Test Summary

Test Results

Expand All Collapse All
All times are UTC
2022-11-27 18:34:38 INFO
TEST-RUNNER
Test instance h5RcmlX92Fa2SOe created
baseUrl
https://www.certification.openid.net/test/a/isv_op_oidc_core_test
variant
{
  "client_auth_type": "client_secret_basic",
  "response_type": "code id_token token",
  "server_metadata": "discovery",
  "response_mode": "default",
  "client_registration": "dynamic_client"
}
alias
isv_op_oidc_core_test
description
isv_op_oidc_core_test_dynamic_client
planId
rdCLwWmseshp4
config
{
  "server": {
    "discoveryUrl": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/.well-known/openid-configuration",
    "login_hint": "isvdev@ibm.com"
  },
  "client": {
    "client_name": "Ristretto Core Conformance Test Dynamic Client One"
  },
  "client2": {
    "client_name": "Ristretto Core Conformance Test Dynamic Client Two"
  },
  "consent": {},
  "alias": "isv_op_oidc_core_test",
  "description": "isv_op_oidc_core_test_dynamic_client"
}
testName
oidcc-refresh-token
2022-11-27 18:34:38 SUCCESS
CreateRedirectUri
Created redirect URI
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
2022-11-27 18:34:38
GetDynamicServerConfiguration
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/.well-known/openid-configuration
request_method
GET
request_headers
{
  "accept": "text/plain, application/json, application/*+json, */*",
  "content-length": "0"
}
request_body

                                
2022-11-27 18:34:38 RESPONSE
GetDynamicServerConfiguration
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK7ad997e9-7569-4854-90a9-cc23e278bf29",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c2816383adbe35518c81",
  "vary": "Accept-Encoding",
  "date": "Sun, 27 Nov 2022 18:34:38 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:zc3xJ6T2XK5hUxAinwnngRViw/xT6CnxuZD6L02+Pms\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:57871319; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d85DD2115473B0FEE143B62C8E9C35783~-1~YAAQTPnerdsWjHWEAQAAU7FeughRuhM2dhjWLdOxU3qvjyY2Ln5F2FUG3DGyNYhoje6797GuXVrak31lpBzqlJVQyly5YBB/5SKUi/zep3Kn1/P16IdP5USFwkLdKidl/WoIOskkx/ZMhClsek/Hb8CaComKhyU78bDOBntFyp7DyBFV8PaqTN92rZIXygNLJ51ro5WNVyooswG7Uxe9hOo0LDI+qnHG7+R+Sznsmmn90/OBian4y5RL2zaI5BD4EzlAKejZNGDBJS3UzeAnYOnIt9Xns9fDC2cmy5Q15/e0lN9HoH0KMrSvwdyjl5dnt+ppJ5J3AbEK69VEz+jfHaPxG49Q0EZkh9hG2I80JG9tCaE8cqGzft3glzBNMzN4AQL35Yw\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 27 Nov 2023 18:34:38 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d75E4FBF8107EDDFE100F8F6848EDF387~YAAQTPnerdwWjHWEAQAAU7FeuhH1CHst1dMP+42aebnLxlNZgMJJfiFywIDrC0Ai1Nh/7XV4wwwtb8pjURmLpYX46dJRj3IN1vOKewZOpD1Z/M/4Yj2RKM7cjr7gL0kHUCQ0D351KjD+NsaQWlNrkw+tFoyHxlkAKaGn952be36lf2+Lsq6dXmI+AuAQRzXdbb0Qhs1Deg0/eeSlG3Ofao5oj8jG1ckNKAEW7iK1anLLGHIjNXqTWcTkc4vC9dF6jzybSNBG83337/HOsZcXJWWPuzIDWwHth+iUQdmL0bMPzH2HhAz0hgfEAobe~4601141~3163185; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dSun, 27 Nov 2022 22:34:38 GMT; Max-Age\u003d14400; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d114",
    "origin; dur\u003d98"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"issuer":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2","authorization_endpoint":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/authorize","token_endpoint":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/token","introspection_endpoint":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/introspect","userinfo_endpoint":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/userinfo","revocation_endpoint":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/revoke","pushed_authorization_request_endpoint":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/par","registration_endpoint":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register","jwks_uri":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/jwks","response_types_supported":["none","code","token","id_token","code token","code id_token","token id_token","code token id_token"],"response_modes_supported":["query","fragment","form_post","jwt","query.jwt","fragment.jwt","form_post.jwt"],"grant_types_supported":["authorization_code","implicit","password","refresh_token","client_credentials"],"token_endpoint_auth_methods_supported":["client_secret_basic","client_secret_post","private_key_jwt","tls_client_auth"],"authorization_signing_alg_values_supported":["RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512"],"authorization_encryption_alg_values_supported":["none","RSA-OAEP","RSA-OAEP-256"],"authorization_encryption_enc_values_supported":["none","A128GCM","A192GCM","A256GCM"],"id_token_signing_alg_values_supported":["RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512"],"id_token_encryption_alg_values_supported":["none","RSA-OAEP","RSA-OAEP-256"],"id_token_encryption_enc_values_supported":["none","A128GCM","A192GCM","A256GCM"],"userinfo_signing_alg_values_supported":["RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512"],"userinfo_encryption_alg_values_supported":["none","RSA-OAEP","RSA-OAEP-256"],"userinfo_encryption_enc_values_supported":["none","A128GCM","A192GCM","A256GCM"],"token_endpoint_auth_signing_alg_values_supported":["RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512"],"request_object_signing_alg_values_supported":["RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512"],"request_object_encryption_alg_values_supported":["none","RSA-OAEP","RSA-OAEP-256"],"request_object_encryption_enc_values_supported":["none","A128GCM","A192GCM","A256GCM"],"subject_types_supported":["public"],"scopes_supported":["openid","profile","email","phone","address"],"claims_supported":["realmName","groupIds","family_name","job_title","uid","email","name","preferred_username","given_name","tenantId","employee_id","mobile_number","department","upn","iss","acr"],"claim_types_supported":["normal"],"claims_parameter_supported":true,"request_parameter_supported":true,"request_uri_parameter_supported":true,"require_request_uri_registration":true,"tls_client_certificate_bound_access_tokens":true,"mtls_endpoint_aliases":{"introspection_endpoint":"https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/introspect","pushed_authorization_request_endpoint":"https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/par","revocation_endpoint":"https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/revoke","token_endpoint":"https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/token"},"dpop_signing_alg_values_supported":["RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512"]}
2022-11-27 18:34:38 SUCCESS
GetDynamicServerConfiguration
Successfully parsed server configuration
issuer
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2
authorization_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/authorize
token_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/token
introspection_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/introspect
userinfo_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/userinfo
revocation_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/revoke
pushed_authorization_request_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/par
registration_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register
jwks_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/jwks
response_types_supported
[
  "none",
  "code",
  "token",
  "id_token",
  "code token",
  "code id_token",
  "token id_token",
  "code token id_token"
]
response_modes_supported
[
  "query",
  "fragment",
  "form_post",
  "jwt",
  "query.jwt",
  "fragment.jwt",
  "form_post.jwt"
]
grant_types_supported
[
  "authorization_code",
  "implicit",
  "password",
  "refresh_token",
  "client_credentials"
]
token_endpoint_auth_methods_supported
[
  "client_secret_basic",
  "client_secret_post",
  "private_key_jwt",
  "tls_client_auth"
]
authorization_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "PS256",
  "PS384",
  "PS512",
  "ES256",
  "ES384",
  "ES512"
]
authorization_encryption_alg_values_supported
[
  "none",
  "RSA-OAEP",
  "RSA-OAEP-256"
]
authorization_encryption_enc_values_supported
[
  "none",
  "A128GCM",
  "A192GCM",
  "A256GCM"
]
id_token_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "PS256",
  "PS384",
  "PS512",
  "ES256",
  "ES384",
  "ES512"
]
id_token_encryption_alg_values_supported
[
  "none",
  "RSA-OAEP",
  "RSA-OAEP-256"
]
id_token_encryption_enc_values_supported
[
  "none",
  "A128GCM",
  "A192GCM",
  "A256GCM"
]
userinfo_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "PS256",
  "PS384",
  "PS512",
  "ES256",
  "ES384",
  "ES512"
]
userinfo_encryption_alg_values_supported
[
  "none",
  "RSA-OAEP",
  "RSA-OAEP-256"
]
userinfo_encryption_enc_values_supported
[
  "none",
  "A128GCM",
  "A192GCM",
  "A256GCM"
]
token_endpoint_auth_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "PS256",
  "PS384",
  "PS512",
  "ES256",
  "ES384",
  "ES512"
]
request_object_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "PS256",
  "PS384",
  "PS512",
  "ES256",
  "ES384",
  "ES512"
]
request_object_encryption_alg_values_supported
[
  "none",
  "RSA-OAEP",
  "RSA-OAEP-256"
]
request_object_encryption_enc_values_supported
[
  "none",
  "A128GCM",
  "A192GCM",
  "A256GCM"
]
subject_types_supported
[
  "public"
]
scopes_supported
[
  "openid",
  "profile",
  "email",
  "phone",
  "address"
]
claims_supported
[
  "realmName",
  "groupIds",
  "family_name",
  "job_title",
  "uid",
  "email",
  "name",
  "preferred_username",
  "given_name",
  "tenantId",
  "employee_id",
  "mobile_number",
  "department",
  "upn",
  "iss",
  "acr"
]
claim_types_supported
[
  "normal"
]
claims_parameter_supported
true
request_parameter_supported
true
request_uri_parameter_supported
true
require_request_uri_registration
true
tls_client_certificate_bound_access_tokens
true
mtls_endpoint_aliases
{
  "introspection_endpoint": "https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/introspect",
  "pushed_authorization_request_endpoint": "https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/par",
  "revocation_endpoint": "https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/revoke",
  "token_endpoint": "https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/token"
}
dpop_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "PS256",
  "PS384",
  "PS512",
  "ES256",
  "ES384",
  "ES512"
]
2022-11-27 18:34:38 SUCCESS
CheckServerConfiguration
Found required server configuration keys
required
[
  "authorization_endpoint",
  "token_endpoint",
  "issuer"
]
2022-11-27 18:34:38 SUCCESS
ExtractTLSTestValuesFromServerConfiguration
Extracted TLS information from authorization server configuration
registration_endpoint
{
  "testHost": "oidc-conformance.rel.verify.ibmcloudsecurity.com",
  "testPort": 443
}
authorization_endpoint
{
  "testHost": "oidc-conformance.rel.verify.ibmcloudsecurity.com",
  "testPort": 443
}
token_endpoint
{
  "testHost": "oidc-conformance.rel.verify.ibmcloudsecurity.com",
  "testPort": 443
}
userinfo_endpoint
{
  "testHost": "oidc-conformance.rel.verify.ibmcloudsecurity.com",
  "testPort": 443
}
2022-11-27 18:34:38
FetchServerKeys
Fetching server key
jwks_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/jwks
2022-11-27 18:34:38
FetchServerKeys
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/jwks
request_method
GET
request_headers
{
  "accept": "text/plain, application/json, application/*+json, */*",
  "content-length": "0"
}
request_body

                                
2022-11-27 18:34:39 RESPONSE
FetchServerKeys
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK2be732de-378a-4d5b-8c46-68c5aa659ca0",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c2816383adbe35518b01",
  "vary": "Accept-Encoding",
  "date": "Sun, 27 Nov 2022 18:34:39 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:Bu4i6qK87S4ni0vLm0c69zsO2B73brPu+IsOgZ8txZE\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:54725591; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003dB50D33225BB09619BF1C49AA4D7F9D9B~-1~YAAQTPnerQAXjHWEAQAASLNeugiNycNSr0enYRmIR6TEJEu5ELZbLbSSTeImfl4LSNqUjsfnEWZLsrKudPojEcOf2X4/BFGx9csd2a+kHcNpmp2bHMFPEM3nEID/2Gd+2VMHoIQu29D04B76vSDfzrrtptfPYDC+PGzTiJfdwgGdaHrLoawPD4LhLkeCum2YqN09gAmUPqJtSqFGH2iltTA4yge11GY7NYd0VdDQFhnLhdw/ADeczcKDQfwJKTwWeQGy1jrMnp2enShBVDB/fmRzn1NyxpqniIWTMgLNIqWeDt2hJNW8eoWtDnsKSiebV7qaHAn7pJi5rvj0mdUnatVQozyQyrkdURQHI9sMoly5xtdKLozM9XLO+gYXvABZhoWYRmc\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 27 Nov 2023 18:34:39 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d77A784439771A5F1DBDC7B4E88219AB5~YAAQTPnerQEXjHWEAQAASLNeuhGpXuPKRBGSj8idYnvxcZ/4pBHle+0p8TR32pO+4WynmozEzqUiKxbkeV6Z1DpooEDesCG48DZD2+j1kW03CHUdXAEhPA42YmedvP9G0AKYWLOD1ZUKccYWK3uc17HYY4xngJGszcgCgekOSjlgtvuHUZJSvwdSQJAoO7N+L3/yQlamUYgXfGJYaGsydcIMOSlyoZEBJFJdbDW20jSH+dCVfRGriVwIqHuTLVXpIfkM3WjLWmxsDSshzcyjdeFDycKp/pxq3C3/rJe3JQQv93cR1DnY4hLwD7N4~4601141~3163185; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dSun, 27 Nov 2022 22:34:38 GMT; Max-Age\u003d14399; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d146",
    "origin; dur\u003d274"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"keys":[{"kid":"server","kty":"RSA","use":"sig","x5c":["MIIDYDCCAkigAwIBAgIEIFW8uDANBgkqhkiG9w0BAQsFADByMQkwBwYDVQQGEwAxCTAHBgNVBAgTADEJMAcGA1UEBxMAMQkwBwYDVQQKEwAxCTAHBgNVBAsTADE5MDcGA1UEAxMwb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tMB4XDTIyMTExNDA0NDI0MFoXDTMyMTExMTA0NDI0MFowcjEJMAcGA1UEBhMAMQkwBwYDVQQIEwAxCTAHBgNVBAcTADEJMAcGA1UEChMAMQkwBwYDVQQLEwAxOTA3BgNVBAMTMG9pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALBtmxl55OH/ceueSG0bRucWkdCLybhWwz+x9J6IOb8Q89d4lcd7xhdkN+9nYEjqQMDrUEFDj2ajikKlxrJk7tZSkbu5skFuxHUETDhjHBqnNQb1jwhAdYzBPFTyQ9Ii7lm0uYTthnBJKvpvjKPoz7H9Vuu15RNDujq7RF6sDGSIJUTaxbx7EM2Xv37iqfSAjaMCvfLelacNHUfCAoyGeJYXCIOnlg2/KdfoN4QHKw9Dwq12Br2vau/TcvbD8Na4b+Mm/NEf00wFjt+MtbMCDyUFMQbsAuAk2eFS3eABb1VOQ9ZZOOcsXwB4nRewWIVVhJyMEixDXxm73G9oJBUpI6sCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAhvvrczfcb1xsYJeEiVtctWlLfHXyKkfyJpIU1nTGdKpd18tPv4OeLMyuJsOFenhJD95UauFwz3AT1zdHShp04JHWTtkb7aezFN4C9fpb97BUR0BheoYzkC6pgZ7M4QkkKE/AKYZfWLahqcbZ6ICmUfXyDJ2mWpXLpLm+l6jh32NF74ho8h4b65cMpDk5mFEp9vf1WgnmaWGtFjVuhAgaS8IrYcDy3DzVrZX/0kCPa0EXng7Xx1IkhUaKz0ajx3ZCmC6HmNa6U+oDKboGq7w1ZfscjOr8nB9M0f5BUAQN1m0nGAR1Ac96BMjfwwS/05lpPLF3Dv5CzOGLuIi0Cws7xA=="],"x5t#S256":"PVCDmVgwC-YE7Q8Bfe_9jJ8izpYjwStjUEYZEe-58Y4","n":"sG2bGXnk4f9x655IbRtG5xaR0IvJuFbDP7H0nog5vxDz13iVx3vGF2Q372dgSOpAwOtQQUOPZqOKQqXGsmTu1lKRu7myQW7EdQRMOGMcGqc1BvWPCEB1jME8VPJD0iLuWbS5hO2GcEkq-m-Mo-jPsf1W67XlE0O6OrtEXqwMZIglRNrFvHsQzZe_fuKp9ICNowK98t6Vpw0dR8ICjIZ4lhcIg6eWDb8p1-g3hAcrD0PCrXYGva9q79Ny9sPw1rhv4yb80R_TTAWO34y1swIPJQUxBuwC4CTZ4VLd4AFvVU5D1lk45yxfAHidF7BYhVWEnIwSLENfGbvcb2gkFSkjqw","e":"AQAB"}]}
2022-11-27 18:34:39
FetchServerKeys
Found JWK set string
jwk_string
{"keys":[{"kid":"server","kty":"RSA","use":"sig","x5c":["MIIDYDCCAkigAwIBAgIEIFW8uDANBgkqhkiG9w0BAQsFADByMQkwBwYDVQQGEwAxCTAHBgNVBAgTADEJMAcGA1UEBxMAMQkwBwYDVQQKEwAxCTAHBgNVBAsTADE5MDcGA1UEAxMwb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tMB4XDTIyMTExNDA0NDI0MFoXDTMyMTExMTA0NDI0MFowcjEJMAcGA1UEBhMAMQkwBwYDVQQIEwAxCTAHBgNVBAcTADEJMAcGA1UEChMAMQkwBwYDVQQLEwAxOTA3BgNVBAMTMG9pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALBtmxl55OH/ceueSG0bRucWkdCLybhWwz+x9J6IOb8Q89d4lcd7xhdkN+9nYEjqQMDrUEFDj2ajikKlxrJk7tZSkbu5skFuxHUETDhjHBqnNQb1jwhAdYzBPFTyQ9Ii7lm0uYTthnBJKvpvjKPoz7H9Vuu15RNDujq7RF6sDGSIJUTaxbx7EM2Xv37iqfSAjaMCvfLelacNHUfCAoyGeJYXCIOnlg2/KdfoN4QHKw9Dwq12Br2vau/TcvbD8Na4b+Mm/NEf00wFjt+MtbMCDyUFMQbsAuAk2eFS3eABb1VOQ9ZZOOcsXwB4nRewWIVVhJyMEixDXxm73G9oJBUpI6sCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAhvvrczfcb1xsYJeEiVtctWlLfHXyKkfyJpIU1nTGdKpd18tPv4OeLMyuJsOFenhJD95UauFwz3AT1zdHShp04JHWTtkb7aezFN4C9fpb97BUR0BheoYzkC6pgZ7M4QkkKE/AKYZfWLahqcbZ6ICmUfXyDJ2mWpXLpLm+l6jh32NF74ho8h4b65cMpDk5mFEp9vf1WgnmaWGtFjVuhAgaS8IrYcDy3DzVrZX/0kCPa0EXng7Xx1IkhUaKz0ajx3ZCmC6HmNa6U+oDKboGq7w1ZfscjOr8nB9M0f5BUAQN1m0nGAR1Ac96BMjfwwS/05lpPLF3Dv5CzOGLuIi0Cws7xA=="],"x5t#S256":"PVCDmVgwC-YE7Q8Bfe_9jJ8izpYjwStjUEYZEe-58Y4","n":"sG2bGXnk4f9x655IbRtG5xaR0IvJuFbDP7H0nog5vxDz13iVx3vGF2Q372dgSOpAwOtQQUOPZqOKQqXGsmTu1lKRu7myQW7EdQRMOGMcGqc1BvWPCEB1jME8VPJD0iLuWbS5hO2GcEkq-m-Mo-jPsf1W67XlE0O6OrtEXqwMZIglRNrFvHsQzZe_fuKp9ICNowK98t6Vpw0dR8ICjIZ4lhcIg6eWDb8p1-g3hAcrD0PCrXYGva9q79Ny9sPw1rhv4yb80R_TTAWO34y1swIPJQUxBuwC4CTZ4VLd4AFvVU5D1lk45yxfAHidF7BYhVWEnIwSLENfGbvcb2gkFSkjqw","e":"AQAB"}]}
2022-11-27 18:34:39 SUCCESS
FetchServerKeys
Found server JWK set
server_jwks
{
  "keys": [
    {
      "kid": "server",
      "kty": "RSA",
      "use": "sig",
      "x5c": [
        "MIIDYDCCAkigAwIBAgIEIFW8uDANBgkqhkiG9w0BAQsFADByMQkwBwYDVQQGEwAxCTAHBgNVBAgTADEJMAcGA1UEBxMAMQkwBwYDVQQKEwAxCTAHBgNVBAsTADE5MDcGA1UEAxMwb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tMB4XDTIyMTExNDA0NDI0MFoXDTMyMTExMTA0NDI0MFowcjEJMAcGA1UEBhMAMQkwBwYDVQQIEwAxCTAHBgNVBAcTADEJMAcGA1UEChMAMQkwBwYDVQQLEwAxOTA3BgNVBAMTMG9pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALBtmxl55OH/ceueSG0bRucWkdCLybhWwz+x9J6IOb8Q89d4lcd7xhdkN+9nYEjqQMDrUEFDj2ajikKlxrJk7tZSkbu5skFuxHUETDhjHBqnNQb1jwhAdYzBPFTyQ9Ii7lm0uYTthnBJKvpvjKPoz7H9Vuu15RNDujq7RF6sDGSIJUTaxbx7EM2Xv37iqfSAjaMCvfLelacNHUfCAoyGeJYXCIOnlg2/KdfoN4QHKw9Dwq12Br2vau/TcvbD8Na4b+Mm/NEf00wFjt+MtbMCDyUFMQbsAuAk2eFS3eABb1VOQ9ZZOOcsXwB4nRewWIVVhJyMEixDXxm73G9oJBUpI6sCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAhvvrczfcb1xsYJeEiVtctWlLfHXyKkfyJpIU1nTGdKpd18tPv4OeLMyuJsOFenhJD95UauFwz3AT1zdHShp04JHWTtkb7aezFN4C9fpb97BUR0BheoYzkC6pgZ7M4QkkKE/AKYZfWLahqcbZ6ICmUfXyDJ2mWpXLpLm+l6jh32NF74ho8h4b65cMpDk5mFEp9vf1WgnmaWGtFjVuhAgaS8IrYcDy3DzVrZX/0kCPa0EXng7Xx1IkhUaKz0ajx3ZCmC6HmNa6U+oDKboGq7w1ZfscjOr8nB9M0f5BUAQN1m0nGAR1Ac96BMjfwwS/05lpPLF3Dv5CzOGLuIi0Cws7xA\u003d\u003d"
      ],
      "x5t#S256": "PVCDmVgwC-YE7Q8Bfe_9jJ8izpYjwStjUEYZEe-58Y4",
      "n": "sG2bGXnk4f9x655IbRtG5xaR0IvJuFbDP7H0nog5vxDz13iVx3vGF2Q372dgSOpAwOtQQUOPZqOKQqXGsmTu1lKRu7myQW7EdQRMOGMcGqc1BvWPCEB1jME8VPJD0iLuWbS5hO2GcEkq-m-Mo-jPsf1W67XlE0O6OrtEXqwMZIglRNrFvHsQzZe_fuKp9ICNowK98t6Vpw0dR8ICjIZ4lhcIg6eWDb8p1-g3hAcrD0PCrXYGva9q79Ny9sPw1rhv4yb80R_TTAWO34y1swIPJQUxBuwC4CTZ4VLd4AFvVU5D1lk45yxfAHidF7BYhVWEnIwSLENfGbvcb2gkFSkjqw",
      "e": "AQAB"
    }
  ]
}
2022-11-27 18:34:39 SUCCESS
CheckServerKeysIsValid
Server JWKs is valid
server_jwks
{
  "keys": [
    {
      "kid": "server",
      "kty": "RSA",
      "use": "sig",
      "x5c": [
        "MIIDYDCCAkigAwIBAgIEIFW8uDANBgkqhkiG9w0BAQsFADByMQkwBwYDVQQGEwAxCTAHBgNVBAgTADEJMAcGA1UEBxMAMQkwBwYDVQQKEwAxCTAHBgNVBAsTADE5MDcGA1UEAxMwb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tMB4XDTIyMTExNDA0NDI0MFoXDTMyMTExMTA0NDI0MFowcjEJMAcGA1UEBhMAMQkwBwYDVQQIEwAxCTAHBgNVBAcTADEJMAcGA1UEChMAMQkwBwYDVQQLEwAxOTA3BgNVBAMTMG9pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALBtmxl55OH/ceueSG0bRucWkdCLybhWwz+x9J6IOb8Q89d4lcd7xhdkN+9nYEjqQMDrUEFDj2ajikKlxrJk7tZSkbu5skFuxHUETDhjHBqnNQb1jwhAdYzBPFTyQ9Ii7lm0uYTthnBJKvpvjKPoz7H9Vuu15RNDujq7RF6sDGSIJUTaxbx7EM2Xv37iqfSAjaMCvfLelacNHUfCAoyGeJYXCIOnlg2/KdfoN4QHKw9Dwq12Br2vau/TcvbD8Na4b+Mm/NEf00wFjt+MtbMCDyUFMQbsAuAk2eFS3eABb1VOQ9ZZOOcsXwB4nRewWIVVhJyMEixDXxm73G9oJBUpI6sCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAhvvrczfcb1xsYJeEiVtctWlLfHXyKkfyJpIU1nTGdKpd18tPv4OeLMyuJsOFenhJD95UauFwz3AT1zdHShp04JHWTtkb7aezFN4C9fpb97BUR0BheoYzkC6pgZ7M4QkkKE/AKYZfWLahqcbZ6ICmUfXyDJ2mWpXLpLm+l6jh32NF74ho8h4b65cMpDk5mFEp9vf1WgnmaWGtFjVuhAgaS8IrYcDy3DzVrZX/0kCPa0EXng7Xx1IkhUaKz0ajx3ZCmC6HmNa6U+oDKboGq7w1ZfscjOr8nB9M0f5BUAQN1m0nGAR1Ac96BMjfwwS/05lpPLF3Dv5CzOGLuIi0Cws7xA\u003d\u003d"
      ],
      "x5t#S256": "PVCDmVgwC-YE7Q8Bfe_9jJ8izpYjwStjUEYZEe-58Y4",
      "n": "sG2bGXnk4f9x655IbRtG5xaR0IvJuFbDP7H0nog5vxDz13iVx3vGF2Q372dgSOpAwOtQQUOPZqOKQqXGsmTu1lKRu7myQW7EdQRMOGMcGqc1BvWPCEB1jME8VPJD0iLuWbS5hO2GcEkq-m-Mo-jPsf1W67XlE0O6OrtEXqwMZIglRNrFvHsQzZe_fuKp9ICNowK98t6Vpw0dR8ICjIZ4lhcIg6eWDb8p1-g3hAcrD0PCrXYGva9q79Ny9sPw1rhv4yb80R_TTAWO34y1swIPJQUxBuwC4CTZ4VLd4AFvVU5D1lk45yxfAHidF7BYhVWEnIwSLENfGbvcb2gkFSkjqw",
      "e": "AQAB"
    }
  ]
}
2022-11-27 18:34:39 SUCCESS
ValidateServerJWKs
Valid server JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2022-11-27 18:34:39 SUCCESS
CheckForKeyIdInServerJWKs
All keys contain kids
2022-11-27 18:34:39 SUCCESS
CheckDistinctKeyIdValueInServerJWKs
Distinct 'kid' value in all keys of server_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2022-11-27 18:34:39 SUCCESS
EnsureServerJwksDoesNotContainPrivateOrSymmetricKeys
Jwks does not contain any private or symmetric keys
2022-11-27 18:34:39
StoreOriginalClientConfiguration
Created original_client_config object from the client configuration.
