headers
{
  "x-backside-transport": "OK OK",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK52a2da6b-a3f0-4286-9e10-b934536dcd2a",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c281638399c820434d45",
  "date": "Sun, 27 Nov 2022 17:09:29 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:pkLlhV80LvzUqR1C7GedNysIVqYmLNpT/YF83XTBn5U\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:54725591; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003dFF2079A1F27A6248CCDBCE775DE104CD~-1~YAAQ7fnerQzMh3yEAQAAL7wQugilbm+wQr4cW/HHMPK7O3jV2Qkjy+g+UnHDzkq04dAwzYNMbe/I9rRjoVCEox5SIAjLvZK1z4aGat/iP2v4Pc1m9diwYwHdqlu+EMBTUBLl6hDYbd4FE0bFcE+HxsQBf2BKUFh9d8d/ekqIxKu6nCqCgZ2f0SmUgFK9oPRtMFzkJvlrllD/PVEDw1eyvdERahq1oPBJ5rImAPoMCrkKRR/DVzyeNW05IrCWXve0Jbwm1D4ztQFydVFFhDnfXBmbL4lJWYDMZMIV5GZvcD7L+zABJkBXpGC//Qasogu5BEDZ/X6y447oDFa/WbJJSP3NIEiV86LJaf1tR/AJ6BMKy3P6LHyRZLgJ+AtChkoqZcfGzD8\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 27 Nov 2023 17:09:29 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d6A0375CBCE62040A05D70B5CA881B417~YAAQ7fnerQ3Mh3yEAQAAL7wQuhFVi2WJnvQjUItTLiifv/DOeHoJ/aAYydl2O3pYfID9yJ6NQGRdVzGZ5TIsP/C/mze3N+D+pbBxorlw6BcFeKvShliZXUVbxq3Ccom6DPJqOzDV4mY6U/OgRi/OHJr87kNJ+CG3yCE64IIrDmzqvFFHeunYxruz0CUS8QH7YWCqZ3umnEYPKX1EaelTFFpGzsmAwalCpEOgBUnyv7SHH82Gyxx9zSUlktItA+QNGah95ByykSrHVOVjEAcQ0XOpQFUKNbXk4bmsPyaBnb89Wt97AgCImrzPPCTC~3293764~3356467; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dSun, 27 Nov 2022 21:09:28 GMT; Max-Age\u003d14399; Secure"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body

                                
2022-11-27 17:09:29 SUCCESS
UnregisterDynamicallyRegisteredClient
Client successfully unregistered
Second client: Unregister dynamically registered client
2022-11-27 17:09:29
UnregisterDynamicallyRegisteredClient
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register/7180ed1f-b547-407e-9b5f-b28ca220df14
request_method
DELETE
request_headers
{
  "accept": "application/json",
  "authorization": "Bearer tHSFpH3mZZ2JEb352Sn2eGibn0ckimF1kTCkO8uqf3s.yRBBSV3tQpjQbbVdSSPl4aJpa7RXShMIuouTyFp2czWiVfhr5ORu32hDcnNW9bA5sP3k8pVOJ9unDEUvDfPgmg.M18xNjY5NTY4OTQ5XzE4",
  "content-length": "0"
}
request_body

                                
2022-11-27 17:09:31 RESPONSE
UnregisterDynamicallyRegisteredClient
HTTP response
response_status_code
204 NO_CONTENT
response_status_text
No Content
response_headers
{
  "x-backside-transport": "OK OK",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AKc5480a9d-ca73-494d-92e6-a50dbafdd09b",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c281638399ca35115331",
  "date": "Sun, 27 Nov 2022 17:09:31 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:3LXQSrx/M/Vvb5bHg27Qv17Exmncvxq9PKwAQfug6hU\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:54725591; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d6C27CACE16197B32C63833055B0F0568~-1~YAAQ7fnerRvMh3yEAQAAesEQugj2GhQyl9qN40tmjVpEdx9Glu8fVLqyr2b82kOXnqnFSax8afmVvyTcMJRM3CnB61RtLgObpUKifJM6fN3KS8w5920TvaCCT+hCQfvw9DIAYtBm1y7wvjLglUqYrbZxn+9Ls3x2R1agjTrwcyyR7tBtz508s478p77hnr39V+fogIvix7CBamgBXyrghaErK0G+V+9DHMMS//GYp7zHKBMweHwaHWUi8NzEERRDeRy0yday5puwSmwWWZi6GE/6+wqZhUeOmdQrnI2Ues7VuoOb53PmvShehjZsbOQjzZPrVZUUvOolnTyKjX3XFf/b8GJEu/BsQvcatBZykVZEuB6X/fMXY0BAHJnGxRjhFnMaZUk\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 27 Nov 2023 17:09:31 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d0CC90E8FAF725318C1BB60D8C75ED735~YAAQ7fnerRzMh3yEAQAAesEQuhEog6E5qk0eD15dZqnOGuIv9lN6LLz0TctLLQLpBAPGkZBlRONxjW8I+NUP+uVl/Z3I1sKVS6Y5PmCCjJ0CgTdJnpcDCRnSDiXySNz4+48LX6wpkd7LQZip1EQYtcCmHtmdvOhQ0Sl6B1lZUgcugJ0tOzhT7uEVIWqTTiZo/EaaY9bXYRODvgMwYDMw4nR4yKH9/JqXAqoudQVOsBTAyunF2apoX3U+fpni8qs2ePs+n/pYqO7BP+G7IBYX4Hp6FYBhuK/cTrS7Gh3xA5NC2TQM7vPYWMoDcYa5~3359299~4538691; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dSun, 27 Nov 2022 21:09:29 GMT; Max-Age\u003d14398; Secure"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body

                                
2022-11-27 17:09:31 SUCCESS
UnregisterDynamicallyRegisteredClient
Client successfully unregistered
2022-11-27 17:09:32
TEST-RUNNER
Alias has now been claimed by another test
alias
isv_op_oidc_core_test
new_test_id
GMrU48u7vLySnyu
Test Results