client_name
Ristretto Core Conformance Test Dynamic Client One
2022-11-27 18:34:39
ExtractClientNameFromStoredConfig
Extracted client_name from stored client configuration.
client_name
Ristretto Core Conformance Test Dynamic Client One
2022-11-27 18:34:39 SUCCESS
GenerateRS256ClientJWKs
Generated client JWKs
client_jwks
{
  "keys": [
    {
      "p": "-Svng_piSqqGjQ7u57U_tQbD7ueiJT3dS5c_NegwRJM2kj5vrAHNSih_hcyseM5NvAWupRharDmEXtQhMcyGFI06S9prakhvunpFcJ1unxxmUNPvXNEVaF9RkEVUgkJ9m92cpzRst8A_TuTTle8IvHu3HyErUWkwvfwWT5QUqek",
      "kty": "RSA",
      "q": "rui4bolKgqYGlElWT4d-QoZnq8W7j2wjtGAy0ApH1MR1CmKdwBxYhQR_AK_My4Rda59G17_ChlbaXHdrLpnKRXl4FGWiYbTn0BgnvAgIIguZ8lCwUlNo6d_38-C_J9gE_szhEzX10gqaety7XH-_PeeDWDfhSiNZUkxDopYiFm0",
      "d": "JNUWwjS0pCKbWSOkDoqSCltIS-fiwADaFYrYI6rPEwlyezdGyoQTl4Z854xDEMVPAlHwgBdGmRCGSYT_evMPTKxPmRWSIOuzS3dxYlH-9SDd_WlCNo7ULZxCmUyrUeqGI3wx3L2sP_3Q4-yYf2y9rsPESVFqKL-74ofBeQ5dvXM7RFYKybvyWA7pIk4tUjxj0lSooNPfFReeT6rQHugsMUyNlaFQ_OsiuGiw8EBSOHRH6XlExoaBpRwWfeBApfAWE3jb1MX-gWNA7dXumbbo5hhLLrIy3-GSUJf03PVZtz-AssUvldo0eBRRGIob6vFY9RUZAD8Ihk_7BTp_WEotoQ",
      "e": "AQAB",
      "use": "sig",
      "qi": "-AeG1tWMCBrGt9E2aNd5jC43o9oRpcRRRdfQKcPfMhtD0aC0sXtyAlVUJXIz6L371i8GhpZ3QB9k_NSbF7ajLpxDIZL23ifK2ir7G239TxHfqCTWAAQ6AjEgVg4MQeRhSn_OuSXvjogkAkyoK_EH_CgcCDOc6lu98oh3_gMFm-o",
      "dp": "z4Bph7YO_uEttfC2sc115Vph9uV9WYhAbv_gixL2h1UVQAqw0syZWmWJdTJyexRLFgahXyl98Sjg_Fup3R_WlOzbnGmjxFnYebHzfAoPIn_zEOK91kzkiAvBD-U8sFGQ6ylNmM0GsKtvzVKwhY8Pdm-Mm2by_RQdnEl_hvvpjWk",
      "alg": "RS256",
      "dq": "gm9oQn49w4pec6zxIaPQY3npy-5MPduOENCAdCaGhMPw6Eq8i2xYEvJUZ8WyOr8-D6ka4n_NZ_NTKgugMYNclUzNYKCeZLDNAqFQ2GdA8WqnZk4H_4zWOzrbpNIgm2z75KwS2QmvhPCFXURIsOVPT7HbgClD587OqJHZCmFdkE0",
      "n": "qj5aqKivE0A_efFAsaKYOCNveWLcvKFNxPoy2gw37mNLB6tAJSwupYdK-4aAdgNtK8zY6WjI67VitO7ZDgCVDmH4em7g-Pk7uoCHqPbeh0zOu7iRclw80RVTmqmw26cZS4eP7qivvXNw0fgHAXLd9Sg6KAES6AoMyaFbPvRVNze-bLhXeSBM6JPwvrglde9GoHGMS9e4CiijOU_Sz4nLaHmPxwCBltjDO7dlOmXGsW35OIrurSqmxrXbcz8TN_G1UlhzPL8npJ2wr_rSnk4pAgj835IeADqw906riv1FQoYR2eIQxc-dD-OBOiHsAZJxjrk7H32uXk9WTZ1a6lheNQ"
    }
  ]
}
public_client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "alg": "RS256",
      "n": "qj5aqKivE0A_efFAsaKYOCNveWLcvKFNxPoy2gw37mNLB6tAJSwupYdK-4aAdgNtK8zY6WjI67VitO7ZDgCVDmH4em7g-Pk7uoCHqPbeh0zOu7iRclw80RVTmqmw26cZS4eP7qivvXNw0fgHAXLd9Sg6KAES6AoMyaFbPvRVNze-bLhXeSBM6JPwvrglde9GoHGMS9e4CiijOU_Sz4nLaHmPxwCBltjDO7dlOmXGsW35OIrurSqmxrXbcz8TN_G1UlhzPL8npJ2wr_rSnk4pAgj835IeADqw906riv1FQoYR2eIQxc-dD-OBOiHsAZJxjrk7H32uXk9WTZ1a6lheNQ"
    }
  ]
}
2022-11-27 18:34:39 SUCCESS
CheckDistinctKeyIdValueInClientJWKs
Distinct 'kid' value in all keys of client_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2022-11-27 18:34:39
CreateEmptyDynamicRegistrationRequest
Created empty dynamic registration request
2022-11-27 18:34:39
AddClientNameToDynamicRegistrationRequest
Added client_name to registration request
client_name
Ristretto Core Conformance Test Dynamic Client One h5RcmlX92Fa2SOe
2022-11-27 18:34:39
AddAuthorizationCodeGrantTypeToDynamicRegistrationRequest
Added 'authorization_code' to 'grant_types'
grant_types
[
  "authorization_code"
]
2022-11-27 18:34:39
AddImplicitGrantTypeToDynamicRegistrationRequest
Added 'implicit' to 'grant_types'
grant_types
[
  "authorization_code",
  "implicit"
]
2022-11-27 18:34:39
AddPublicJwksToDynamicRegistrationRequest
Added client public JWKS to dynamic registration request
dynamic_registration_request
{
  "client_name": "Ristretto Core Conformance Test Dynamic Client One h5RcmlX92Fa2SOe",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "qj5aqKivE0A_efFAsaKYOCNveWLcvKFNxPoy2gw37mNLB6tAJSwupYdK-4aAdgNtK8zY6WjI67VitO7ZDgCVDmH4em7g-Pk7uoCHqPbeh0zOu7iRclw80RVTmqmw26cZS4eP7qivvXNw0fgHAXLd9Sg6KAES6AoMyaFbPvRVNze-bLhXeSBM6JPwvrglde9GoHGMS9e4CiijOU_Sz4nLaHmPxwCBltjDO7dlOmXGsW35OIrurSqmxrXbcz8TN_G1UlhzPL8npJ2wr_rSnk4pAgj835IeADqw906riv1FQoYR2eIQxc-dD-OBOiHsAZJxjrk7H32uXk9WTZ1a6lheNQ"
      }
    ]
  }
}
2022-11-27 18:34:39
AddTokenEndpointAuthMethodToDynamicRegistrationRequestFromEnvironment
Added token endpoint auth method to dynamic registration request
dynamic_registration_request
{
  "client_name": "Ristretto Core Conformance Test Dynamic Client One h5RcmlX92Fa2SOe",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "qj5aqKivE0A_efFAsaKYOCNveWLcvKFNxPoy2gw37mNLB6tAJSwupYdK-4aAdgNtK8zY6WjI67VitO7ZDgCVDmH4em7g-Pk7uoCHqPbeh0zOu7iRclw80RVTmqmw26cZS4eP7qivvXNw0fgHAXLd9Sg6KAES6AoMyaFbPvRVNze-bLhXeSBM6JPwvrglde9GoHGMS9e4CiijOU_Sz4nLaHmPxwCBltjDO7dlOmXGsW35OIrurSqmxrXbcz8TN_G1UlhzPL8npJ2wr_rSnk4pAgj835IeADqw906riv1FQoYR2eIQxc-dD-OBOiHsAZJxjrk7H32uXk9WTZ1a6lheNQ"
      }
    ]
  },
  "token_endpoint_auth_method": "client_secret_basic"
}
2022-11-27 18:34:39
AddResponseTypesArrayToDynamicRegistrationRequestFromEnvironment
Added response_types array to dynamic registration request
dynamic_registration_request
{
  "client_name": "Ristretto Core Conformance Test Dynamic Client One h5RcmlX92Fa2SOe",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "qj5aqKivE0A_efFAsaKYOCNveWLcvKFNxPoy2gw37mNLB6tAJSwupYdK-4aAdgNtK8zY6WjI67VitO7ZDgCVDmH4em7g-Pk7uoCHqPbeh0zOu7iRclw80RVTmqmw26cZS4eP7qivvXNw0fgHAXLd9Sg6KAES6AoMyaFbPvRVNze-bLhXeSBM6JPwvrglde9GoHGMS9e4CiijOU_Sz4nLaHmPxwCBltjDO7dlOmXGsW35OIrurSqmxrXbcz8TN_G1UlhzPL8npJ2wr_rSnk4pAgj835IeADqw906riv1FQoYR2eIQxc-dD-OBOiHsAZJxjrk7H32uXk9WTZ1a6lheNQ"
      }
    ]
  },
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code id_token token"
  ]
}
2022-11-27 18:34:39
AddRedirectUriToDynamicRegistrationRequest
Added redirect_uris array to dynamic registration request
dynamic_registration_request
{
  "client_name": "Ristretto Core Conformance Test Dynamic Client One h5RcmlX92Fa2SOe",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "qj5aqKivE0A_efFAsaKYOCNveWLcvKFNxPoy2gw37mNLB6tAJSwupYdK-4aAdgNtK8zY6WjI67VitO7ZDgCVDmH4em7g-Pk7uoCHqPbeh0zOu7iRclw80RVTmqmw26cZS4eP7qivvXNw0fgHAXLd9Sg6KAES6AoMyaFbPvRVNze-bLhXeSBM6JPwvrglde9GoHGMS9e4CiijOU_Sz4nLaHmPxwCBltjDO7dlOmXGsW35OIrurSqmxrXbcz8TN_G1UlhzPL8npJ2wr_rSnk4pAgj835IeADqw906riv1FQoYR2eIQxc-dD-OBOiHsAZJxjrk7H32uXk9WTZ1a6lheNQ"
      }
    ]
  },
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code id_token token"
  ],
  "redirect_uris": [
    "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"
  ]
}
2022-11-27 18:34:39
AddContactsToDynamicRegistrationRequest
Added contacts array to dynamic registration request
dynamic_registration_request
{
  "client_name": "Ristretto Core Conformance Test Dynamic Client One h5RcmlX92Fa2SOe",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "qj5aqKivE0A_efFAsaKYOCNveWLcvKFNxPoy2gw37mNLB6tAJSwupYdK-4aAdgNtK8zY6WjI67VitO7ZDgCVDmH4em7g-Pk7uoCHqPbeh0zOu7iRclw80RVTmqmw26cZS4eP7qivvXNw0fgHAXLd9Sg6KAES6AoMyaFbPvRVNze-bLhXeSBM6JPwvrglde9GoHGMS9e4CiijOU_Sz4nLaHmPxwCBltjDO7dlOmXGsW35OIrurSqmxrXbcz8TN_G1UlhzPL8npJ2wr_rSnk4pAgj835IeADqw906riv1FQoYR2eIQxc-dD-OBOiHsAZJxjrk7H32uXk9WTZ1a6lheNQ"
      }
    ]
  },
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code id_token token"
  ],
  "redirect_uris": [
    "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"
  ],
  "contacts": [
    "certification@oidf.org"
  ]
}
2022-11-27 18:34:39
AddRefreshTokenGrantTypeToDynamicRegistrationRequest
Added 'refresh_token' to 'grant_types'
grant_types
[
  "authorization_code",
  "implicit",
  "refresh_token"
]
2022-11-27 18:34:39
CallDynamicRegistrationEndpoint
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register
request_method
POST
request_headers
{
  "accept": "application/json",
  "accept-charset": "utf-8",
  "content-type": "application/json",
  "content-length": "791"
}
request_body
{"client_name":"Ristretto Core Conformance Test Dynamic Client One h5RcmlX92Fa2SOe","grant_types":["authorization_code","implicit","refresh_token"],"jwks":{"keys":[{"kty":"RSA","e":"AQAB","use":"sig","alg":"RS256","n":"qj5aqKivE0A_efFAsaKYOCNveWLcvKFNxPoy2gw37mNLB6tAJSwupYdK-4aAdgNtK8zY6WjI67VitO7ZDgCVDmH4em7g-Pk7uoCHqPbeh0zOu7iRclw80RVTmqmw26cZS4eP7qivvXNw0fgHAXLd9Sg6KAES6AoMyaFbPvRVNze-bLhXeSBM6JPwvrglde9GoHGMS9e4CiijOU_Sz4nLaHmPxwCBltjDO7dlOmXGsW35OIrurSqmxrXbcz8TN_G1UlhzPL8npJ2wr_rSnk4pAgj835IeADqw906riv1FQoYR2eIQxc-dD-OBOiHsAZJxjrk7H32uXk9WTZ1a6lheNQ"}]},"token_endpoint_auth_method":"client_secret_basic","response_types":["code id_token token"],"redirect_uris":["https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"],"contacts":["certification@oidf.org"]}
2022-11-27 18:34:41 RESPONSE
CallDynamicRegistrationEndpoint
HTTP response
response_status_code
201 CREATED
response_status_text
Created
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AKda451931-056d-4ed5-a8c7-443474c17fdd",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c2816383adbf206b58d5",
  "content-length": "1459",
  "date": "Sun, 27 Nov 2022 18:34:41 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:vXFziswiwTteV7FpOL0Sc0wmS+RNlGn3x2unvxc6+XQ\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:54725591; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d15779581C120B46869164DEE5C5DC6C6~-1~YAAQTPnerT0XjHWEAQAAD7peugim1SyVdPzxS38EK/AuEK3u/NXrDpvw9ZrjeRUQNE0RIQjvUjObRdSb7UTNNOxXiVlFdptAyvcdxDg+Gzp+xNtrEmPigJyQwYUN5nRhjIElipAmwKH1MdYAK5QBmWcZgTxyJWFksq9pbuY8U2WykInQd7iFht2MZzVIKIQrGax/49BnH8wbh3cZlnsO+EhULOJJpJVeUeREc+QClSp4wPPgaNB0llvSS3Z/t/aiIfZEdVajvsLkk+ugPNoNyD3XqH/3+3OLT73Y1fR5bs7B3udwz/bdWn8RFPKfy4wtSkl2o50cD0sxgY+Uz8Ag5pP8rUcYahSWhpoGSGVjI39oMHQO+tz/dYM5TzN2A3Vv/3oTjRg\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 27 Nov 2023 18:34:41 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d644859F6AC50C5D92C330108B74032E6~YAAQTPnerT4XjHWEAQAAD7peuhGDsa1jN07Wr68uNxcY8nCmJAgOimpKVLTHFapJdBD3VGaJB8Mn4ePr6Ctpc8zJ6ZeylCtVn6LYm1KXNq4vBShDTMtfQUiQnedvy4JO7ejYgg7xwygyBfzVdqNg6M0aFgxe1+1SbhjE9W70IeqMGJNlQOKCwojk/sms6/dWIuvZbw/LggT4Qir/fLsrnus7oyDs/N4MoXOjd2in/Sqk/Gk+dDnNMUc8T9KCFqPw8aML5zKzxsGmS/EFGYOSL6z6BJ7wZ8nDVErjQGVeNFpp7RMqvbxLaai7FzcP~3225145~4403512; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dSun, 27 Nov 2022 22:34:39 GMT; Max-Age\u003d14398; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d200",
    "origin; dur\u003d1379"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"all_users_entitled":true,"client_id":"cf3166cf-8b67-4483-90be-48755bc883aa","client_id_issued_at":"2022-11-27T18:34:39Z","client_name":"Ristretto Core Conformance Test Dynamic Client One h5RcmlX92Fa2SOe","client_secret":"wb8ZwCYUz4","client_secret_expires_at":0,"consent_action":"always_prompt","enforce_pkce":false,"grant_types":["authorization_code","implicit","refresh_token"],"id_token_map":[],"id_token_signed_response_alg":"RS256","initiate_login_uri":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com","jwks":{"keys":[{"use":"sig","kty":"RSA","alg":"RS256","n":"qj5aqKivE0A_efFAsaKYOCNveWLcvKFNxPoy2gw37mNLB6tAJSwupYdK-4aAdgNtK8zY6WjI67VitO7ZDgCVDmH4em7g-Pk7uoCHqPbeh0zOu7iRclw80RVTmqmw26cZS4eP7qivvXNw0fgHAXLd9Sg6KAES6AoMyaFbPvRVNze-bLhXeSBM6JPwvrglde9GoHGMS9e4CiijOU_Sz4nLaHmPxwCBltjDO7dlOmXGsW35OIrurSqmxrXbcz8TN_G1UlhzPL8npJ2wr_rSnk4pAgj835IeADqw906riv1FQoYR2eIQxc-dD-OBOiHsAZJxjrk7H32uXk9WTZ1a6lheNQ","e":"AQAB"}]},"redirect_uris":["https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"],"registration_access_token":"fJCyNtQLX4wFFmstrlRqasJk3YzriPls3-6YQ6iCAwI.Xs9iEwswUUXzO7R4PYnvty4Fq7J4GJApoiV9m3142w4DnsyIiU12Om-w5r27kJEyV_Cy2f4NPWN3oInefTQ_kQ.M18xNjY5NTc0MDgwXzE4","registration_client_uri":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register/cf3166cf-8b67-4483-90be-48755bc883aa","response_types":["code token id_token"],"token_endpoint_auth_method":"client_secret_basic","token_map":[]}
2022-11-27 18:34:41
CallDynamicRegistrationEndpoint
Parsed registration endpoint response
status
201
endpoint_name
dynamic registration
headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AKda451931-056d-4ed5-a8c7-443474c17fdd",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c2816383adbf206b58d5",
  "content-length": "1459",
  "date": "Sun, 27 Nov 2022 18:34:41 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:vXFziswiwTteV7FpOL0Sc0wmS+RNlGn3x2unvxc6+XQ\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:54725591; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d15779581C120B46869164DEE5C5DC6C6~-1~YAAQTPnerT0XjHWEAQAAD7peugim1SyVdPzxS38EK/AuEK3u/NXrDpvw9ZrjeRUQNE0RIQjvUjObRdSb7UTNNOxXiVlFdptAyvcdxDg+Gzp+xNtrEmPigJyQwYUN5nRhjIElipAmwKH1MdYAK5QBmWcZgTxyJWFksq9pbuY8U2WykInQd7iFht2MZzVIKIQrGax/49BnH8wbh3cZlnsO+EhULOJJpJVeUeREc+QClSp4wPPgaNB0llvSS3Z/t/aiIfZEdVajvsLkk+ugPNoNyD3XqH/3+3OLT73Y1fR5bs7B3udwz/bdWn8RFPKfy4wtSkl2o50cD0sxgY+Uz8Ag5pP8rUcYahSWhpoGSGVjI39oMHQO+tz/dYM5TzN2A3Vv/3oTjRg\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 27 Nov 2023 18:34:41 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d644859F6AC50C5D92C330108B74032E6~YAAQTPnerT4XjHWEAQAAD7peuhGDsa1jN07Wr68uNxcY8nCmJAgOimpKVLTHFapJdBD3VGaJB8Mn4ePr6Ctpc8zJ6ZeylCtVn6LYm1KXNq4vBShDTMtfQUiQnedvy4JO7ejYgg7xwygyBfzVdqNg6M0aFgxe1+1SbhjE9W70IeqMGJNlQOKCwojk/sms6/dWIuvZbw/LggT4Qir/fLsrnus7oyDs/N4MoXOjd2in/Sqk/Gk+dDnNMUc8T9KCFqPw8aML5zKzxsGmS/EFGYOSL6z6BJ7wZ8nDVErjQGVeNFpp7RMqvbxLaai7FzcP~3225145~4403512; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dSun, 27 Nov 2022 22:34:39 GMT; Max-Age\u003d14398; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d200",
    "origin; dur\u003d1379"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
body
{"all_users_entitled":true,"client_id":"cf3166cf-8b67-4483-90be-48755bc883aa","client_id_issued_at":"2022-11-27T18:34:39Z","client_name":"Ristretto Core Conformance Test Dynamic Client One h5RcmlX92Fa2SOe","client_secret":"wb8ZwCYUz4","client_secret_expires_at":0,"consent_action":"always_prompt","enforce_pkce":false,"grant_types":["authorization_code","implicit","refresh_token"],"id_token_map":[],"id_token_signed_response_alg":"RS256","initiate_login_uri":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com","jwks":{"keys":[{"use":"sig","kty":"RSA","alg":"RS256","n":"qj5aqKivE0A_efFAsaKYOCNveWLcvKFNxPoy2gw37mNLB6tAJSwupYdK-4aAdgNtK8zY6WjI67VitO7ZDgCVDmH4em7g-Pk7uoCHqPbeh0zOu7iRclw80RVTmqmw26cZS4eP7qivvXNw0fgHAXLd9Sg6KAES6AoMyaFbPvRVNze-bLhXeSBM6JPwvrglde9GoHGMS9e4CiijOU_Sz4nLaHmPxwCBltjDO7dlOmXGsW35OIrurSqmxrXbcz8TN_G1UlhzPL8npJ2wr_rSnk4pAgj835IeADqw906riv1FQoYR2eIQxc-dD-OBOiHsAZJxjrk7H32uXk9WTZ1a6lheNQ","e":"AQAB"}]},"redirect_uris":["https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"],"registration_access_token":"fJCyNtQLX4wFFmstrlRqasJk3YzriPls3-6YQ6iCAwI.Xs9iEwswUUXzO7R4PYnvty4Fq7J4GJApoiV9m3142w4DnsyIiU12Om-w5r27kJEyV_Cy2f4NPWN3oInefTQ_kQ.M18xNjY5NTc0MDgwXzE4","registration_client_uri":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register/cf3166cf-8b67-4483-90be-48755bc883aa","response_types":["code token id_token"],"token_endpoint_auth_method":"client_secret_basic","token_map":[]}
body_json
{
  "all_users_entitled": true,
  "client_id": "cf3166cf-8b67-4483-90be-48755bc883aa",
  "client_id_issued_at": "2022-11-27T18:34:39Z",
  "client_name": "Ristretto Core Conformance Test Dynamic Client One h5RcmlX92Fa2SOe",
  "client_secret": "wb8ZwCYUz4",
  "client_secret_expires_at": 0,
  "consent_action": "always_prompt",
  "enforce_pkce": false,
  "grant_types": [
    "authorization_code",
    "implicit",
    "refresh_token"
  ],
  "id_token_map": [],
  "id_token_signed_response_alg": "RS256",
  "initiate_login_uri": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com",
  "jwks": {
    "keys": [
      {
        "use": "sig",
        "kty": "RSA",
        "alg": "RS256",
        "n": "qj5aqKivE0A_efFAsaKYOCNveWLcvKFNxPoy2gw37mNLB6tAJSwupYdK-4aAdgNtK8zY6WjI67VitO7ZDgCVDmH4em7g-Pk7uoCHqPbeh0zOu7iRclw80RVTmqmw26cZS4eP7qivvXNw0fgHAXLd9Sg6KAES6AoMyaFbPvRVNze-bLhXeSBM6JPwvrglde9GoHGMS9e4CiijOU_Sz4nLaHmPxwCBltjDO7dlOmXGsW35OIrurSqmxrXbcz8TN_G1UlhzPL8npJ2wr_rSnk4pAgj835IeADqw906riv1FQoYR2eIQxc-dD-OBOiHsAZJxjrk7H32uXk9WTZ1a6lheNQ",
        "e": "AQAB"
      }
    ]
  },
  "redirect_uris": [
    "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"
  ],
  "registration_access_token": "fJCyNtQLX4wFFmstrlRqasJk3YzriPls3-6YQ6iCAwI.Xs9iEwswUUXzO7R4PYnvty4Fq7J4GJApoiV9m3142w4DnsyIiU12Om-w5r27kJEyV_Cy2f4NPWN3oInefTQ_kQ.M18xNjY5NTc0MDgwXzE4",
  "registration_client_uri": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register/cf3166cf-8b67-4483-90be-48755bc883aa",
  "response_types": [
    "code token id_token"
  ],
  "token_endpoint_auth_method": "client_secret_basic",
  "token_map": []
}
2022-11-27 18:34:41 SUCCESS
EnsureContentTypeJson
endpoint_response Content-Type: header is application/json
2022-11-27 18:34:41 SUCCESS
EnsureHttpStatusCodeIs201
dynamic registration endpoint returned the expected http status
expected_status
201
http_status
201
2022-11-27 18:34:41 SUCCESS
CheckNoErrorFromDynamicRegistrationEndpoint
Dynamic registration endpoint did not return an error.
2022-11-27 18:34:41 SUCCESS
ExtractDynamicRegistrationResponse
Extracted client from dynamic registration response
client_id
cf3166cf-8b67-4483-90be-48755bc883aa
2022-11-27 18:34:41 SUCCESS
VerifyClientManagementCredentials
Verified dynamic registration management credentials
registration_client_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register/cf3166cf-8b67-4483-90be-48755bc883aa
registration_access_token
fJCyNtQLX4wFFmstrlRqasJk3YzriPls3-6YQ6iCAwI.Xs9iEwswUUXzO7R4PYnvty4Fq7J4GJApoiV9m3142w4DnsyIiU12Om-w5r27kJEyV_Cy2f4NPWN3oInefTQ_kQ.M18xNjY5NTc0MDgwXzE4
2022-11-27 18:34:41
SetScopeInClientConfigurationToOpenId
Set scope in client configuration to "openid"
scope
openid
2022-11-27 18:34:41
SetScopeInClientConfigurationToOpenIdOfflineAccessIfServerSupportsOfflineAccess
scopes supported does not contain 'offline_access' so not adding it to the list of scopes to be requested
scopes_supported
[
  "openid",
  "profile",
  "email",
  "phone",
  "address"
]
2022-11-27 18:34:41 SUCCESS
EnsureServerConfigurationSupportsClientSecretBasic
Contents of 'token_endpoint_auth_methods_supported' in discovery document matches expectations.
actual
[
  "client_secret_basic",
  "client_secret_post",
  "private_key_jwt",
  "tls_client_auth"
]
expected
[
  "client_secret_basic"
]
minimum_matches_required
1
2022-11-27 18:34:41
StoreOriginalClient2Configuration
Created original_client_config object from the client configuration.
client_name
Ristretto Core Conformance Test Dynamic Client Two
2022-11-27 18:34:41
ExtractClientNameFromStoredConfig
Extracted client_name from stored client configuration.
client_name
Ristretto Core Conformance Test Dynamic Client Two
2022-11-27 18:34:41 SUCCESS
GenerateRS256ClientJWKs
Generated client JWKs
client_jwks
{
  "keys": [
    {
      "p": "2cTAUqNvqucvGiMkXr-_jRJbYS8IDNTCaJEBejEiKoVchwC8DX3PsGtDGz-ggiCDM27tQn6YCtJZ91TamFNVaBcTnij7pNJDQnMwm7QFIfgtPnMGvELGfSIzWKlKhnpxyFJm_O65g_txGojbFpJ7_xXvxOVKOdrKbwYup0ryRBU",
      "kty": "RSA",
      "q": "xU28ib39Dkwx98igUcGwuczlzTpOaaZCOsMxasnYtTlE_zZXZc66_yrETPloqEpN1AM31G91oeN9djEvpz2N4dIjvLBEBX3Rf4HriMq1Lri4tLB7KdZO4Hyc2Lj9uK0kG5YGlhEbEIOA2fFuNKRzLufaXqZthELl1HFxuMIH5X8",
      "d": "DFlWluDYiAYebS1-fUpKbJQwqjU8pMG3oQgqpJpDgGXrySn6iDqUfoceddOJ41tfzGnw_pzp7kJFIsdr5ZmUl7ak0bfJs6aR6CvFa3_mFBT1K05qMHXklm6NyMnGya1RTfeuLUJlfR0hhnmK6655sQmaaIKJTLoqpgbIAdMC9JfAOtUDzCmLcMnWmyNyQazdhxSn6Vdt_IXLMxBjckELWyngvS16XoYaZbYH9J0PyK76Ql_q2Sr2I5ZJqR4PBkp6u2YEvq7AtJYYwaCI2Fpwwf49BWAMDjcZDZ3NJmhrGdfk8pBuM361W2ZFGAPMrteeFMYCTBaqIxp_DE3FqTdSkQ",
      "e": "AQAB",
      "use": "sig",
      "qi": "bm3kXa2NkyvAsiIMBp3hNyf_-3gVWP1LwmpdolSEoCusg-b-FEhItwM4cJuKDGew8EoNLzvVOcOVNsPXy86WaI-qVpjovufnOIHDauRbel1Qxzm85HfQkI2QF7aWhjPhb3VIHTk_CcIckqPCIfprjxKXH-4KKqpVqDdjzWIkxiI",
      "dp": "uJtPQn7kWifzSSADZAL_GlM2ffNFysLOL6DFdNWUFiHJ53Ra9sDxwKedUsskgUuYjZB6t4Tj1UCvHbmkOb9jRoNRkSFC-l14wSsvSL9aHorpp-gRDKU66LeGeaHB2LCSJnScc8zYHaeZIRplSART81GgWfTacKMmOuotwIoLSGU",
      "alg": "RS256",
      "dq": "RRPXW55R18yjfe4W-yjGF_b9yeGNDH4yF-K5DXtHzQMU_glnhfRgEfBGM_DqTGlfYEgUJuMzGw_LoDLOTU5Gu3ZYHrrTxdxsGalB7m2SC56OxGw5YsdubDgUrefupNaxmprnCWlJwXlZBnT5saKV1SlFkffQxgqp7rwdJaOBIj8",
      "n": "p9aIjxnFOPJu0IiHoi2kaa6FEI8R1oC17RbPups9npou4gtziOzR3tnvD7bu2KyaljscYSZcHs2ISN57pdNO9d9TKHyf4JXL56rtl5bA0mXJb_9xO_7-bK7IpTFZ58vq8DtBkB3gVRVFGi1OiDJm9__CGmH-eXEMbu2GxkrKyGfPakItPvzJ435X8gkkueE1xjS0aRck01kkfUTCgYk9nmrxTPXohZXiOVtFiUF2UoquifBG3-vfYyZixJCuAwFJKUhZ7iO1G6u18cfcVvqBxOm4S2GyMJxIGo7u0fXuXZPqMmcIHKdJU39ptyzEt_V-SMHp5SwgvrDonqNYq6mPaw"
    }
  ]
}
public_client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "alg": "RS256",
      "n": "p9aIjxnFOPJu0IiHoi2kaa6FEI8R1oC17RbPups9npou4gtziOzR3tnvD7bu2KyaljscYSZcHs2ISN57pdNO9d9TKHyf4JXL56rtl5bA0mXJb_9xO_7-bK7IpTFZ58vq8DtBkB3gVRVFGi1OiDJm9__CGmH-eXEMbu2GxkrKyGfPakItPvzJ435X8gkkueE1xjS0aRck01kkfUTCgYk9nmrxTPXohZXiOVtFiUF2UoquifBG3-vfYyZixJCuAwFJKUhZ7iO1G6u18cfcVvqBxOm4S2GyMJxIGo7u0fXuXZPqMmcIHKdJU39ptyzEt_V-SMHp5SwgvrDonqNYq6mPaw"
    }
  ]
}
2022-11-27 18:34:41 SUCCESS
CheckDistinctKeyIdValueInClientJWKs
Distinct 'kid' value in all keys of client_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2022-11-27 18:34:41
CreateEmptyDynamicRegistrationRequest
Created empty dynamic registration request
2022-11-27 18:34:41
AddClientNameToDynamicRegistrationRequest
Added client_name to registration request
client_name
Ristretto Core Conformance Test Dynamic Client Two h5RcmlX92Fa2SOe
2022-11-27 18:34:41
AddAuthorizationCodeGrantTypeToDynamicRegistrationRequest
Added 'authorization_code' to 'grant_types'
grant_types
[
  "authorization_code"
]
2022-11-27 18:34:41
AddImplicitGrantTypeToDynamicRegistrationRequest
Added 'implicit' to 'grant_types'
grant_types
[
  "authorization_code",
  "implicit"
]
2022-11-27 18:34:41
AddPublicJwksToDynamicRegistrationRequest
Added client public JWKS to dynamic registration request
dynamic_registration_request
{
  "client_name": "Ristretto Core Conformance Test Dynamic Client Two h5RcmlX92Fa2SOe",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "p9aIjxnFOPJu0IiHoi2kaa6FEI8R1oC17RbPups9npou4gtziOzR3tnvD7bu2KyaljscYSZcHs2ISN57pdNO9d9TKHyf4JXL56rtl5bA0mXJb_9xO_7-bK7IpTFZ58vq8DtBkB3gVRVFGi1OiDJm9__CGmH-eXEMbu2GxkrKyGfPakItPvzJ435X8gkkueE1xjS0aRck01kkfUTCgYk9nmrxTPXohZXiOVtFiUF2UoquifBG3-vfYyZixJCuAwFJKUhZ7iO1G6u18cfcVvqBxOm4S2GyMJxIGo7u0fXuXZPqMmcIHKdJU39ptyzEt_V-SMHp5SwgvrDonqNYq6mPaw"
      }
    ]
  }
}
2022-11-27 18:34:41
AddTokenEndpointAuthMethodToDynamicRegistrationRequestFromEnvironment
Added token endpoint auth method to dynamic registration request
dynamic_registration_request
{
  "client_name": "Ristretto Core Conformance Test Dynamic Client Two h5RcmlX92Fa2SOe",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "p9aIjxnFOPJu0IiHoi2kaa6FEI8R1oC17RbPups9npou4gtziOzR3tnvD7bu2KyaljscYSZcHs2ISN57pdNO9d9TKHyf4JXL56rtl5bA0mXJb_9xO_7-bK7IpTFZ58vq8DtBkB3gVRVFGi1OiDJm9__CGmH-eXEMbu2GxkrKyGfPakItPvzJ435X8gkkueE1xjS0aRck01kkfUTCgYk9nmrxTPXohZXiOVtFiUF2UoquifBG3-vfYyZixJCuAwFJKUhZ7iO1G6u18cfcVvqBxOm4S2GyMJxIGo7u0fXuXZPqMmcIHKdJU39ptyzEt_V-SMHp5SwgvrDonqNYq6mPaw"
      }
    ]
  },
  "token_endpoint_auth_method": "client_secret_basic"
}
2022-11-27 18:34:41
AddResponseTypesArrayToDynamicRegistrationRequestFromEnvironment
Added response_types array to dynamic registration request
dynamic_registration_request
{
  "client_name": "Ristretto Core Conformance Test Dynamic Client Two h5RcmlX92Fa2SOe",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "p9aIjxnFOPJu0IiHoi2kaa6FEI8R1oC17RbPups9npou4gtziOzR3tnvD7bu2KyaljscYSZcHs2ISN57pdNO9d9TKHyf4JXL56rtl5bA0mXJb_9xO_7-bK7IpTFZ58vq8DtBkB3gVRVFGi1OiDJm9__CGmH-eXEMbu2GxkrKyGfPakItPvzJ435X8gkkueE1xjS0aRck01kkfUTCgYk9nmrxTPXohZXiOVtFiUF2UoquifBG3-vfYyZixJCuAwFJKUhZ7iO1G6u18cfcVvqBxOm4S2GyMJxIGo7u0fXuXZPqMmcIHKdJU39ptyzEt_V-SMHp5SwgvrDonqNYq6mPaw"
      }
    ]
  },
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code id_token token"
  ]
}
2022-11-27 18:34:41
AddRedirectUriToDynamicRegistrationRequest
Added redirect_uris array to dynamic registration request
dynamic_registration_request
{
  "client_name": "Ristretto Core Conformance Test Dynamic Client Two h5RcmlX92Fa2SOe",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "p9aIjxnFOPJu0IiHoi2kaa6FEI8R1oC17RbPups9npou4gtziOzR3tnvD7bu2KyaljscYSZcHs2ISN57pdNO9d9TKHyf4JXL56rtl5bA0mXJb_9xO_7-bK7IpTFZ58vq8DtBkB3gVRVFGi1OiDJm9__CGmH-eXEMbu2GxkrKyGfPakItPvzJ435X8gkkueE1xjS0aRck01kkfUTCgYk9nmrxTPXohZXiOVtFiUF2UoquifBG3-vfYyZixJCuAwFJKUhZ7iO1G6u18cfcVvqBxOm4S2GyMJxIGo7u0fXuXZPqMmcIHKdJU39ptyzEt_V-SMHp5SwgvrDonqNYq6mPaw"
      }
    ]
  },
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code id_token token"
  ],
  "redirect_uris": [
    "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"
  ]
}
2022-11-27 18:34:41
AddContactsToDynamicRegistrationRequest
Added contacts array to dynamic registration request
dynamic_registration_request
{
  "client_name": "Ristretto Core Conformance Test Dynamic Client Two h5RcmlX92Fa2SOe",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "p9aIjxnFOPJu0IiHoi2kaa6FEI8R1oC17RbPups9npou4gtziOzR3tnvD7bu2KyaljscYSZcHs2ISN57pdNO9d9TKHyf4JXL56rtl5bA0mXJb_9xO_7-bK7IpTFZ58vq8DtBkB3gVRVFGi1OiDJm9__CGmH-eXEMbu2GxkrKyGfPakItPvzJ435X8gkkueE1xjS0aRck01kkfUTCgYk9nmrxTPXohZXiOVtFiUF2UoquifBG3-vfYyZixJCuAwFJKUhZ7iO1G6u18cfcVvqBxOm4S2GyMJxIGo7u0fXuXZPqMmcIHKdJU39ptyzEt_V-SMHp5SwgvrDonqNYq6mPaw"
      }
    ]
  },
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code id_token token"
  ],
  "redirect_uris": [
    "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"
  ],
  "contacts": [
    "certification@oidf.org"
  ]
}
2022-11-27 18:34:41
AddRefreshTokenGrantTypeToDynamicRegistrationRequest
Added 'refresh_token' to 'grant_types'
grant_types
[
  "authorization_code",
  "implicit",
  "refresh_token"
]
2022-11-27 18:34:41
CallDynamicRegistrationEndpoint
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register
request_method
POST
request_headers
{
  "accept": "application/json",
  "accept-charset": "utf-8",
  "content-type": "application/json",
  "content-length": "791"
}
request_body
{"client_name":"Ristretto Core Conformance Test Dynamic Client Two h5RcmlX92Fa2SOe","grant_types":["authorization_code","implicit","refresh_token"],"jwks":{"keys":[{"kty":"RSA","e":"AQAB","use":"sig","alg":"RS256","n":"p9aIjxnFOPJu0IiHoi2kaa6FEI8R1oC17RbPups9npou4gtziOzR3tnvD7bu2KyaljscYSZcHs2ISN57pdNO9d9TKHyf4JXL56rtl5bA0mXJb_9xO_7-bK7IpTFZ58vq8DtBkB3gVRVFGi1OiDJm9__CGmH-eXEMbu2GxkrKyGfPakItPvzJ435X8gkkueE1xjS0aRck01kkfUTCgYk9nmrxTPXohZXiOVtFiUF2UoquifBG3-vfYyZixJCuAwFJKUhZ7iO1G6u18cfcVvqBxOm4S2GyMJxIGo7u0fXuXZPqMmcIHKdJU39ptyzEt_V-SMHp5SwgvrDonqNYq6mPaw"}]},"token_endpoint_auth_method":"client_secret_basic","response_types":["code id_token token"],"redirect_uris":["https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"],"contacts":["certification@oidf.org"]}
2022-11-27 18:34:42 RESPONSE
CallDynamicRegistrationEndpoint
HTTP response
response_status_code
201 CREATED
response_status_text
Created
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK9e5910d5-f69e-495e-acb1-3880fb46d9d0",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c2816383adc1355190d1",
  "content-length": "1459",
  "date": "Sun, 27 Nov 2022 18:34:42 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:fyzHWGoh/l6byGxH6rWt7OOqUxNUNNvXW2iu8DOYaX0\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:61017047; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003dBDB865ACC315D2E0811CFA0D688A09B3~-1~YAAQTPnerWgXjHWEAQAAg79eugjVioSRZYRuYzNWu2lv9JAv6T9Bxlux8THBAlZGE1KMvKkd2UlHECyf/OJsjqGAmhR9wdmeGh2RSpiDpD13bTGnt8awx9HiHlffcKRFgmCvUcWrxMTy/3GNkP4c8hNitsoiVxvyQhMtYZdfzIXZ2JWoGbC1/q61+9l4PRID2R/qUoZ7gFVftcbvUD8V1YoDE4gH2UX3gvQZ1/5/U+1232zNTgwLmAs11zWchCdz7c9QYBDyC9/YMjv13dprw+4IsdVVmjqj8fCPUBbvEZ312YUL2yovTuDSdMNV12JCLXMFdHNbV0VivVS5pV7oxHm7q93bdZBa0vbfocYGC6JhnIC1DnWApi4/fgwWe3Jx6cyquI4\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 27 Nov 2023 18:34:42 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003dE63A83F1CED01A45B40C1FB22A9F41C8~YAAQTPnerWkXjHWEAQAAg79euhHQTKTJ1fiVIOa86I84fiNdAnGdCC7n33XS1Ji+yxdZ4PcpXPLSMxRSlv1auqY83y1BdgJgLnqNkPaBUvAcN+9HimCnksEd7Sun4RnTEQdV4Rtxqdk0NyMLP2qyaie6QCUBF5iUc9o56NOhWPFG/osN4js6HaxtsirDVr51lsDHkLx64nSZ8mrJ7Si2mpYNjTnJ1hVcTAeeultdVUCf7ZKZzYTkdirUEOOhZlfIwMyW/IqGHml/nuBPCqzi71vWEzPCWZRL8J1V2HpbkLUhwSi8FYyEeQpacCn9~4273972~3225649; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dSun, 27 Nov 2022 22:34:41 GMT; Max-Age\u003d14399; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d98",
    "origin; dur\u003d966"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"all_users_entitled":true,"client_id":"eb9f83a7-9bdf-4c2b-8214-e39a9424016b","client_id_issued_at":"2022-11-27T18:34:41Z","client_name":"Ristretto Core Conformance Test Dynamic Client Two h5RcmlX92Fa2SOe","client_secret":"QjkGBznyqE","client_secret_expires_at":0,"consent_action":"always_prompt","enforce_pkce":false,"grant_types":["authorization_code","implicit","refresh_token"],"id_token_map":[],"id_token_signed_response_alg":"RS256","initiate_login_uri":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com","jwks":{"keys":[{"use":"sig","kty":"RSA","alg":"RS256","n":"p9aIjxnFOPJu0IiHoi2kaa6FEI8R1oC17RbPups9npou4gtziOzR3tnvD7bu2KyaljscYSZcHs2ISN57pdNO9d9TKHyf4JXL56rtl5bA0mXJb_9xO_7-bK7IpTFZ58vq8DtBkB3gVRVFGi1OiDJm9__CGmH-eXEMbu2GxkrKyGfPakItPvzJ435X8gkkueE1xjS0aRck01kkfUTCgYk9nmrxTPXohZXiOVtFiUF2UoquifBG3-vfYyZixJCuAwFJKUhZ7iO1G6u18cfcVvqBxOm4S2GyMJxIGo7u0fXuXZPqMmcIHKdJU39ptyzEt_V-SMHp5SwgvrDonqNYq6mPaw","e":"AQAB"}]},"redirect_uris":["https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"],"registration_access_token":"QvdhbAUEBsKDx-vwlNfmISPvW6JhlaNitIxDggNQdtU.3CTl2k2VL178R_enMMNddL4Hz1xth0AdLoSR05fJBLbzkidlpYfjkRgy-O4i7jyfA_Wddz-1nBH6yHJK-aQWdw.M18xNjY5NTc0MDgyXzE4","registration_client_uri":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register/eb9f83a7-9bdf-4c2b-8214-e39a9424016b","response_types":["code token id_token"],"token_endpoint_auth_method":"client_secret_basic","token_map":[]}
2022-11-27 18:34:42
CallDynamicRegistrationEndpoint
Parsed registration endpoint response
status
201
endpoint_name
dynamic registration
headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK9e5910d5-f69e-495e-acb1-3880fb46d9d0",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c2816383adc1355190d1",
  "content-length": "1459",
  "date": "Sun, 27 Nov 2022 18:34:42 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:fyzHWGoh/l6byGxH6rWt7OOqUxNUNNvXW2iu8DOYaX0\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:61017047; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003dBDB865ACC315D2E0811CFA0D688A09B3~-1~YAAQTPnerWgXjHWEAQAAg79eugjVioSRZYRuYzNWu2lv9JAv6T9Bxlux8THBAlZGE1KMvKkd2UlHECyf/OJsjqGAmhR9wdmeGh2RSpiDpD13bTGnt8awx9HiHlffcKRFgmCvUcWrxMTy/3GNkP4c8hNitsoiVxvyQhMtYZdfzIXZ2JWoGbC1/q61+9l4PRID2R/qUoZ7gFVftcbvUD8V1YoDE4gH2UX3gvQZ1/5/U+1232zNTgwLmAs11zWchCdz7c9QYBDyC9/YMjv13dprw+4IsdVVmjqj8fCPUBbvEZ312YUL2yovTuDSdMNV12JCLXMFdHNbV0VivVS5pV7oxHm7q93bdZBa0vbfocYGC6JhnIC1DnWApi4/fgwWe3Jx6cyquI4\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 27 Nov 2023 18:34:42 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003dE63A83F1CED01A45B40C1FB22A9F41C8~YAAQTPnerWkXjHWEAQAAg79euhHQTKTJ1fiVIOa86I84fiNdAnGdCC7n33XS1Ji+yxdZ4PcpXPLSMxRSlv1auqY83y1BdgJgLnqNkPaBUvAcN+9HimCnksEd7Sun4RnTEQdV4Rtxqdk0NyMLP2qyaie6QCUBF5iUc9o56NOhWPFG/osN4js6HaxtsirDVr51lsDHkLx64nSZ8mrJ7Si2mpYNjTnJ1hVcTAeeultdVUCf7ZKZzYTkdirUEOOhZlfIwMyW/IqGHml/nuBPCqzi71vWEzPCWZRL8J1V2HpbkLUhwSi8FYyEeQpacCn9~4273972~3225649; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dSun, 27 Nov 2022 22:34:41 GMT; Max-Age\u003d14399; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d98",
    "origin; dur\u003d966"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
body
{"all_users_entitled":true,"client_id":"eb9f83a7-9bdf-4c2b-8214-e39a9424016b","client_id_issued_at":"2022-11-27T18:34:41Z","client_name":"Ristretto Core Conformance Test Dynamic Client Two h5RcmlX92Fa2SOe","client_secret":"QjkGBznyqE","client_secret_expires_at":0,"consent_action":"always_prompt","enforce_pkce":false,"grant_types":["authorization_code","implicit","refresh_token"],"id_token_map":[],"id_token_signed_response_alg":"RS256","initiate_login_uri":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com","jwks":{"keys":[{"use":"sig","kty":"RSA","alg":"RS256","n":"p9aIjxnFOPJu0IiHoi2kaa6FEI8R1oC17RbPups9npou4gtziOzR3tnvD7bu2KyaljscYSZcHs2ISN57pdNO9d9TKHyf4JXL56rtl5bA0mXJb_9xO_7-bK7IpTFZ58vq8DtBkB3gVRVFGi1OiDJm9__CGmH-eXEMbu2GxkrKyGfPakItPvzJ435X8gkkueE1xjS0aRck01kkfUTCgYk9nmrxTPXohZXiOVtFiUF2UoquifBG3-vfYyZixJCuAwFJKUhZ7iO1G6u18cfcVvqBxOm4S2GyMJxIGo7u0fXuXZPqMmcIHKdJU39ptyzEt_V-SMHp5SwgvrDonqNYq6mPaw","e":"AQAB"}]},"redirect_uris":["https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"],"registration_access_token":"QvdhbAUEBsKDx-vwlNfmISPvW6JhlaNitIxDggNQdtU.3CTl2k2VL178R_enMMNddL4Hz1xth0AdLoSR05fJBLbzkidlpYfjkRgy-O4i7jyfA_Wddz-1nBH6yHJK-aQWdw.M18xNjY5NTc0MDgyXzE4","registration_client_uri":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register/eb9f83a7-9bdf-4c2b-8214-e39a9424016b","response_types":["code token id_token"],"token_endpoint_auth_method":"client_secret_basic","token_map":[]}
body_json
{
  "all_users_entitled": true,
  "client_id": "eb9f83a7-9bdf-4c2b-8214-e39a9424016b",
  "client_id_issued_at": "2022-11-27T18:34:41Z",
  "client_name": "Ristretto Core Conformance Test Dynamic Client Two h5RcmlX92Fa2SOe",
  "client_secret": "QjkGBznyqE",
  "client_secret_expires_at": 0,
  "consent_action": "always_prompt",
  "enforce_pkce": false,
  "grant_types": [
    "authorization_code",
    "implicit",
    "refresh_token"
  ],
  "id_token_map": [],
  "id_token_signed_response_alg": "RS256",
  "initiate_login_uri": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com",
  "jwks": {
    "keys": [
      {
        "use": "sig",
        "kty": "RSA",
        "alg": "RS256",
        "n": "p9aIjxnFOPJu0IiHoi2kaa6FEI8R1oC17RbPups9npou4gtziOzR3tnvD7bu2KyaljscYSZcHs2ISN57pdNO9d9TKHyf4JXL56rtl5bA0mXJb_9xO_7-bK7IpTFZ58vq8DtBkB3gVRVFGi1OiDJm9__CGmH-eXEMbu2GxkrKyGfPakItPvzJ435X8gkkueE1xjS0aRck01kkfUTCgYk9nmrxTPXohZXiOVtFiUF2UoquifBG3-vfYyZixJCuAwFJKUhZ7iO1G6u18cfcVvqBxOm4S2GyMJxIGo7u0fXuXZPqMmcIHKdJU39ptyzEt_V-SMHp5SwgvrDonqNYq6mPaw",
        "e": "AQAB"
      }
    ]
  },
  "redirect_uris": [
    "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"
  ],
  "registration_access_token": "QvdhbAUEBsKDx-vwlNfmISPvW6JhlaNitIxDggNQdtU.3CTl2k2VL178R_enMMNddL4Hz1xth0AdLoSR05fJBLbzkidlpYfjkRgy-O4i7jyfA_Wddz-1nBH6yHJK-aQWdw.M18xNjY5NTc0MDgyXzE4",
  "registration_client_uri": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register/eb9f83a7-9bdf-4c2b-8214-e39a9424016b",
  "response_types": [
    "code token id_token"
  ],
  "token_endpoint_auth_method": "client_secret_basic",
  "token_map": []
}
2022-11-27 18:34:42 SUCCESS
EnsureContentTypeJson
endpoint_response Content-Type: header is application/json
2022-11-27 18:34:42 SUCCESS
EnsureHttpStatusCodeIs201
dynamic registration endpoint returned the expected http status
expected_status
201
http_status
201
2022-11-27 18:34:42 SUCCESS
CheckNoErrorFromDynamicRegistrationEndpoint
Dynamic registration endpoint did not return an error.
2022-11-27 18:34:42 SUCCESS
ExtractDynamicRegistrationResponse
Extracted client from dynamic registration response
client_id
eb9f83a7-9bdf-4c2b-8214-e39a9424016b
2022-11-27 18:34:42 SUCCESS
VerifyClientManagementCredentials
Verified dynamic registration management credentials
registration_client_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register/eb9f83a7-9bdf-4c2b-8214-e39a9424016b
registration_access_token
QvdhbAUEBsKDx-vwlNfmISPvW6JhlaNitIxDggNQdtU.3CTl2k2VL178R_enMMNddL4Hz1xth0AdLoSR05fJBLbzkidlpYfjkRgy-O4i7jyfA_Wddz-1nBH6yHJK-aQWdw.M18xNjY5NTc0MDgyXzE4
2022-11-27 18:34:42
SetScopeInClientConfigurationToOpenId
Set scope in client configuration to "openid"
scope
openid
2022-11-27 18:34:42
SetScopeInClientConfigurationToOpenIdOfflineAccessIfServerSupportsOfflineAccess
scopes supported does not contain 'offline_access' so not adding it to the list of scopes to be requested
scopes_supported
[
  "openid",
  "profile",
  "email",
  "phone",
  "address"
]
2022-11-27 18:34:42 SUCCESS
EnsureServerConfigurationSupportsClientSecretBasic
Contents of 'token_endpoint_auth_methods_supported' in discovery document matches expectations.
actual
[
  "client_secret_basic",
  "client_secret_post",
  "private_key_jwt",
  "tls_client_auth"
]
expected
[
  "client_secret_basic"
]
minimum_matches_required
1
2022-11-27 18:34:42 SUCCESS
SetProtectedResourceUrlToUserInfoEndpoint
userinfo_endpoint will be used to test access token. The user info is not a mandatory to implement feature in the OpenID Connect specification, but is mandatory for certification.
protected_resource_url
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/userinfo
2022-11-27 18:34:42
oidcc-refresh-token
Setup Done
Make request to authorization endpoint
2022-11-27 18:34:42 SUCCESS
CreateAuthorizationEndpointRequestFromClientInformation
Created authorization endpoint request
client_id
cf3166cf-8b67-4483-90be-48755bc883aa
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
scope
openid
2022-11-27 18:34:42
CreateRandomStateValue
Created state value
requested_state_length
10
state
tLvMgFF3mo
2022-11-27 18:34:42 SUCCESS
AddStateToAuthorizationEndpointRequest
Added state parameter to request
client_id
cf3166cf-8b67-4483-90be-48755bc883aa
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
scope
openid
state
tLvMgFF3mo
2022-11-27 18:34:42
CreateRandomNonceValue
Created nonce value
requested_nonce_length
10
nonce
ZrOH1STrnl
2022-11-27 18:34:42 SUCCESS
AddNonceToAuthorizationEndpointRequest
Added nonce parameter to request
client_id
cf3166cf-8b67-4483-90be-48755bc883aa
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
scope
openid
state
tLvMgFF3mo
nonce
ZrOH1STrnl
2022-11-27 18:34:42 SUCCESS
SetAuthorizationEndpointRequestResponseTypeFromEnvironment
Added response_type parameter to request
client_id
cf3166cf-8b67-4483-90be-48755bc883aa
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
scope
openid
state
tLvMgFF3mo
nonce
ZrOH1STrnl
response_type
code id_token token
2022-11-27 18:34:42 SUCCESS
AddPromptConsentToAuthorizationEndpointRequestIfScopeContainsOfflineAccess
Not adding prompt=consent as the scope in the configuration does not contain offline_access
2022-11-27 18:34:42 SUCCESS
BuildPlainRedirectToAuthorizationEndpoint
Sending to authorization endpoint
auth_request
{
  "client_id": "cf3166cf-8b67-4483-90be-48755bc883aa",
  "redirect_uri": "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback",
  "scope": "openid",
  "state": "tLvMgFF3mo",
  "nonce": "ZrOH1STrnl",
  "response_type": "code id_token token"
}
redirect_to_authorization_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/authorize?client_id=cf3166cf-8b67-4483-90be-48755bc883aa&redirect_uri=https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback&scope=openid&state=tLvMgFF3mo&nonce=ZrOH1STrnl&response_type=code%20id_token%20token
2022-11-27 18:34:42 REDIRECT
oidcc-refresh-token
Redirecting to authorization endpoint
redirect_to
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/authorize?client_id=cf3166cf-8b67-4483-90be-48755bc883aa&redirect_uri=https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback&scope=openid&state=tLvMgFF3mo&nonce=ZrOH1STrnl&response_type=code%20id_token%20token
2022-11-27 18:34:54 INCOMING
oidcc-refresh-token
Incoming HTTP request to /test/a/isv_op_oidc_core_test/callback
incoming_headers
{
  "host": "www.certification.openid.net",
  "cache-control": "max-age\u003d0",
  "upgrade-insecure-requests": "1",
  "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,image/avif,image/webp,image/apng,*/*;q\u003d0.8,application/signed-exchange;v\u003db3;q\u003d0.9",
  "sec-fetch-site": "cross-site",
  "sec-fetch-mode": "navigate",
  "sec-fetch-user": "?1",
  "sec-fetch-dest": "document",
  "sec-ch-ua": "\"Google Chrome\";v\u003d\"107\", \"Chromium\";v\u003d\"107\", \"Not\u003dA?Brand\";v\u003d\"24\"",
  "sec-ch-ua-mobile": "?0",
  "sec-ch-ua-platform": "\"Windows\"",
  "referer": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-US,en;q\u003d0.9,zh-CN;q\u003d0.8,zh;q\u003d0.7",
  "cookie": "__utmz\u003d201319536.1668662898.14.3.utmcsr\u003dcertification.openid.net|utmccn\u003d(referral)|utmcmd\u003dreferral|utmcct\u003d/; __utmc\u003d201319536; __utma\u003d201319536.1094656506.1667372526.1669169819.1669192421.17; JSESSIONID\u003dA99EA218D2554846F38BDDE459E8C220",
  "connection": "close"
}
incoming_path
/test/a/isv_op_oidc_core_test/callback
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cert
incoming_query_string_params
{}
incoming_body
incoming_tls_chain
[
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL"
]
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_body_json
2022-11-27 18:34:54 SUCCESS
CreateRandomImplicitSubmitUrl
Created random implicit submission URL
implicit_submit
{
  "path": "implicit/ZNKw2ERxVZ9C8CFTQ8ix",
  "fullUrl": "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/implicit/ZNKw2ERxVZ9C8CFTQ8ix"
}
2022-11-27 18:34:54 OUTGOING
oidcc-refresh-token
Response to HTTP request to test instance h5RcmlX92Fa2SOe
outgoing
ModelAndView [view="implicitCallback"; model={implicitSubmitUrl=https://www.certification.openid.net/test/a/isv_op_oidc_core_test/implicit/ZNKw2ERxVZ9C8CFTQ8ix, returnUrl=/log-detail.html?log=h5RcmlX92Fa2SOe}]
outgoing_path
callback
2022-11-27 18:34:54 INCOMING
oidcc-refresh-token
Incoming HTTP request to /test/a/isv_op_oidc_core_test/implicit/ZNKw2ERxVZ9C8CFTQ8ix
incoming_headers
{
  "host": "www.certification.openid.net",
  "sec-ch-ua": "\"Google Chrome\";v\u003d\"107\", \"Chromium\";v\u003d\"107\", \"Not\u003dA?Brand\";v\u003d\"24\"",
  "accept": "*/*",
  "content-type": "text/plain",
  "x-requested-with": "XMLHttpRequest",
  "sec-ch-ua-mobile": "?0",
  "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36",
  "sec-ch-ua-platform": "\"Windows\"",
  "origin": "https://www.certification.openid.net",
  "sec-fetch-site": "same-origin",
  "sec-fetch-mode": "cors",
  "sec-fetch-dest": "empty",
  "referer": "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-US,en;q\u003d0.9,zh-CN;q\u003d0.8,zh;q\u003d0.7",
  "cookie": "__utmz\u003d201319536.1668662898.14.3.utmcsr\u003dcertification.openid.net|utmccn\u003d(referral)|utmcmd\u003dreferral|utmcct\u003d/; __utmc\u003d201319536; __utma\u003d201319536.1094656506.1667372526.1669169819.1669192421.17; JSESSIONID\u003dA99EA218D2554846F38BDDE459E8C220",
  "connection": "close",
  "content-length": "1537"
}
incoming_path
/test/a/isv_op_oidc_core_test/implicit/ZNKw2ERxVZ9C8CFTQ8ix
incoming_body_form_params
incoming_method
POST
incoming_tls_version
TLSv1.2
incoming_tls_cert
incoming_query_string_params
{}
incoming_body
#access_token=Y7wzY-VvRbUHvJj4QjGzmaxqLiH2SWCVmHCGkj5HRgs.5ZtE14dORnEYB24JmtyqVOpj9PdbyGaxyzMwlssmE3H7_fb94qtkz2Rkbmeor-WNs-mKPustLEkgq_8N4CXV6g.M18xNjY5NTc0MDkzXzE4&code=yeL6Tjh7WvlGcLO7BMnurgiCzRlPL6BTXJ78zt4K2nA.GY_labhdGl188hfFmFMjmFATgioBfGifMLfUpdef2CcPR8kdt6FWnXr2kRfFoB3xqqVMAj13Wz7FKXnrGu2RaA&expires_in=7200&id_token=eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJldmY3cHJMSkstSHFhcklfTWh3U1pRIiwiYXVkIjpbImNmMzE2NmNmLThiNjctNDQ4My05MGJlLTQ4NzU1YmM4ODNhYSJdLCJhdXRoX3RpbWUiOjE2Njk1NzM2MDYsImNfaGFzaCI6IkY0WGJTSmNtb1JfRWlocnZNa3BJZVEiLCJleHAiOjE2Njk1ODEyOTMsImlhdCI6MTY2OTU3NDA5MywiaXNzIjoiaHR0cHM6Ly9vaWRjLWNvbmZvcm1hbmNlLnJlbC52ZXJpZnkuaWJtY2xvdWRzZWN1cml0eS5jb20vb2F1dGgyIiwianRpIjoiYTgzYzFhMDUtY2Q3Ni00OTNjLWEwZDktYzE1MmZkZjU4MjM3IiwibmFtZSI6IklTViBEZXYiLCJub25jZSI6IlpyT0gxU1RybmwiLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJpc3ZkZXZAaWJtLmNvbSIsInJhdCI6MTY2OTU3NDA5MSwicmVhbG1OYW1lIjoiY2xvdWRJZGVudGl0eVJlYWxtIiwic19oYXNoIjoiNVZ5cjRyY3l6VXdObGZQZ2tCUF9GQSIsInN1YiI6IjYxNjAwMTdONjcifQ.Vq5joNPr69sru1yi8qIg-PomyWTQmizrOOeeL7SpXr8SJLKmoMfgklwD-12QDWveioOK9SjfXPacPgRSy1Pwr1GMeI1i-okU36DqRbQWVxF2sZeZLV2MQboIWu8b0EYhfo9UXDINvu6cpRDZZluUxHJUE_A6rgTQROfHwbC1oGZUzAUaPapdUJ6NDbh5jwtOeDynTCR916WuaF8n3vZyvenPXIgVCsYF94xO2EXJ2H9GeIukH92WHFxhK2TwMB311SbDVtTnSgeutedTtdnhXjSGq0kO9LGSYE9HrulWTgb5UijrSAf26Mlqf8b2ekl9I76TA98GUvoKx-HTIMtSPw&iss=https%3A%2F%2Foidc-conformance.rel.verify.ibmcloudsecurity.com%2Foauth2&scope=openid&state=tLvMgFF3mo&token_type=bearer
incoming_tls_chain
[
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL"
]
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_body_json
2022-11-27 18:34:54 OUTGOING
oidcc-refresh-token
Response to HTTP request to test instance h5RcmlX92Fa2SOe
outgoing_status_code
204
outgoing_headers
{}
outgoing_body

                                
outgoing_path
implicit/ZNKw2ERxVZ9C8CFTQ8ix
2022-11-27 18:34:54
ExtractImplicitHashToCallbackResponse
Extracted response from URL fragment
parameters
[
  {
    "name": "access_token",
    "value": "Y7wzY-VvRbUHvJj4QjGzmaxqLiH2SWCVmHCGkj5HRgs.5ZtE14dORnEYB24JmtyqVOpj9PdbyGaxyzMwlssmE3H7_fb94qtkz2Rkbmeor-WNs-mKPustLEkgq_8N4CXV6g.M18xNjY5NTc0MDkzXzE4"
  },
  {
    "name": "code",
    "value": "yeL6Tjh7WvlGcLO7BMnurgiCzRlPL6BTXJ78zt4K2nA.GY_labhdGl188hfFmFMjmFATgioBfGifMLfUpdef2CcPR8kdt6FWnXr2kRfFoB3xqqVMAj13Wz7FKXnrGu2RaA"
  },
  {
    "name": "expires_in",
    "value": "7200"
  },
  {
    "name": "id_token",
    "value": "eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJldmY3cHJMSkstSHFhcklfTWh3U1pRIiwiYXVkIjpbImNmMzE2NmNmLThiNjctNDQ4My05MGJlLTQ4NzU1YmM4ODNhYSJdLCJhdXRoX3RpbWUiOjE2Njk1NzM2MDYsImNfaGFzaCI6IkY0WGJTSmNtb1JfRWlocnZNa3BJZVEiLCJleHAiOjE2Njk1ODEyOTMsImlhdCI6MTY2OTU3NDA5MywiaXNzIjoiaHR0cHM6Ly9vaWRjLWNvbmZvcm1hbmNlLnJlbC52ZXJpZnkuaWJtY2xvdWRzZWN1cml0eS5jb20vb2F1dGgyIiwianRpIjoiYTgzYzFhMDUtY2Q3Ni00OTNjLWEwZDktYzE1MmZkZjU4MjM3IiwibmFtZSI6IklTViBEZXYiLCJub25jZSI6IlpyT0gxU1RybmwiLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJpc3ZkZXZAaWJtLmNvbSIsInJhdCI6MTY2OTU3NDA5MSwicmVhbG1OYW1lIjoiY2xvdWRJZGVudGl0eVJlYWxtIiwic19oYXNoIjoiNVZ5cjRyY3l6VXdObGZQZ2tCUF9GQSIsInN1YiI6IjYxNjAwMTdONjcifQ.Vq5joNPr69sru1yi8qIg-PomyWTQmizrOOeeL7SpXr8SJLKmoMfgklwD-12QDWveioOK9SjfXPacPgRSy1Pwr1GMeI1i-okU36DqRbQWVxF2sZeZLV2MQboIWu8b0EYhfo9UXDINvu6cpRDZZluUxHJUE_A6rgTQROfHwbC1oGZUzAUaPapdUJ6NDbh5jwtOeDynTCR916WuaF8n3vZyvenPXIgVCsYF94xO2EXJ2H9GeIukH92WHFxhK2TwMB311SbDVtTnSgeutedTtdnhXjSGq0kO9LGSYE9HrulWTgb5UijrSAf26Mlqf8b2ekl9I76TA98GUvoKx-HTIMtSPw"
  },
  {
    "name": "iss",
    "value": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2"
  },
  {
    "name": "scope",
    "value": "openid"
  },
  {
    "name": "state",
    "value": "tLvMgFF3mo"
  },
  {
    "name": "token_type",
    "value": "bearer"
  }
]
2022-11-27 18:34:54 SUCCESS
ExtractImplicitHashToCallbackResponse
Extracted the hash values
access_token
Y7wzY-VvRbUHvJj4QjGzmaxqLiH2SWCVmHCGkj5HRgs.5ZtE14dORnEYB24JmtyqVOpj9PdbyGaxyzMwlssmE3H7_fb94qtkz2Rkbmeor-WNs-mKPustLEkgq_8N4CXV6g.M18xNjY5NTc0MDkzXzE4
code
yeL6Tjh7WvlGcLO7BMnurgiCzRlPL6BTXJ78zt4K2nA.GY_labhdGl188hfFmFMjmFATgioBfGifMLfUpdef2CcPR8kdt6FWnXr2kRfFoB3xqqVMAj13Wz7FKXnrGu2RaA
expires_in
7200
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJldmY3cHJMSkstSHFhcklfTWh3U1pRIiwiYXVkIjpbImNmMzE2NmNmLThiNjctNDQ4My05MGJlLTQ4NzU1YmM4ODNhYSJdLCJhdXRoX3RpbWUiOjE2Njk1NzM2MDYsImNfaGFzaCI6IkY0WGJTSmNtb1JfRWlocnZNa3BJZVEiLCJleHAiOjE2Njk1ODEyOTMsImlhdCI6MTY2OTU3NDA5MywiaXNzIjoiaHR0cHM6Ly9vaWRjLWNvbmZvcm1hbmNlLnJlbC52ZXJpZnkuaWJtY2xvdWRzZWN1cml0eS5jb20vb2F1dGgyIiwianRpIjoiYTgzYzFhMDUtY2Q3Ni00OTNjLWEwZDktYzE1MmZkZjU4MjM3IiwibmFtZSI6IklTViBEZXYiLCJub25jZSI6IlpyT0gxU1RybmwiLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJpc3ZkZXZAaWJtLmNvbSIsInJhdCI6MTY2OTU3NDA5MSwicmVhbG1OYW1lIjoiY2xvdWRJZGVudGl0eVJlYWxtIiwic19oYXNoIjoiNVZ5cjRyY3l6VXdObGZQZ2tCUF9GQSIsInN1YiI6IjYxNjAwMTdONjcifQ.Vq5joNPr69sru1yi8qIg-PomyWTQmizrOOeeL7SpXr8SJLKmoMfgklwD-12QDWveioOK9SjfXPacPgRSy1Pwr1GMeI1i-okU36DqRbQWVxF2sZeZLV2MQboIWu8b0EYhfo9UXDINvu6cpRDZZluUxHJUE_A6rgTQROfHwbC1oGZUzAUaPapdUJ6NDbh5jwtOeDynTCR916WuaF8n3vZyvenPXIgVCsYF94xO2EXJ2H9GeIukH92WHFxhK2TwMB311SbDVtTnSgeutedTtdnhXjSGq0kO9LGSYE9HrulWTgb5UijrSAf26Mlqf8b2ekl9I76TA98GUvoKx-HTIMtSPw
iss
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2
scope
openid
state
tLvMgFF3mo
token_type
bearer
2022-11-27 18:34:54 REDIRECT-IN
oidcc-refresh-token
Authorization endpoint response captured
url_query
{}
headers
{
  "host": "www.certification.openid.net",
  "cache-control": "max-age\u003d0",
  "upgrade-insecure-requests": "1",
  "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,image/avif,image/webp,image/apng,*/*;q\u003d0.8,application/signed-exchange;v\u003db3;q\u003d0.9",
  "sec-fetch-site": "cross-site",
  "sec-fetch-mode": "navigate",
  "sec-fetch-user": "?1",
  "sec-fetch-dest": "document",
  "sec-ch-ua": "\"Google Chrome\";v\u003d\"107\", \"Chromium\";v\u003d\"107\", \"Not\u003dA?Brand\";v\u003d\"24\"",
  "sec-ch-ua-mobile": "?0",
  "sec-ch-ua-platform": "\"Windows\"",
  "referer": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-US,en;q\u003d0.9,zh-CN;q\u003d0.8,zh;q\u003d0.7",
  "cookie": "__utmz\u003d201319536.1668662898.14.3.utmcsr\u003dcertification.openid.net|utmccn\u003d(referral)|utmcmd\u003dreferral|utmcct\u003d/; __utmc\u003d201319536; __utma\u003d201319536.1094656506.1667372526.1669169819.1669192421.17; JSESSIONID\u003dA99EA218D2554846F38BDDE459E8C220",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "x-forwarded-proto": "https",
  "x-forwarded-port": "443",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
http_method
GET
url_fragment
{
  "access_token": "Y7wzY-VvRbUHvJj4QjGzmaxqLiH2SWCVmHCGkj5HRgs.5ZtE14dORnEYB24JmtyqVOpj9PdbyGaxyzMwlssmE3H7_fb94qtkz2Rkbmeor-WNs-mKPustLEkgq_8N4CXV6g.M18xNjY5NTc0MDkzXzE4",
  "code": "yeL6Tjh7WvlGcLO7BMnurgiCzRlPL6BTXJ78zt4K2nA.GY_labhdGl188hfFmFMjmFATgioBfGifMLfUpdef2CcPR8kdt6FWnXr2kRfFoB3xqqVMAj13Wz7FKXnrGu2RaA",
  "expires_in": "7200",
  "id_token": "eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJldmY3cHJMSkstSHFhcklfTWh3U1pRIiwiYXVkIjpbImNmMzE2NmNmLThiNjctNDQ4My05MGJlLTQ4NzU1YmM4ODNhYSJdLCJhdXRoX3RpbWUiOjE2Njk1NzM2MDYsImNfaGFzaCI6IkY0WGJTSmNtb1JfRWlocnZNa3BJZVEiLCJleHAiOjE2Njk1ODEyOTMsImlhdCI6MTY2OTU3NDA5MywiaXNzIjoiaHR0cHM6Ly9vaWRjLWNvbmZvcm1hbmNlLnJlbC52ZXJpZnkuaWJtY2xvdWRzZWN1cml0eS5jb20vb2F1dGgyIiwianRpIjoiYTgzYzFhMDUtY2Q3Ni00OTNjLWEwZDktYzE1MmZkZjU4MjM3IiwibmFtZSI6IklTViBEZXYiLCJub25jZSI6IlpyT0gxU1RybmwiLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJpc3ZkZXZAaWJtLmNvbSIsInJhdCI6MTY2OTU3NDA5MSwicmVhbG1OYW1lIjoiY2xvdWRJZGVudGl0eVJlYWxtIiwic19oYXNoIjoiNVZ5cjRyY3l6VXdObGZQZ2tCUF9GQSIsInN1YiI6IjYxNjAwMTdONjcifQ.Vq5joNPr69sru1yi8qIg-PomyWTQmizrOOeeL7SpXr8SJLKmoMfgklwD-12QDWveioOK9SjfXPacPgRSy1Pwr1GMeI1i-okU36DqRbQWVxF2sZeZLV2MQboIWu8b0EYhfo9UXDINvu6cpRDZZluUxHJUE_A6rgTQROfHwbC1oGZUzAUaPapdUJ6NDbh5jwtOeDynTCR916WuaF8n3vZyvenPXIgVCsYF94xO2EXJ2H9GeIukH92WHFxhK2TwMB311SbDVtTnSgeutedTtdnhXjSGq0kO9LGSYE9HrulWTgb5UijrSAf26Mlqf8b2ekl9I76TA98GUvoKx-HTIMtSPw",
  "iss": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "scope": "openid",
  "state": "tLvMgFF3mo",
  "token_type": "bearer"
}
post_body
Verify authorization endpoint response
2022-11-27 18:34:54 SUCCESS
RejectAuthCodeInUrlQuery
Authorization code is not present in URL query returned from authorization endpoint
2022-11-27 18:34:54 SUCCESS
RejectErrorInUrlQuery
'error' is not present in URL query returned from authorization endpoint
2022-11-27 18:34:54 SUCCESS
CheckMatchingCallbackParameters
Callback parameters successfully verified
2022-11-27 18:34:54 SUCCESS
ValidateIssInAuthorizationResponse
'iss' parameter in authorization response matches server's issuer value.
2022-11-27 18:34:54 SUCCESS
CheckIfAuthorizationEndpointError
No error from authorization endpoint
2022-11-27 18:34:54 SUCCESS
CheckStateInAuthorizationResponse
State in response correctly returned
state
tLvMgFF3mo
2022-11-27 18:34:54 SUCCESS
ExtractAuthorizationCodeFromAuthorizationResponse
Found authorization code
code
yeL6Tjh7WvlGcLO7BMnurgiCzRlPL6BTXJ78zt4K2nA.GY_labhdGl188hfFmFMjmFATgioBfGifMLfUpdef2CcPR8kdt6FWnXr2kRfFoB3xqqVMAj13Wz7FKXnrGu2RaA
2022-11-27 18:34:54 SUCCESS
ExtractAccessTokenFromAuthorizationResponse
Extracted the access token
value
Y7wzY-VvRbUHvJj4QjGzmaxqLiH2SWCVmHCGkj5HRgs.5ZtE14dORnEYB24JmtyqVOpj9PdbyGaxyzMwlssmE3H7_fb94qtkz2Rkbmeor-WNs-mKPustLEkgq_8N4CXV6g.M18xNjY5NTc0MDkzXzE4
type
bearer
2022-11-27 18:34:54 SUCCESS
ExtractIdTokenFromAuthorizationResponse
Found and parsed the id_token from authorization_endpoint_response
value
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJldmY3cHJMSkstSHFhcklfTWh3U1pRIiwiYXVkIjpbImNmMzE2NmNmLThiNjctNDQ4My05MGJlLTQ4NzU1YmM4ODNhYSJdLCJhdXRoX3RpbWUiOjE2Njk1NzM2MDYsImNfaGFzaCI6IkY0WGJTSmNtb1JfRWlocnZNa3BJZVEiLCJleHAiOjE2Njk1ODEyOTMsImlhdCI6MTY2OTU3NDA5MywiaXNzIjoiaHR0cHM6Ly9vaWRjLWNvbmZvcm1hbmNlLnJlbC52ZXJpZnkuaWJtY2xvdWRzZWN1cml0eS5jb20vb2F1dGgyIiwianRpIjoiYTgzYzFhMDUtY2Q3Ni00OTNjLWEwZDktYzE1MmZkZjU4MjM3IiwibmFtZSI6IklTViBEZXYiLCJub25jZSI6IlpyT0gxU1RybmwiLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJpc3ZkZXZAaWJtLmNvbSIsInJhdCI6MTY2OTU3NDA5MSwicmVhbG1OYW1lIjoiY2xvdWRJZGVudGl0eVJlYWxtIiwic19oYXNoIjoiNVZ5cjRyY3l6VXdObGZQZ2tCUF9GQSIsInN1YiI6IjYxNjAwMTdONjcifQ.Vq5joNPr69sru1yi8qIg-PomyWTQmizrOOeeL7SpXr8SJLKmoMfgklwD-12QDWveioOK9SjfXPacPgRSy1Pwr1GMeI1i-okU36DqRbQWVxF2sZeZLV2MQboIWu8b0EYhfo9UXDINvu6cpRDZZluUxHJUE_A6rgTQROfHwbC1oGZUzAUaPapdUJ6NDbh5jwtOeDynTCR916WuaF8n3vZyvenPXIgVCsYF94xO2EXJ2H9GeIukH92WHFxhK2TwMB311SbDVtTnSgeutedTtdnhXjSGq0kO9LGSYE9HrulWTgb5UijrSAf26Mlqf8b2ekl9I76TA98GUvoKx-HTIMtSPw
header
{
  "kid": "server",
  "alg": "RS256"
}
claims
{
  "at_hash": "evf7prLJK-HqarI_MhwSZQ",
  "sub": "6160017N67",
  "rat": 1669574091,
  "realmName": "cloudIdentityRealm",
  "amr": [
    "password"
  ],
  "iss": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "preferred_username": "isvdev@ibm.com",
  "nonce": "ZrOH1STrnl",
  "acr": "urn:ibm:security:policy:id:1",
  "aud": "cf3166cf-8b67-4483-90be-48755bc883aa",
  "c_hash": "F4XbSJcmoR_EihrvMkpIeQ",
  "s_hash": "5Vyr4rcyzUwNlfPgkBP_FA",
  "auth_time": 1669573606,
  "name": "ISV Dev",
  "exp": 1669581293,
  "iat": 1669574093,
  "jti": "a83c1a05-cd76-493c-a0d9-c152fdf58237"
}
2022-11-27 18:34:54 SUCCESS
ValidateIdToken
ID token iss, aud, exp, iat, auth_time, acr & nbf claims passed validation checks
2022-11-27 18:34:54
ValidateIdTokenStandardClaims
sub is a string with content
2022-11-27 18:34:54
ValidateIdTokenStandardClaims
Skipping unknown claim: rat
2022-11-27 18:34:54
ValidateIdTokenStandardClaims
Skipping unknown claim: realmName
2022-11-27 18:34:54
ValidateIdTokenStandardClaims
preferred_username is a string with content
2022-11-27 18:34:54
ValidateIdTokenStandardClaims
name is a string with content
2022-11-27 18:34:54 SUCCESS
ValidateIdTokenStandardClaims
id_token claims are valid
2022-11-27 18:34:54 SUCCESS
ValidateIdTokenNonce
Nonce values match
nonce
ZrOH1STrnl
2022-11-27 18:34:54 SUCCESS
ValidateIdTokenACRClaimAgainstRequest
Nothing to check; the conformance suite did not request an acr claim in request object
2022-11-27 18:34:54 SUCCESS
ValidateIdTokenSignature
id_token signature validated
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJldmY3cHJMSkstSHFhcklfTWh3U1pRIiwiYXVkIjpbImNmMzE2NmNmLThiNjctNDQ4My05MGJlLTQ4NzU1YmM4ODNhYSJdLCJhdXRoX3RpbWUiOjE2Njk1NzM2MDYsImNfaGFzaCI6IkY0WGJTSmNtb1JfRWlocnZNa3BJZVEiLCJleHAiOjE2Njk1ODEyOTMsImlhdCI6MTY2OTU3NDA5MywiaXNzIjoiaHR0cHM6Ly9vaWRjLWNvbmZvcm1hbmNlLnJlbC52ZXJpZnkuaWJtY2xvdWRzZWN1cml0eS5jb20vb2F1dGgyIiwianRpIjoiYTgzYzFhMDUtY2Q3Ni00OTNjLWEwZDktYzE1MmZkZjU4MjM3IiwibmFtZSI6IklTViBEZXYiLCJub25jZSI6IlpyT0gxU1RybmwiLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJpc3ZkZXZAaWJtLmNvbSIsInJhdCI6MTY2OTU3NDA5MSwicmVhbG1OYW1lIjoiY2xvdWRJZGVudGl0eVJlYWxtIiwic19oYXNoIjoiNVZ5cjRyY3l6VXdObGZQZ2tCUF9GQSIsInN1YiI6IjYxNjAwMTdONjcifQ.Vq5joNPr69sru1yi8qIg-PomyWTQmizrOOeeL7SpXr8SJLKmoMfgklwD-12QDWveioOK9SjfXPacPgRSy1Pwr1GMeI1i-okU36DqRbQWVxF2sZeZLV2MQboIWu8b0EYhfo9UXDINvu6cpRDZZluUxHJUE_A6rgTQROfHwbC1oGZUzAUaPapdUJ6NDbh5jwtOeDynTCR916WuaF8n3vZyvenPXIgVCsYF94xO2EXJ2H9GeIukH92WHFxhK2TwMB311SbDVtTnSgeutedTtdnhXjSGq0kO9LGSYE9HrulWTgb5UijrSAf26Mlqf8b2ekl9I76TA98GUvoKx-HTIMtSPw
2022-11-27 18:34:54 SUCCESS
ValidateIdTokenSignatureUsingKid
id_token signature validated
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJldmY3cHJMSkstSHFhcklfTWh3U1pRIiwiYXVkIjpbImNmMzE2NmNmLThiNjctNDQ4My05MGJlLTQ4NzU1YmM4ODNhYSJdLCJhdXRoX3RpbWUiOjE2Njk1NzM2MDYsImNfaGFzaCI6IkY0WGJTSmNtb1JfRWlocnZNa3BJZVEiLCJleHAiOjE2Njk1ODEyOTMsImlhdCI6MTY2OTU3NDA5MywiaXNzIjoiaHR0cHM6Ly9vaWRjLWNvbmZvcm1hbmNlLnJlbC52ZXJpZnkuaWJtY2xvdWRzZWN1cml0eS5jb20vb2F1dGgyIiwianRpIjoiYTgzYzFhMDUtY2Q3Ni00OTNjLWEwZDktYzE1MmZkZjU4MjM3IiwibmFtZSI6IklTViBEZXYiLCJub25jZSI6IlpyT0gxU1RybmwiLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJpc3ZkZXZAaWJtLmNvbSIsInJhdCI6MTY2OTU3NDA5MSwicmVhbG1OYW1lIjoiY2xvdWRJZGVudGl0eVJlYWxtIiwic19oYXNoIjoiNVZ5cjRyY3l6VXdObGZQZ2tCUF9GQSIsInN1YiI6IjYxNjAwMTdONjcifQ.Vq5joNPr69sru1yi8qIg-PomyWTQmizrOOeeL7SpXr8SJLKmoMfgklwD-12QDWveioOK9SjfXPacPgRSy1Pwr1GMeI1i-okU36DqRbQWVxF2sZeZLV2MQboIWu8b0EYhfo9UXDINvu6cpRDZZluUxHJUE_A6rgTQROfHwbC1oGZUzAUaPapdUJ6NDbh5jwtOeDynTCR916WuaF8n3vZyvenPXIgVCsYF94xO2EXJ2H9GeIukH92WHFxhK2TwMB311SbDVtTnSgeutedTtdnhXjSGq0kO9LGSYE9HrulWTgb5UijrSAf26Mlqf8b2ekl9I76TA98GUvoKx-HTIMtSPw
2022-11-27 18:34:54 SUCCESS
CheckForSubjectInIdToken
Found 'sub' in id_token
sub
6160017N67
2022-11-27 18:34:54
EnsureIdTokenUpdatedAtValid
id_token response does not contain 'updated_at'
2022-11-27 18:34:54 INFO
ValidateEncryptedIdTokenHasKid
Skipped evaluation due to missing required element: id_token jwe_header
path
jwe_header
mapped
object
id_token
Userinfo endpoint tests
2022-11-27 18:34:54
CallProtectedResource
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/userinfo
request_method
GET
request_headers
{
  "accept": "application/json",
  "authorization": "bearer Y7wzY-VvRbUHvJj4QjGzmaxqLiH2SWCVmHCGkj5HRgs.5ZtE14dORnEYB24JmtyqVOpj9PdbyGaxyzMwlssmE3H7_fb94qtkz2Rkbmeor-WNs-mKPustLEkgq_8N4CXV6g.M18xNjY5NTc0MDkzXzE4",
  "content-length": "0"
}
request_body

                                
2022-11-27 18:34:55 RESPONSE
CallProtectedResource
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AKa0b56239-b96f-46b2-ab18-37005ac453ad",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c2816383adcf07ca267d",
  "content-length": "324",
  "date": "Sun, 27 Nov 2022 18:34:55 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:y6OPIhiIyH4sl8wgq8uvCG6fuQqWickykaM6coo5F/U\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:61017047; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003dB46D20D8D9DF527BA1950C87199C91AF~-1~YAAQJHYGFyGJ44SEAQAAu/FeugjYlEA/3NDc2jhlsnANgVWnt7JkpvSE/3SPKWWs2nnn8KWVNTH+8g4nfneyqR+9/gbQuJ75aK0nd8MIYmtUzUF3CBzDMPj43kN+QQoTc5iIvBtVs0mb2pHn7dmrQXUUICJpW+KX6Ive2IeBauDRFnXnCcJ6O0jPnVKavYpc3yXfHz7xLly2h9LWLsKgLCSllIjRjdUDJPbN8Itgrq3IKmjeF9n0vjDpOVfVrEIWDuLzr3SzmWgOHBzZc79ZMszEcWZVx6non1FPsiA4nlkKyPjXE+JZ34V+wNzKfLYJjFTTsNsy5upQ2tipKkVnxpMZay7w09RH5bGb+d0yQcLB8vNA8d7+NS6vm5gTnwoZfsGe9qU\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 27 Nov 2023 18:34:55 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003dBE8C2DBF75554E72B39A28C0BECB0F7F~YAAQJHYGFyKJ44SEAQAAu/FeuhHWLaodSsXmS8kgi/WcC5W5NWg3HIY80/RkOiBa7L3oOq37GdqUTaueWPA4hHgDoiDd860kZo70kYYogcfecyt/y2SyBbLwPNvLUC7YxcB2wFPjtWVXekK+8t2WTly06Nf6B2BtwgO++ddkO4Dyu2JleDUPuM5wdRO6x06cYv8LcVrIbW0I1SIvhzTo18Gm+4QIu7Uip4qvuHPUqDDlJhj2NkRp4vHJxl7nRBjoKg1TfxLh0z9w4VHF0Iho5VS0ruOWTCH3W/z2jeO6BfMNppre4OkWaKRV0yCd~3486529~3159604; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dSun, 27 Nov 2022 22:34:54 GMT; Max-Age\u003d14399; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d471",
    "origin; dur\u003d112"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"acr":"urn:ibm:security:policy:id:1","amr":["password"],"aud":["cf3166cf-8b67-4483-90be-48755bc883aa"],"auth_time":1669573606,"iss":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2","name":"ISV Dev","preferred_username":"isvdev@ibm.com","rat":1669574091,"realmName":"cloudIdentityRealm","sub":"6160017N67"}
2022-11-27 18:34:55 SUCCESS
CallProtectedResource
Got a response from the resource endpoint
status
200
endpoint_name
resource
headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AKa0b56239-b96f-46b2-ab18-37005ac453ad",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c2816383adcf07ca267d",
  "content-length": "324",
  "date": "Sun, 27 Nov 2022 18:34:55 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:y6OPIhiIyH4sl8wgq8uvCG6fuQqWickykaM6coo5F/U\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:61017047; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003dB46D20D8D9DF527BA1950C87199C91AF~-1~YAAQJHYGFyGJ44SEAQAAu/FeugjYlEA/3NDc2jhlsnANgVWnt7JkpvSE/3SPKWWs2nnn8KWVNTH+8g4nfneyqR+9/gbQuJ75aK0nd8MIYmtUzUF3CBzDMPj43kN+QQoTc5iIvBtVs0mb2pHn7dmrQXUUICJpW+KX6Ive2IeBauDRFnXnCcJ6O0jPnVKavYpc3yXfHz7xLly2h9LWLsKgLCSllIjRjdUDJPbN8Itgrq3IKmjeF9n0vjDpOVfVrEIWDuLzr3SzmWgOHBzZc79ZMszEcWZVx6non1FPsiA4nlkKyPjXE+JZ34V+wNzKfLYJjFTTsNsy5upQ2tipKkVnxpMZay7w09RH5bGb+d0yQcLB8vNA8d7+NS6vm5gTnwoZfsGe9qU\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 27 Nov 2023 18:34:55 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003dBE8C2DBF75554E72B39A28C0BECB0F7F~YAAQJHYGFyKJ44SEAQAAu/FeuhHWLaodSsXmS8kgi/WcC5W5NWg3HIY80/RkOiBa7L3oOq37GdqUTaueWPA4hHgDoiDd860kZo70kYYogcfecyt/y2SyBbLwPNvLUC7YxcB2wFPjtWVXekK+8t2WTly06Nf6B2BtwgO++ddkO4Dyu2JleDUPuM5wdRO6x06cYv8LcVrIbW0I1SIvhzTo18Gm+4QIu7Uip4qvuHPUqDDlJhj2NkRp4vHJxl7nRBjoKg1TfxLh0z9w4VHF0Iho5VS0ruOWTCH3W/z2jeO6BfMNppre4OkWaKRV0yCd~3486529~3159604; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dSun, 27 Nov 2022 22:34:54 GMT; Max-Age\u003d14399; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d471",
    "origin; dur\u003d112"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
body
{"acr":"urn:ibm:security:policy:id:1","amr":["password"],"aud":["cf3166cf-8b67-4483-90be-48755bc883aa"],"auth_time":1669573606,"iss":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2","name":"ISV Dev","preferred_username":"isvdev@ibm.com","rat":1669574091,"realmName":"cloudIdentityRealm","sub":"6160017N67"}
2022-11-27 18:34:55 SUCCESS
EnsureHttpStatusCodeIs200
resource endpoint returned the expected http status
expected_status
200
http_status
200
2022-11-27 18:34:55 SUCCESS
CreateTokenEndpointRequestForAuthorizationCodeGrant
Created token endpoint request
grant_type
authorization_code
code
yeL6Tjh7WvlGcLO7BMnurgiCzRlPL6BTXJ78zt4K2nA.GY_labhdGl188hfFmFMjmFATgioBfGifMLfUpdef2CcPR8kdt6FWnXr2kRfFoB3xqqVMAj13Wz7FKXnrGu2RaA
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
2022-11-27 18:34:55 SUCCESS
AddBasicAuthClientSecretAuthenticationParameters
Added basic authorization header
Authorization
Basic Y2YzMTY2Y2YtOGI2Ny00NDgzLTkwYmUtNDg3NTViYzg4M2FhOndiOFp3Q1lVejQ=
2022-11-27 18:34:55
CallTokenEndpoint
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/token
request_method
POST
request_headers
{
  "accept": "application/json",
  "authorization": "Basic Y2YzMTY2Y2YtOGI2Ny00NDgzLTkwYmUtNDg3NTViYzg4M2FhOndiOFp3Q1lVejQ\u003d",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "267"
}
request_body
grant_type=authorization_code&code=yeL6Tjh7WvlGcLO7BMnurgiCzRlPL6BTXJ78zt4K2nA.GY_labhdGl188hfFmFMjmFATgioBfGifMLfUpdef2CcPR8kdt6FWnXr2kRfFoB3xqqVMAj13Wz7FKXnrGu2RaA&redirect_uri=https%3A%2F%2Fwww.certification.openid.net%2Ftest%2Fa%2Fisv_op_oidc_core_test%2Fcallback
2022-11-27 18:34:55 RESPONSE
CallTokenEndpoint
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AKe39f7c8d-0988-441d-aff2-8ee3af7334cb",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c2816383adcf3551bfe1",
  "content-length": "1498",
  "date": "Sun, 27 Nov 2022 18:34:55 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:px10WfMOONggi8TOGG9SzO9zw/qx384Dim5xTEUWIFI\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:54725591; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003dB93CB895F089B47663E5EC1A0F120CEE~-1~YAAQJHYGFzaJ44SEAQAAdPNeugj/pB5IW9zDNsRlb1arb9vTjLwbJ0BsGK8IHwoJ3rH57iXIMdpMSX2KQVgb1koiuowQBwmvJR9aPWzMQ7x1QstxvTJ1OiDYbH/GIgWT2a9hdl2w2HYETm73W8w5b2UsefbUGqVNYnxoS/iFid6hEd5m1Nc0SrIYjpFrPy3dCNpejifGafWFbwDD5FBN/mKhqGDfutDyFCf1Hg8U2nos7iIuiC3FxNweF69WoRrtD9G0sgqzXiWPneIr1xAsqtEYAeAtjbB9j5r/ZY5V8uVIwgT61KRmXNLJbdvjVp+ImwvMBA5S0SeFDhkUcMNKYcc/BcNMGLo2v3IXhqwZiunnvbd/eDoWtZXcR2q1o8v+cicg/VQ\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 27 Nov 2023 18:34:55 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d3FD3E9828DAB84A4E0B16C832B0CD304~YAAQJHYGFzeJ44SEAQAAdPNeuhGziXakk/cf7kgb34HpR1/3WTDBOsEZ4Wu67/fu+/RetOYdUQhfcbw7xgDhmmXLjy+EU18ioQvuDP+R70v5ulbJtf9UQG1j5rP/tED+HqSx+OfRshaySIjFNX0AIHOVBkz8B7vBN1h1YmrtEtSTGsYxyWghWk6ow1oBfBWR+oxD5xHdEh/4pG9sw2dSTgdHvCuw0J+WB41YlPRWOzManCEyZ9nEbMcRgZZBkwdYbZIpdm6B4Ktil5iqnYGV4NVnVWt/9L9roEXXnaaYIWxgckvn0OwdrvBI5nuv~3753273~4403765; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dSun, 27 Nov 2022 22:34:55 GMT; Max-Age\u003d14400; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d147",
    "origin; dur\u003d225"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"access_token":"AP4C8aw3iFP5CQD66uPKEhidWJml4ln12OODdvjMRc8.XCc9mXpwZMUz4vsXgVfGKEe0L_D0d_BrtYNvcrTtnps7tOem2dBriXWtneVZHNm69E6Np5UABpxgN4V7AWz3rA.M18xNjY5NTc0MDk1XzE4","expires_in":7200,"id_token":"eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJDZEh1cUh4M0Y4Mlk4djFwZU5WaU93IiwiYXVkIjpbImNmMzE2NmNmLThiNjctNDQ4My05MGJlLTQ4NzU1YmM4ODNhYSJdLCJhdXRoX3RpbWUiOjE2Njk1NzM2MDYsImV4cCI6MTY2OTU4MTI5NSwiaWF0IjoxNjY5NTc0MDk1LCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiI2NGY2YWJjNC1hYjc5LTRjN2EtOGFiNi04MmU5NzdjMDA1YzMiLCJuYW1lIjoiSVNWIERldiIsIm5vbmNlIjoiWnJPSDFTVHJubCIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NTc0MDkxLCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoiSFdWSnlIdTRCUE5mYVFMdm1RZEw2USIsInNfaGFzaCI6IjVWeXI0cmN5elV3TmxmUGdrQlBfRkEiLCJzdWIiOiI2MTYwMDE3TjY3In0.O20giyfXNW0cVZ8uDR1mPxWkMaPOMcD8MjBiBd3ZrqgSwALKNqeK5-W9vbsVzp_5sao7Pe-0z1hPvkYezJN-EI6rxhKPrFH2wVU1H2wmTpDKMw11PKBycy-FIUPKZJFc_ydsoTR4rRLVd42v-rwx7hMeRWTvaGfgP_3Goga7n1_CgTz0HPdfvO3VwJmRtzpkI0qOL-1syZl0j1b3W4yUF_hBoYf24qvt6WrA7dw5OJLyPd6VKk_8oiJLfEkWOfAThsUHsbwJyxzAUSuDh_8xX4utkF8fpG7cLx6y_AK2zvENaF0ZIy26UG9MhZwDHE7ORoOkeDAb-7JRrxOqEJz1yA","refresh_token":"Wfo9R6fEVSa7q_9lX8moa8Q9NOMZJAoEDPTs4FHdxfg.tvhfKsiyus0ytSvk-Y93dquosWBRP3d_RxszwJJe7B28tf66-J5lQFY5uluo3e958hOBaZeVRNZBFFKWhZBGyw.M18xNjY5NTc0MDk1XzE4","scope":"openid","token_type":"bearer"}
2022-11-27 18:34:55 SUCCESS
CallTokenEndpoint
Parsed token endpoint response
access_token
AP4C8aw3iFP5CQD66uPKEhidWJml4ln12OODdvjMRc8.XCc9mXpwZMUz4vsXgVfGKEe0L_D0d_BrtYNvcrTtnps7tOem2dBriXWtneVZHNm69E6Np5UABpxgN4V7AWz3rA.M18xNjY5NTc0MDk1XzE4
expires_in
7200
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJDZEh1cUh4M0Y4Mlk4djFwZU5WaU93IiwiYXVkIjpbImNmMzE2NmNmLThiNjctNDQ4My05MGJlLTQ4NzU1YmM4ODNhYSJdLCJhdXRoX3RpbWUiOjE2Njk1NzM2MDYsImV4cCI6MTY2OTU4MTI5NSwiaWF0IjoxNjY5NTc0MDk1LCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiI2NGY2YWJjNC1hYjc5LTRjN2EtOGFiNi04MmU5NzdjMDA1YzMiLCJuYW1lIjoiSVNWIERldiIsIm5vbmNlIjoiWnJPSDFTVHJubCIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NTc0MDkxLCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoiSFdWSnlIdTRCUE5mYVFMdm1RZEw2USIsInNfaGFzaCI6IjVWeXI0cmN5elV3TmxmUGdrQlBfRkEiLCJzdWIiOiI2MTYwMDE3TjY3In0.O20giyfXNW0cVZ8uDR1mPxWkMaPOMcD8MjBiBd3ZrqgSwALKNqeK5-W9vbsVzp_5sao7Pe-0z1hPvkYezJN-EI6rxhKPrFH2wVU1H2wmTpDKMw11PKBycy-FIUPKZJFc_ydsoTR4rRLVd42v-rwx7hMeRWTvaGfgP_3Goga7n1_CgTz0HPdfvO3VwJmRtzpkI0qOL-1syZl0j1b3W4yUF_hBoYf24qvt6WrA7dw5OJLyPd6VKk_8oiJLfEkWOfAThsUHsbwJyxzAUSuDh_8xX4utkF8fpG7cLx6y_AK2zvENaF0ZIy26UG9MhZwDHE7ORoOkeDAb-7JRrxOqEJz1yA
refresh_token
Wfo9R6fEVSa7q_9lX8moa8Q9NOMZJAoEDPTs4FHdxfg.tvhfKsiyus0ytSvk-Y93dquosWBRP3d_RxszwJJe7B28tf66-J5lQFY5uluo3e958hOBaZeVRNZBFFKWhZBGyw.M18xNjY5NTc0MDk1XzE4
scope
openid
token_type
bearer
2022-11-27 18:34:55 SUCCESS
CheckIfTokenEndpointResponseError
No error from token endpoint
2022-11-27 18:34:55 SUCCESS
CheckForAccessTokenValue
Found an access token
access_token
AP4C8aw3iFP5CQD66uPKEhidWJml4ln12OODdvjMRc8.XCc9mXpwZMUz4vsXgVfGKEe0L_D0d_BrtYNvcrTtnps7tOem2dBriXWtneVZHNm69E6Np5UABpxgN4V7AWz3rA.M18xNjY5NTc0MDk1XzE4
2022-11-27 18:34:55 SUCCESS
ExtractAccessTokenFromTokenResponse
Extracted the access token
value
AP4C8aw3iFP5CQD66uPKEhidWJml4ln12OODdvjMRc8.XCc9mXpwZMUz4vsXgVfGKEe0L_D0d_BrtYNvcrTtnps7tOem2dBriXWtneVZHNm69E6Np5UABpxgN4V7AWz3rA.M18xNjY5NTc0MDk1XzE4
type
bearer
2022-11-27 18:34:55 SUCCESS
ExtractExpiresInFromTokenEndpointResponse
Extracted 'expires_in'
expires_in
7200
2022-11-27 18:34:55 SUCCESS
ValidateExpiresIn
expires_in passed all validation checks
expires_in
7200
2022-11-27 18:34:55 SUCCESS
CheckForRefreshTokenValue
Found a refresh token
refresh_token
Wfo9R6fEVSa7q_9lX8moa8Q9NOMZJAoEDPTs4FHdxfg.tvhfKsiyus0ytSvk-Y93dquosWBRP3d_RxszwJJe7B28tf66-J5lQFY5uluo3e958hOBaZeVRNZBFFKWhZBGyw.M18xNjY5NTc0MDk1XzE4
2022-11-27 18:34:55 SUCCESS
ExtractIdTokenFromTokenResponse
Found and parsed the id_token from token_endpoint_response
value
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJDZEh1cUh4M0Y4Mlk4djFwZU5WaU93IiwiYXVkIjpbImNmMzE2NmNmLThiNjctNDQ4My05MGJlLTQ4NzU1YmM4ODNhYSJdLCJhdXRoX3RpbWUiOjE2Njk1NzM2MDYsImV4cCI6MTY2OTU4MTI5NSwiaWF0IjoxNjY5NTc0MDk1LCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiI2NGY2YWJjNC1hYjc5LTRjN2EtOGFiNi04MmU5NzdjMDA1YzMiLCJuYW1lIjoiSVNWIERldiIsIm5vbmNlIjoiWnJPSDFTVHJubCIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NTc0MDkxLCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoiSFdWSnlIdTRCUE5mYVFMdm1RZEw2USIsInNfaGFzaCI6IjVWeXI0cmN5elV3TmxmUGdrQlBfRkEiLCJzdWIiOiI2MTYwMDE3TjY3In0.O20giyfXNW0cVZ8uDR1mPxWkMaPOMcD8MjBiBd3ZrqgSwALKNqeK5-W9vbsVzp_5sao7Pe-0z1hPvkYezJN-EI6rxhKPrFH2wVU1H2wmTpDKMw11PKBycy-FIUPKZJFc_ydsoTR4rRLVd42v-rwx7hMeRWTvaGfgP_3Goga7n1_CgTz0HPdfvO3VwJmRtzpkI0qOL-1syZl0j1b3W4yUF_hBoYf24qvt6WrA7dw5OJLyPd6VKk_8oiJLfEkWOfAThsUHsbwJyxzAUSuDh_8xX4utkF8fpG7cLx6y_AK2zvENaF0ZIy26UG9MhZwDHE7ORoOkeDAb-7JRrxOqEJz1yA
header
{
  "kid": "server",
  "alg": "RS256"
}
claims
{
  "at_hash": "CdHuqHx3F82Y8v1peNViOw",
  "sub": "6160017N67",
  "rat": 1669574091,
  "realmName": "cloudIdentityRealm",
  "amr": [
    "password"
  ],
  "iss": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "preferred_username": "isvdev@ibm.com",
  "nonce": "ZrOH1STrnl",
  "rt_hash": "HWVJyHu4BPNfaQLvmQdL6Q",
  "acr": "urn:ibm:security:policy:id:1",
  "aud": "cf3166cf-8b67-4483-90be-48755bc883aa",
  "s_hash": "5Vyr4rcyzUwNlfPgkBP_FA",
  "auth_time": 1669573606,
  "name": "ISV Dev",
  "exp": 1669581295,
  "iat": 1669574095,
  "jti": "64f6abc4-ab79-4c7a-8ab6-82e977c005c3"
}
2022-11-27 18:34:55 SUCCESS
ValidateIdToken
ID token iss, aud, exp, iat, auth_time, acr & nbf claims passed validation checks
2022-11-27 18:34:55
ValidateIdTokenStandardClaims
sub is a string with content
2022-11-27 18:34:55
ValidateIdTokenStandardClaims
Skipping unknown claim: rat
2022-11-27 18:34:55
ValidateIdTokenStandardClaims
Skipping unknown claim: realmName
2022-11-27 18:34:55
ValidateIdTokenStandardClaims
preferred_username is a string with content
2022-11-27 18:34:55
ValidateIdTokenStandardClaims
Skipping unknown claim: rt_hash
2022-11-27 18:34:55
ValidateIdTokenStandardClaims
name is a string with content
2022-11-27 18:34:55 SUCCESS
ValidateIdTokenStandardClaims
id_token claims are valid
2022-11-27 18:34:55 SUCCESS
ValidateIdTokenNonce
Nonce values match
nonce
ZrOH1STrnl
2022-11-27 18:34:55 SUCCESS
ValidateIdTokenACRClaimAgainstRequest
Nothing to check; the conformance suite did not request an acr claim in request object
2022-11-27 18:34:55 SUCCESS
ValidateIdTokenSignature
id_token signature validated
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJDZEh1cUh4M0Y4Mlk4djFwZU5WaU93IiwiYXVkIjpbImNmMzE2NmNmLThiNjctNDQ4My05MGJlLTQ4NzU1YmM4ODNhYSJdLCJhdXRoX3RpbWUiOjE2Njk1NzM2MDYsImV4cCI6MTY2OTU4MTI5NSwiaWF0IjoxNjY5NTc0MDk1LCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiI2NGY2YWJjNC1hYjc5LTRjN2EtOGFiNi04MmU5NzdjMDA1YzMiLCJuYW1lIjoiSVNWIERldiIsIm5vbmNlIjoiWnJPSDFTVHJubCIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NTc0MDkxLCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoiSFdWSnlIdTRCUE5mYVFMdm1RZEw2USIsInNfaGFzaCI6IjVWeXI0cmN5elV3TmxmUGdrQlBfRkEiLCJzdWIiOiI2MTYwMDE3TjY3In0.O20giyfXNW0cVZ8uDR1mPxWkMaPOMcD8MjBiBd3ZrqgSwALKNqeK5-W9vbsVzp_5sao7Pe-0z1hPvkYezJN-EI6rxhKPrFH2wVU1H2wmTpDKMw11PKBycy-FIUPKZJFc_ydsoTR4rRLVd42v-rwx7hMeRWTvaGfgP_3Goga7n1_CgTz0HPdfvO3VwJmRtzpkI0qOL-1syZl0j1b3W4yUF_hBoYf24qvt6WrA7dw5OJLyPd6VKk_8oiJLfEkWOfAThsUHsbwJyxzAUSuDh_8xX4utkF8fpG7cLx6y_AK2zvENaF0ZIy26UG9MhZwDHE7ORoOkeDAb-7JRrxOqEJz1yA
2022-11-27 18:34:55 SUCCESS
ValidateIdTokenSignatureUsingKid
id_token signature validated
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJDZEh1cUh4M0Y4Mlk4djFwZU5WaU93IiwiYXVkIjpbImNmMzE2NmNmLThiNjctNDQ4My05MGJlLTQ4NzU1YmM4ODNhYSJdLCJhdXRoX3RpbWUiOjE2Njk1NzM2MDYsImV4cCI6MTY2OTU4MTI5NSwiaWF0IjoxNjY5NTc0MDk1LCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiI2NGY2YWJjNC1hYjc5LTRjN2EtOGFiNi04MmU5NzdjMDA1YzMiLCJuYW1lIjoiSVNWIERldiIsIm5vbmNlIjoiWnJPSDFTVHJubCIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NTc0MDkxLCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoiSFdWSnlIdTRCUE5mYVFMdm1RZEw2USIsInNfaGFzaCI6IjVWeXI0cmN5elV3TmxmUGdrQlBfRkEiLCJzdWIiOiI2MTYwMDE3TjY3In0.O20giyfXNW0cVZ8uDR1mPxWkMaPOMcD8MjBiBd3ZrqgSwALKNqeK5-W9vbsVzp_5sao7Pe-0z1hPvkYezJN-EI6rxhKPrFH2wVU1H2wmTpDKMw11PKBycy-FIUPKZJFc_ydsoTR4rRLVd42v-rwx7hMeRWTvaGfgP_3Goga7n1_CgTz0HPdfvO3VwJmRtzpkI0qOL-1syZl0j1b3W4yUF_hBoYf24qvt6WrA7dw5OJLyPd6VKk_8oiJLfEkWOfAThsUHsbwJyxzAUSuDh_8xX4utkF8fpG7cLx6y_AK2zvENaF0ZIy26UG9MhZwDHE7ORoOkeDAb-7JRrxOqEJz1yA
2022-11-27 18:34:55 SUCCESS
CheckForSubjectInIdToken
Found 'sub' in id_token
sub
6160017N67
2022-11-27 18:34:55
EnsureIdTokenUpdatedAtValid
id_token response does not contain 'updated_at'
2022-11-27 18:34:55 INFO
ValidateEncryptedIdTokenHasKid
Skipped evaluation due to missing required element: id_token jwe_header
path
jwe_header
mapped
object
id_token
2022-11-27 18:34:55 SUCCESS
VerifyIdTokenSubConsistentHybridFlow
authorization endpoint and token endpoint id_token have same sub
sub_auth_endpoint
6160017N67
sub_token_endpoint
6160017N67
2022-11-27 18:34:55 SUCCESS
ExtractRefreshTokenFromTokenResponse
Extracted refresh token from response
refresh_token
Wfo9R6fEVSa7q_9lX8moa8Q9NOMZJAoEDPTs4FHdxfg.tvhfKsiyus0ytSvk-Y93dquosWBRP3d_RxszwJJe7B28tf66-J5lQFY5uluo3e958hOBaZeVRNZBFFKWhZBGyw.M18xNjY5NTc0MDk1XzE4
2022-11-27 18:34:55 SUCCESS
EnsureServerConfigurationSupportsRefreshToken
The server configuration indicates support for refresh tokens
supported_grant_types
[
  "authorization_code",
  "implicit",
  "password",
  "refresh_token",
  "client_credentials"
]
2022-11-27 18:34:55 SUCCESS
EnsureRefreshTokenContainsAllowedCharactersOnly
Refresh token does not contain any illegal characters
Refresh Token Request
2022-11-27 18:34:55 SUCCESS
CreateRefreshTokenRequest
Created token endpoint request parameters
grant_type
refresh_token
refresh_token
Wfo9R6fEVSa7q_9lX8moa8Q9NOMZJAoEDPTs4FHdxfg.tvhfKsiyus0ytSvk-Y93dquosWBRP3d_RxszwJJe7B28tf66-J5lQFY5uluo3e958hOBaZeVRNZBFFKWhZBGyw.M18xNjY5NTc0MDk1XzE4
2022-11-27 18:34:55 SUCCESS
AddScopeToTokenEndpointRequest
Added scope of 'openid' to token endpoint request
grant_type
refresh_token
refresh_token
Wfo9R6fEVSa7q_9lX8moa8Q9NOMZJAoEDPTs4FHdxfg.tvhfKsiyus0ytSvk-Y93dquosWBRP3d_RxszwJJe7B28tf66-J5lQFY5uluo3e958hOBaZeVRNZBFFKWhZBGyw.M18xNjY5NTc0MDk1XzE4
scope
openid
2022-11-27 18:34:55 SUCCESS
AddBasicAuthClientSecretAuthenticationParameters
Added basic authorization header
Authorization
Basic Y2YzMTY2Y2YtOGI2Ny00NDgzLTkwYmUtNDg3NTViYzg4M2FhOndiOFp3Q1lVejQ=
2022-11-27 18:34:55 SUCCESS
WaitForOneSecond
Pausing for 1 seconds
2022-11-27 18:34:56 SUCCESS
WaitForOneSecond
Woke up after 1 seconds sleep
2022-11-27 18:34:56
CallTokenEndpointAndReturnFullResponse
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/token
request_method
POST
request_headers
{
  "accept": "application/json",
  "authorization": "Basic Y2YzMTY2Y2YtOGI2Ny00NDgzLTkwYmUtNDg3NTViYzg4M2FhOndiOFp3Q1lVejQ\u003d",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "203"
}
request_body
grant_type=refresh_token&refresh_token=Wfo9R6fEVSa7q_9lX8moa8Q9NOMZJAoEDPTs4FHdxfg.tvhfKsiyus0ytSvk-Y93dquosWBRP3d_RxszwJJe7B28tf66-J5lQFY5uluo3e958hOBaZeVRNZBFFKWhZBGyw.M18xNjY5NTc0MDk1XzE4&scope=openid
2022-11-27 18:34:57 RESPONSE
CallTokenEndpointAndReturnFullResponse
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK3c8b623b-ba75-47bf-960c-7c5439b28acf",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c2816383add010e7a0d9",
  "content-length": "1425",
  "date": "Sun, 27 Nov 2022 18:34:57 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:T3za5ujoEWZbCZGyNCtTjll91M/hgFHVREftC46DI1c\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:57871319; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003dE3FDEFDA2570A10FC1FBC0D716D1544F~-1~YAAQJHYGF7OJ44SEAQAArfheugga+aZR8/Cdtk5fu0lPAU7BwMIszkcMkQlHxXN+Sh20mKufQ4s774BKWw/IHgGY7ttquoUYBA9k9XNzLWwWGw3tkSR9osGBTnZPhoClYEXdoseaj3S1ytX11vRLeap3s1crHj2qO8Nlr8S2AUm+OHmeA0rfB5bIVpvaxCb8BZ8Ef7/ePP3+I1UrF9TiOGecQpQdQmmmNyw8GSkmmz0h+w0gk/PrIyKxaxJF3EjdzmqwAZ1QLwfZ/lbP6xei/MJaePX2VM54x1jgyCNEX4OxYEEJE2AWVtOfd8AhbkWnVWWCqBiqf4+eaeN/TbQFyAO+In3rjJ9pPmQQdM2bNMHGef/7+B/B63ZXNjJOwYW/LJvAZ1U\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 27 Nov 2023 18:34:57 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003dA52CF5B9E5E2D5B90154C92A65702A79~YAAQJHYGF7SJ44SEAQAArfheuhESef6F4XLa2R6CpoetjozArhAcrJ1sMxmKAZStDy5MqQACp94FXdEm3rO6AiktxzcQ2KucKUBQcSMzhUa9uoIfxm5Bt7av0rOZqNk07BjU4cv4BEe1SMtJNCDRYyymmaSmmrZ6QQ2JttARn6IDle2B80VNIoVmg1L5kUNHLu3hQlhbGwA9F0Xy90XC9P7LwtybfZ/Mg5DB2O+5A1C5md/MtEmPTaeOQkIisshldY2IZ2354VsY7ajjqUXTnKWiZRnEqYL69MxYsyt1e8J+J/kmqD+O4DQZZAxH~3617331~3552816; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dSun, 27 Nov 2022 22:34:56 GMT; Max-Age\u003d14399; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d104",
    "origin; dur\u003d150"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"access_token":"-qlKz6lXGfuWQPc3VhNj4RwXABPb1MtrckVwqiWLVyI.VcnirOmVTRSSbRLbd3HGnwdD2Geu6etM3x53fQihcavDJ01vu7fYzPan7k95sqg5FE35VrMtMBhLAoZZ_IjTXw.M18xNjY5NTc0MDk2XzE4","expires_in":7200,"id_token":"eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJuWTg0V3BhMmtDaFlfbkhqR0J6MmdBIiwiYXVkIjpbImNmMzE2NmNmLThiNjctNDQ4My05MGJlLTQ4NzU1YmM4ODNhYSJdLCJhdXRoX3RpbWUiOjE2Njk1NzM2MDYsImV4cCI6MTY2OTU4MTI5NiwiaWF0IjoxNjY5NTc0MDk2LCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiIwMDU4NzI0Ni04ZDBlLTRhNzEtYmFjZi1hMTRjYWY5Y2NjYWQiLCJuYW1lIjoiSVNWIERldiIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NTc0MDkxLCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoiSTdnUFduSC1VYXdObER5QUhUNnBPZyIsInN1YiI6IjYxNjAwMTdONjcifQ.hdQ3yZLIJ4vskTspc05IevGcAFzEUsDTuUiNMXJdUgySfp84CGLDdl64Zc3TfKy2fPsH9Zl3lM0iFowRO5l5q2SWZFSUUmlXwH8BoxGkBvbwW3fzZYIhjbQG6Jq6d-F4rPXnXW2Xem3OaUOmSj043thPSJICyNrrjdLFGz8qGeps9dTSh-JotQDwaaFJP6s3XqAFVHWNsBaKUvucxs23jxuMEOykwmBEbb5Dbhc9zaq9iwSzCjFakOq2_mA_q9zN__LF_e8R3glEKOHhwEDi4t7iYnhj4xBTY10K3K6DBozjkdPoautmFMmevX8UaUYBRaUaI9LtyOXAK46vwGeTNQ","refresh_token":"UNKKSogHNpWVJce65K_Oa01_35-jpTOEhADVfGlMTnY.hqpDeYkNV2xoZYviDgUTesHBZUa79pZrOP0nGBNXu3nCxfrINblB6pb5qL526TsGBupd5lrsvBCM1VfQrT6A7Q.M18xNjY5NTc0MDk2XzE4","scope":"openid","token_type":"bearer"}
2022-11-27 18:34:57 SUCCESS
CallTokenEndpointAndReturnFullResponse
Parsed token endpoint response
access_token
-qlKz6lXGfuWQPc3VhNj4RwXABPb1MtrckVwqiWLVyI.VcnirOmVTRSSbRLbd3HGnwdD2Geu6etM3x53fQihcavDJ01vu7fYzPan7k95sqg5FE35VrMtMBhLAoZZ_IjTXw.M18xNjY5NTc0MDk2XzE4
expires_in
7200
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJuWTg0V3BhMmtDaFlfbkhqR0J6MmdBIiwiYXVkIjpbImNmMzE2NmNmLThiNjctNDQ4My05MGJlLTQ4NzU1YmM4ODNhYSJdLCJhdXRoX3RpbWUiOjE2Njk1NzM2MDYsImV4cCI6MTY2OTU4MTI5NiwiaWF0IjoxNjY5NTc0MDk2LCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiIwMDU4NzI0Ni04ZDBlLTRhNzEtYmFjZi1hMTRjYWY5Y2NjYWQiLCJuYW1lIjoiSVNWIERldiIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NTc0MDkxLCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoiSTdnUFduSC1VYXdObER5QUhUNnBPZyIsInN1YiI6IjYxNjAwMTdONjcifQ.hdQ3yZLIJ4vskTspc05IevGcAFzEUsDTuUiNMXJdUgySfp84CGLDdl64Zc3TfKy2fPsH9Zl3lM0iFowRO5l5q2SWZFSUUmlXwH8BoxGkBvbwW3fzZYIhjbQG6Jq6d-F4rPXnXW2Xem3OaUOmSj043thPSJICyNrrjdLFGz8qGeps9dTSh-JotQDwaaFJP6s3XqAFVHWNsBaKUvucxs23jxuMEOykwmBEbb5Dbhc9zaq9iwSzCjFakOq2_mA_q9zN__LF_e8R3glEKOHhwEDi4t7iYnhj4xBTY10K3K6DBozjkdPoautmFMmevX8UaUYBRaUaI9LtyOXAK46vwGeTNQ
refresh_token
UNKKSogHNpWVJce65K_Oa01_35-jpTOEhADVfGlMTnY.hqpDeYkNV2xoZYviDgUTesHBZUa79pZrOP0nGBNXu3nCxfrINblB6pb5qL526TsGBupd5lrsvBCM1VfQrT6A7Q.M18xNjY5NTc0MDk2XzE4
scope
openid
token_type
bearer
2022-11-27 18:34:57 SUCCESS
CheckTokenEndpointHttpStatus200
Token endpoint http status code was 200
2022-11-27 18:34:57 SUCCESS
CheckTokenEndpointReturnedJsonContentType
token_endpoint_response_headers Content-Type: header is application/json
2022-11-27 18:34:57 SUCCESS
CheckTokenEndpointCacheHeaders
'cache-control' header in token endpoint response contains expected value.
cache_control_header
no-store
2022-11-27 18:34:57 SUCCESS
CheckIfTokenEndpointResponseError
No error from token endpoint
2022-11-27 18:34:57 SUCCESS
ExtractAccessTokenFromTokenResponse
Extracted the access token
value
-qlKz6lXGfuWQPc3VhNj4RwXABPb1MtrckVwqiWLVyI.VcnirOmVTRSSbRLbd3HGnwdD2Geu6etM3x53fQihcavDJ01vu7fYzPan7k95sqg5FE35VrMtMBhLAoZZ_IjTXw.M18xNjY5NTc0MDk2XzE4
type
bearer
2022-11-27 18:34:57 SUCCESS
CheckTokenTypeIsBearer
Token type is bearer
2022-11-27 18:34:57 SUCCESS
EnsureMinimumAccessTokenEntropy
Calculated shannon entropy seems sufficient
actual
874.0528941628535
expected
96.0
value
-qlKz6lXGfuWQPc3VhNj4RwXABPb1MtrckVwqiWLVyI.VcnirOmVTRSSbRLbd3HGnwdD2Geu6etM3x53fQihcavDJ01vu7fYzPan7k95sqg5FE35VrMtMBhLAoZZ_IjTXw.M18xNjY5NTc0MDk2XzE4
2022-11-27 18:34:57 SUCCESS
EnsureAccessTokenContainsAllowedCharactersOnly
Access token does not contain any illegal characters
2022-11-27 18:34:57 SUCCESS
ExtractExpiresInFromTokenEndpointResponse
Extracted 'expires_in'
expires_in
7200
2022-11-27 18:34:57 SUCCESS
ValidateExpiresIn
expires_in passed all validation checks
expires_in
7200
2022-11-27 18:34:57 SUCCESS
EnsureAccessTokenValuesAreDifferent
Access token values are not the same
first_access_token
AP4C8aw3iFP5CQD66uPKEhidWJml4ln12OODdvjMRc8.XCc9mXpwZMUz4vsXgVfGKEe0L_D0d_BrtYNvcrTtnps7tOem2dBriXWtneVZHNm69E6Np5UABpxgN4V7AWz3rA.M18xNjY5NTc0MDk1XzE4
second_access_token
-qlKz6lXGfuWQPc3VhNj4RwXABPb1MtrckVwqiWLVyI.VcnirOmVTRSSbRLbd3HGnwdD2Geu6etM3x53fQihcavDJ01vu7fYzPan7k95sqg5FE35VrMtMBhLAoZZ_IjTXw.M18xNjY5NTc0MDk2XzE4
2022-11-27 18:34:57 SUCCESS
ExtractIdTokenFromTokenResponse
Found and parsed the id_token from token_endpoint_response
value
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJuWTg0V3BhMmtDaFlfbkhqR0J6MmdBIiwiYXVkIjpbImNmMzE2NmNmLThiNjctNDQ4My05MGJlLTQ4NzU1YmM4ODNhYSJdLCJhdXRoX3RpbWUiOjE2Njk1NzM2MDYsImV4cCI6MTY2OTU4MTI5NiwiaWF0IjoxNjY5NTc0MDk2LCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiIwMDU4NzI0Ni04ZDBlLTRhNzEtYmFjZi1hMTRjYWY5Y2NjYWQiLCJuYW1lIjoiSVNWIERldiIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NTc0MDkxLCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoiSTdnUFduSC1VYXdObER5QUhUNnBPZyIsInN1YiI6IjYxNjAwMTdONjcifQ.hdQ3yZLIJ4vskTspc05IevGcAFzEUsDTuUiNMXJdUgySfp84CGLDdl64Zc3TfKy2fPsH9Zl3lM0iFowRO5l5q2SWZFSUUmlXwH8BoxGkBvbwW3fzZYIhjbQG6Jq6d-F4rPXnXW2Xem3OaUOmSj043thPSJICyNrrjdLFGz8qGeps9dTSh-JotQDwaaFJP6s3XqAFVHWNsBaKUvucxs23jxuMEOykwmBEbb5Dbhc9zaq9iwSzCjFakOq2_mA_q9zN__LF_e8R3glEKOHhwEDi4t7iYnhj4xBTY10K3K6DBozjkdPoautmFMmevX8UaUYBRaUaI9LtyOXAK46vwGeTNQ
header
{
  "kid": "server",
  "alg": "RS256"
}
claims
{
  "at_hash": "nY84Wpa2kChY_nHjGBz2gA",
  "sub": "6160017N67",
  "rat": 1669574091,
  "realmName": "cloudIdentityRealm",
  "amr": [
    "password"
  ],
  "iss": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "preferred_username": "isvdev@ibm.com",
  "rt_hash": "I7gPWnH-UawNlDyAHT6pOg",
  "acr": "urn:ibm:security:policy:id:1",
  "aud": "cf3166cf-8b67-4483-90be-48755bc883aa",
  "auth_time": 1669573606,
  "name": "ISV Dev",
  "exp": 1669581296,
  "iat": 1669574096,
  "jti": "00587246-8d0e-4a71-bacf-a14caf9cccad"
}
2022-11-27 18:34:57 SUCCESS
ExtractRefreshTokenFromTokenResponse
Extracted refresh token from response
refresh_token
UNKKSogHNpWVJce65K_Oa01_35-jpTOEhADVfGlMTnY.hqpDeYkNV2xoZYviDgUTesHBZUa79pZrOP0nGBNXu3nCxfrINblB6pb5qL526TsGBupd5lrsvBCM1VfQrT6A7Q.M18xNjY5NTc0MDk2XzE4
2022-11-27 18:34:57 SUCCESS
EnsureMinimumRefreshTokenLength
Refresh token is of sufficient length
actual
1208
required
128
2022-11-27 18:34:57 SUCCESS
EnsureMinimumRefreshTokenEntropy
Calculated shannon entropy seems sufficient
actual
858.6402406659774
expected
96.0
value
UNKKSogHNpWVJce65K_Oa01_35-jpTOEhADVfGlMTnY.hqpDeYkNV2xoZYviDgUTesHBZUa79pZrOP0nGBNXu3nCxfrINblB6pb5qL526TsGBupd5lrsvBCM1VfQrT6A7Q.M18xNjY5NTc0MDk2XzE4
2022-11-27 18:34:57 SUCCESS
CompareIdTokenClaims
Validated id token claims successfully
iss
{
  "first": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "second": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "note": "Values are expected to be equal"
}
sub
{
  "first": "6160017N67",
  "second": "6160017N67",
  "note": "Values are expected to be equal"
}
iat
{
  "first": 1669574095,
  "second": 1669574096,
  "note": "Values are expected to be different"
}
aud
{
  "first": "cf3166cf-8b67-4483-90be-48755bc883aa",
  "second": "cf3166cf-8b67-4483-90be-48755bc883aa",
  "note": "Values are expected to be equal"
}
auth_time
{
  "first": 1669573606,
  "second": 1669573606,
  "note": "Values are expected to be equal"
}
azp
Id tokens do not contain azp claims
Userinfo endpoint tests
2022-11-27 18:34:57
CallProtectedResource
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/userinfo
request_method
GET
request_headers
{
  "accept": "application/json",
  "authorization": "bearer -qlKz6lXGfuWQPc3VhNj4RwXABPb1MtrckVwqiWLVyI.VcnirOmVTRSSbRLbd3HGnwdD2Geu6etM3x53fQihcavDJ01vu7fYzPan7k95sqg5FE35VrMtMBhLAoZZ_IjTXw.M18xNjY5NTc0MDk2XzE4",
  "content-length": "0"
}
request_body

                                
2022-11-27 18:34:57 RESPONSE
CallProtectedResource
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AKa58626a9-5015-4324-a22a-fde695f0a28c",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c2816383add1206b54c5",
  "content-length": "324",
  "date": "Sun, 27 Nov 2022 18:34:57 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:OjRanMF8Pn99UA34jMtuolvigojrCwVU11DeoiCDErw\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:57871319; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d232989D1F7E38458F2413A2566AE2234~-1~YAAQJHYGF8CJ44SEAQAAMvpeugilnQVmhiEOIib5KekJMlQMm3AM1t36PntySsDcqamEDE8Gx+Eb9bfUtjfcYsLcBOk/OR6JSQ5VJG2OOnTXpbGkbOJmFu42RB+wztdyTqjv/YiG9sg2rTii7e9VmfmQUEaFIUeWWz6HGLnkUaBuv30AmtjNjpV+LhB/MbgbKgdcKFUlBhiCRvrdAON1LTKK9vFJMQC8E8XOq7k8To1k96wGS3eWAbmX2Xl/a6oCNnJBtyDlvL20aVoTyQtymTucmG4Mt9UWVrWzeV9AdocL/2g12i/qmp4qGlcl97gK1vIIGRk1phwq72EOyndLZpgZRM0S2zTmfpNOWO/G4szVJ4OgEd1SblB/UuU/NH5VdCF5smc\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 27 Nov 2023 18:34:57 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d86D0B52DFA9373F3C310E895E28E476B~YAAQJHYGF8GJ44SEAQAAMvpeuhHeRPJQT6enhSbT7htEClKVYmcIVdf4t6uAxy38t2er3Y/M8IuXnnUma0tSk4O3fEqJ/gFjXdfvCkmcpnrQ+8gjxOTcugd5o5PREt4xpyP7PgiK7ygJJ4KqsIpXs1BGgGSePArvCl24PdMrQah9wusEIDM9PZglgHwaYdFYBbPjGaxuxNT8IXUkgQHI9zq35Zyoreqs19t2jWMMaa7/9bhBb33lg8B1gGKTvnKAYfiX62NOnva2eNj9DANbctkv2X615TICf2qT92qdAElrUnBXeoI95Jaw4OSO~4272449~3420983; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dSun, 27 Nov 2022 22:34:57 GMT; Max-Age\u003d14400; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d193",
    "origin; dur\u003d108"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"acr":"urn:ibm:security:policy:id:1","amr":["password"],"aud":["cf3166cf-8b67-4483-90be-48755bc883aa"],"auth_time":1669573606,"iss":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2","name":"ISV Dev","preferred_username":"isvdev@ibm.com","rat":1669574091,"realmName":"cloudIdentityRealm","sub":"6160017N67"}
2022-11-27 18:34:57 SUCCESS
CallProtectedResource
Got a response from the resource endpoint
status
200
endpoint_name
resource
headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AKa58626a9-5015-4324-a22a-fde695f0a28c",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c2816383add1206b54c5",
  "content-length": "324",
  "date": "Sun, 27 Nov 2022 18:34:57 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:OjRanMF8Pn99UA34jMtuolvigojrCwVU11DeoiCDErw\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:57871319; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d232989D1F7E38458F2413A2566AE2234~-1~YAAQJHYGF8CJ44SEAQAAMvpeugilnQVmhiEOIib5KekJMlQMm3AM1t36PntySsDcqamEDE8Gx+Eb9bfUtjfcYsLcBOk/OR6JSQ5VJG2OOnTXpbGkbOJmFu42RB+wztdyTqjv/YiG9sg2rTii7e9VmfmQUEaFIUeWWz6HGLnkUaBuv30AmtjNjpV+LhB/MbgbKgdcKFUlBhiCRvrdAON1LTKK9vFJMQC8E8XOq7k8To1k96wGS3eWAbmX2Xl/a6oCNnJBtyDlvL20aVoTyQtymTucmG4Mt9UWVrWzeV9AdocL/2g12i/qmp4qGlcl97gK1vIIGRk1phwq72EOyndLZpgZRM0S2zTmfpNOWO/G4szVJ4OgEd1SblB/UuU/NH5VdCF5smc\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 27 Nov 2023 18:34:57 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d86D0B52DFA9373F3C310E895E28E476B~YAAQJHYGF8GJ44SEAQAAMvpeuhHeRPJQT6enhSbT7htEClKVYmcIVdf4t6uAxy38t2er3Y/M8IuXnnUma0tSk4O3fEqJ/gFjXdfvCkmcpnrQ+8gjxOTcugd5o5PREt4xpyP7PgiK7ygJJ4KqsIpXs1BGgGSePArvCl24PdMrQah9wusEIDM9PZglgHwaYdFYBbPjGaxuxNT8IXUkgQHI9zq35Zyoreqs19t2jWMMaa7/9bhBb33lg8B1gGKTvnKAYfiX62NOnva2eNj9DANbctkv2X615TICf2qT92qdAElrUnBXeoI95Jaw4OSO~4272449~3420983; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dSun, 27 Nov 2022 22:34:57 GMT; Max-Age\u003d14400; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d193",
    "origin; dur\u003d108"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
body
{"acr":"urn:ibm:security:policy:id:1","amr":["password"],"aud":["cf3166cf-8b67-4483-90be-48755bc883aa"],"auth_time":1669573606,"iss":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2","name":"ISV Dev","preferred_username":"isvdev@ibm.com","rat":1669574091,"realmName":"cloudIdentityRealm","sub":"6160017N67"}
2022-11-27 18:34:57 SUCCESS
EnsureHttpStatusCodeIs200
resource endpoint returned the expected http status
expected_status
200
http_status
200
Second client: Make request to authorization endpoint
2022-11-27 18:34:57 SUCCESS
CreateAuthorizationEndpointRequestFromClientInformation
Created authorization endpoint request
client_id
eb9f83a7-9bdf-4c2b-8214-e39a9424016b
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
scope
openid
2022-11-27 18:34:57
CreateRandomStateValue
Created state value
requested_state_length
10
state
9Luh5JXQ7m
2022-11-27 18:34:57 SUCCESS
AddStateToAuthorizationEndpointRequest
Added state parameter to request
client_id
eb9f83a7-9bdf-4c2b-8214-e39a9424016b
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
scope
openid
state
9Luh5JXQ7m
2022-11-27 18:34:57
CreateRandomNonceValue
Created nonce value
requested_nonce_length
10
nonce
dS5heHUrvp
2022-11-27 18:34:57 SUCCESS
AddNonceToAuthorizationEndpointRequest
Added nonce parameter to request
client_id
eb9f83a7-9bdf-4c2b-8214-e39a9424016b
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
scope
openid
state
9Luh5JXQ7m
nonce
dS5heHUrvp
2022-11-27 18:34:57 SUCCESS
SetAuthorizationEndpointRequestResponseTypeFromEnvironment
Added response_type parameter to request
client_id
eb9f83a7-9bdf-4c2b-8214-e39a9424016b
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
scope
openid
state
9Luh5JXQ7m
nonce
dS5heHUrvp
response_type
code id_token token
2022-11-27 18:34:57 SUCCESS
AddPromptConsentToAuthorizationEndpointRequestIfScopeContainsOfflineAccess
Not adding prompt=consent as the scope in the configuration does not contain offline_access
2022-11-27 18:34:57 SUCCESS
BuildPlainRedirectToAuthorizationEndpoint
Sending to authorization endpoint
auth_request
{
  "client_id": "eb9f83a7-9bdf-4c2b-8214-e39a9424016b",
  "redirect_uri": "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback",
  "scope": "openid",
  "state": "9Luh5JXQ7m",
  "nonce": "dS5heHUrvp",
  "response_type": "code id_token token"
}
redirect_to_authorization_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/authorize?client_id=eb9f83a7-9bdf-4c2b-8214-e39a9424016b&redirect_uri=https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback&scope=openid&state=9Luh5JXQ7m&nonce=dS5heHUrvp&response_type=code%20id_token%20token
2022-11-27 18:34:57 REDIRECT
oidcc-refresh-token
Redirecting to authorization endpoint
redirect_to
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/authorize?client_id=eb9f83a7-9bdf-4c2b-8214-e39a9424016b&redirect_uri=https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback&scope=openid&state=9Luh5JXQ7m&nonce=dS5heHUrvp&response_type=code%20id_token%20token
2022-11-27 18:35:04 INCOMING
oidcc-refresh-token
Incoming HTTP request to /test/a/isv_op_oidc_core_test/callback
incoming_headers
{
  "host": "www.certification.openid.net",
  "cache-control": "max-age\u003d0",
  "upgrade-insecure-requests": "1",
  "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,image/avif,image/webp,image/apng,*/*;q\u003d0.8,application/signed-exchange;v\u003db3;q\u003d0.9",
  "sec-fetch-site": "cross-site",
  "sec-fetch-mode": "navigate",
  "sec-fetch-user": "?1",
  "sec-fetch-dest": "document",
  "sec-ch-ua": "\"Google Chrome\";v\u003d\"107\", \"Chromium\";v\u003d\"107\", \"Not\u003dA?Brand\";v\u003d\"24\"",
  "sec-ch-ua-mobile": "?0",
  "sec-ch-ua-platform": "\"Windows\"",
  "referer": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-US,en;q\u003d0.9,zh-CN;q\u003d0.8,zh;q\u003d0.7",
  "cookie": "__utmz\u003d201319536.1668662898.14.3.utmcsr\u003dcertification.openid.net|utmccn\u003d(referral)|utmcmd\u003dreferral|utmcct\u003d/; __utmc\u003d201319536; __utma\u003d201319536.1094656506.1667372526.1669169819.1669192421.17; JSESSIONID\u003dA99EA218D2554846F38BDDE459E8C220",
  "connection": "close"
}
incoming_path
/test/a/isv_op_oidc_core_test/callback
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cert
incoming_query_string_params
{}
incoming_body
incoming_tls_chain
[
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL"
]
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_body_json
2022-11-27 18:35:04 SUCCESS
CreateRandomImplicitSubmitUrl
Created random implicit submission URL
implicit_submit
{
  "path": "implicit/E94JNuaUYrfEvrbTJ89d",
  "fullUrl": "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/implicit/E94JNuaUYrfEvrbTJ89d"
}
2022-11-27 18:35:04 OUTGOING
oidcc-refresh-token
Response to HTTP request to test instance h5RcmlX92Fa2SOe
outgoing
ModelAndView [view="implicitCallback"; model={implicitSubmitUrl=https://www.certification.openid.net/test/a/isv_op_oidc_core_test/implicit/E94JNuaUYrfEvrbTJ89d, returnUrl=/log-detail.html?log=h5RcmlX92Fa2SOe}]
outgoing_path
callback
2022-11-27 18:35:04 INCOMING
oidcc-refresh-token
Incoming HTTP request to /test/a/isv_op_oidc_core_test/implicit/E94JNuaUYrfEvrbTJ89d
incoming_headers
{
  "host": "www.certification.openid.net",
  "sec-ch-ua": "\"Google Chrome\";v\u003d\"107\", \"Chromium\";v\u003d\"107\", \"Not\u003dA?Brand\";v\u003d\"24\"",
  "accept": "*/*",
  "content-type": "text/plain",
  "x-requested-with": "XMLHttpRequest",
  "sec-ch-ua-mobile": "?0",
  "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36",
  "sec-ch-ua-platform": "\"Windows\"",
  "origin": "https://www.certification.openid.net",
  "sec-fetch-site": "same-origin",
  "sec-fetch-mode": "cors",
  "sec-fetch-dest": "empty",
  "referer": "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-US,en;q\u003d0.9,zh-CN;q\u003d0.8,zh;q\u003d0.7",
  "cookie": "__utmz\u003d201319536.1668662898.14.3.utmcsr\u003dcertification.openid.net|utmccn\u003d(referral)|utmcmd\u003dreferral|utmcct\u003d/; __utmc\u003d201319536; __utma\u003d201319536.1094656506.1667372526.1669169819.1669192421.17; JSESSIONID\u003dA99EA218D2554846F38BDDE459E8C220",
  "connection": "close",
  "content-length": "1537"
}
incoming_path
/test/a/isv_op_oidc_core_test/implicit/E94JNuaUYrfEvrbTJ89d
incoming_body_form_params
incoming_method
POST
incoming_tls_version
TLSv1.2
incoming_tls_cert
incoming_query_string_params
{}
incoming_body
#access_token=c7SKAYkxRomrLSbXbO5j621pFIZIO1_xYrHy-tTpMuw.7-rEp2ZJX56G3OLCyZkOOyMGgad3bGDZOiMY6jrBh42eO6Tcl6sLd5oUA2LC1ppByfxfdVSCvJYIKwRKnIubIw.M18xNjY5NTc0MTAzXzE4&code=fdmwAAyiGvIU5wqtRMCA_3RjjTrIcLk33gBZiCM5q2M.Wxl4P05pv1ekFnNruNwVZyLJuE35h7i0nWKkrg_OiRY7PnIvtFiZ_xpBh3SzXGJ_0VBmPjZfyRCs7Hi1w4pVrQ&expires_in=7200&id_token=eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJxV1c1OGs2UDNoRk5MX2lOOUNMZFFBIiwiYXVkIjpbImViOWY4M2E3LTliZGYtNGMyYi04MjE0LWUzOWE5NDI0MDE2YiJdLCJhdXRoX3RpbWUiOjE2Njk1NzM2MDYsImNfaGFzaCI6InFUVzRETFFVZEF1eDAwWG41YjQxSkEiLCJleHAiOjE2Njk1ODEzMDMsImlhdCI6MTY2OTU3NDEwMywiaXNzIjoiaHR0cHM6Ly9vaWRjLWNvbmZvcm1hbmNlLnJlbC52ZXJpZnkuaWJtY2xvdWRzZWN1cml0eS5jb20vb2F1dGgyIiwianRpIjoiZDA0Mjg4MWUtYzZkOC00NzZiLTkwODEtNmM0ZjIzYWZjYzQ5IiwibmFtZSI6IklTViBEZXYiLCJub25jZSI6ImRTNWhlSFVydnAiLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJpc3ZkZXZAaWJtLmNvbSIsInJhdCI6MTY2OTU3NDEwMSwicmVhbG1OYW1lIjoiY2xvdWRJZGVudGl0eVJlYWxtIiwic19oYXNoIjoiLUthM1dUTEVDWW5VNWZUdVlKYlBnZyIsInN1YiI6IjYxNjAwMTdONjcifQ.jIz9oUydPgKMC0tvQoUu4kJ18DCq_xxqJOR-Tmi99LTlZQFeFgJRFZpnWcg_okdLrnl90RBzWSH4E19y9tpVGR-KsMNx4XnBOkIJaJmvoMlgKD8NSKHyXwb8TXFfh4N5dbCbM8kGgTU9069Ds7yR3C8PjdjIEy3VOoA31B_Aa4luXwnmmEJ0sH9VZMVL4_6gPOg4B_YEL8HLSkKo_0voolPMQZ1ACG6ttze6SpFnCGn5hZzbo0K5aa6ITzDnrXVzNnCt0NPGAmq6oX7x2vAFfVFzmPAosJJ6ThJ1uVUPMo6IcZx-iRII_Nkm1OP0BMo2K4tL1ZeiKXyuMD0UsRVFRQ&iss=https%3A%2F%2Foidc-conformance.rel.verify.ibmcloudsecurity.com%2Foauth2&scope=openid&state=9Luh5JXQ7m&token_type=bearer
incoming_tls_chain
[
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL"
]
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_body_json
2022-11-27 18:35:04 OUTGOING
oidcc-refresh-token
Response to HTTP request to test instance h5RcmlX92Fa2SOe
outgoing_status_code
204
outgoing_headers
{}
outgoing_body

                                
outgoing_path
implicit/E94JNuaUYrfEvrbTJ89d
2022-11-27 18:35:04
ExtractImplicitHashToCallbackResponse
Extracted response from URL fragment
parameters
[
  {
    "name": "access_token",
    "value": "c7SKAYkxRomrLSbXbO5j621pFIZIO1_xYrHy-tTpMuw.7-rEp2ZJX56G3OLCyZkOOyMGgad3bGDZOiMY6jrBh42eO6Tcl6sLd5oUA2LC1ppByfxfdVSCvJYIKwRKnIubIw.M18xNjY5NTc0MTAzXzE4"
  },
  {
    "name": "code",
    "value": "fdmwAAyiGvIU5wqtRMCA_3RjjTrIcLk33gBZiCM5q2M.Wxl4P05pv1ekFnNruNwVZyLJuE35h7i0nWKkrg_OiRY7PnIvtFiZ_xpBh3SzXGJ_0VBmPjZfyRCs7Hi1w4pVrQ"
  },
  {
    "name": "expires_in",
    "value": "7200"
  },
  {
    "name": "id_token",
    "value": "eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJxV1c1OGs2UDNoRk5MX2lOOUNMZFFBIiwiYXVkIjpbImViOWY4M2E3LTliZGYtNGMyYi04MjE0LWUzOWE5NDI0MDE2YiJdLCJhdXRoX3RpbWUiOjE2Njk1NzM2MDYsImNfaGFzaCI6InFUVzRETFFVZEF1eDAwWG41YjQxSkEiLCJleHAiOjE2Njk1ODEzMDMsImlhdCI6MTY2OTU3NDEwMywiaXNzIjoiaHR0cHM6Ly9vaWRjLWNvbmZvcm1hbmNlLnJlbC52ZXJpZnkuaWJtY2xvdWRzZWN1cml0eS5jb20vb2F1dGgyIiwianRpIjoiZDA0Mjg4MWUtYzZkOC00NzZiLTkwODEtNmM0ZjIzYWZjYzQ5IiwibmFtZSI6IklTViBEZXYiLCJub25jZSI6ImRTNWhlSFVydnAiLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJpc3ZkZXZAaWJtLmNvbSIsInJhdCI6MTY2OTU3NDEwMSwicmVhbG1OYW1lIjoiY2xvdWRJZGVudGl0eVJlYWxtIiwic19oYXNoIjoiLUthM1dUTEVDWW5VNWZUdVlKYlBnZyIsInN1YiI6IjYxNjAwMTdONjcifQ.jIz9oUydPgKMC0tvQoUu4kJ18DCq_xxqJOR-Tmi99LTlZQFeFgJRFZpnWcg_okdLrnl90RBzWSH4E19y9tpVGR-KsMNx4XnBOkIJaJmvoMlgKD8NSKHyXwb8TXFfh4N5dbCbM8kGgTU9069Ds7yR3C8PjdjIEy3VOoA31B_Aa4luXwnmmEJ0sH9VZMVL4_6gPOg4B_YEL8HLSkKo_0voolPMQZ1ACG6ttze6SpFnCGn5hZzbo0K5aa6ITzDnrXVzNnCt0NPGAmq6oX7x2vAFfVFzmPAosJJ6ThJ1uVUPMo6IcZx-iRII_Nkm1OP0BMo2K4tL1ZeiKXyuMD0UsRVFRQ"
  },
  {
    "name": "iss",
    "value": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2"
  },
  {
    "name": "scope",
    "value": "openid"
  },
  {
    "name": "state",
    "value": "9Luh5JXQ7m"
  },
  {
    "name": "token_type",
    "value": "bearer"
  }
]
2022-11-27 18:35:04 SUCCESS
ExtractImplicitHashToCallbackResponse
Extracted the hash values
access_token
c7SKAYkxRomrLSbXbO5j621pFIZIO1_xYrHy-tTpMuw.7-rEp2ZJX56G3OLCyZkOOyMGgad3bGDZOiMY6jrBh42eO6Tcl6sLd5oUA2LC1ppByfxfdVSCvJYIKwRKnIubIw.M18xNjY5NTc0MTAzXzE4
code
fdmwAAyiGvIU5wqtRMCA_3RjjTrIcLk33gBZiCM5q2M.Wxl4P05pv1ekFnNruNwVZyLJuE35h7i0nWKkrg_OiRY7PnIvtFiZ_xpBh3SzXGJ_0VBmPjZfyRCs7Hi1w4pVrQ
expires_in
7200
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJxV1c1OGs2UDNoRk5MX2lOOUNMZFFBIiwiYXVkIjpbImViOWY4M2E3LTliZGYtNGMyYi04MjE0LWUzOWE5NDI0MDE2YiJdLCJhdXRoX3RpbWUiOjE2Njk1NzM2MDYsImNfaGFzaCI6InFUVzRETFFVZEF1eDAwWG41YjQxSkEiLCJleHAiOjE2Njk1ODEzMDMsImlhdCI6MTY2OTU3NDEwMywiaXNzIjoiaHR0cHM6Ly9vaWRjLWNvbmZvcm1hbmNlLnJlbC52ZXJpZnkuaWJtY2xvdWRzZWN1cml0eS5jb20vb2F1dGgyIiwianRpIjoiZDA0Mjg4MWUtYzZkOC00NzZiLTkwODEtNmM0ZjIzYWZjYzQ5IiwibmFtZSI6IklTViBEZXYiLCJub25jZSI6ImRTNWhlSFVydnAiLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJpc3ZkZXZAaWJtLmNvbSIsInJhdCI6MTY2OTU3NDEwMSwicmVhbG1OYW1lIjoiY2xvdWRJZGVudGl0eVJlYWxtIiwic19oYXNoIjoiLUthM1dUTEVDWW5VNWZUdVlKYlBnZyIsInN1YiI6IjYxNjAwMTdONjcifQ.jIz9oUydPgKMC0tvQoUu4kJ18DCq_xxqJOR-Tmi99LTlZQFeFgJRFZpnWcg_okdLrnl90RBzWSH4E19y9tpVGR-KsMNx4XnBOkIJaJmvoMlgKD8NSKHyXwb8TXFfh4N5dbCbM8kGgTU9069Ds7yR3C8PjdjIEy3VOoA31B_Aa4luXwnmmEJ0sH9VZMVL4_6gPOg4B_YEL8HLSkKo_0voolPMQZ1ACG6ttze6SpFnCGn5hZzbo0K5aa6ITzDnrXVzNnCt0NPGAmq6oX7x2vAFfVFzmPAosJJ6ThJ1uVUPMo6IcZx-iRII_Nkm1OP0BMo2K4tL1ZeiKXyuMD0UsRVFRQ
iss
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2
scope
openid
state
9Luh5JXQ7m
token_type
bearer
2022-11-27 18:35:04 REDIRECT-IN
oidcc-refresh-token
Authorization endpoint response captured
url_query
{}
headers
{
  "host": "www.certification.openid.net",
  "cache-control": "max-age\u003d0",
  "upgrade-insecure-requests": "1",
  "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,image/avif,image/webp,image/apng,*/*;q\u003d0.8,application/signed-exchange;v\u003db3;q\u003d0.9",
  "sec-fetch-site": "cross-site",
  "sec-fetch-mode": "navigate",
  "sec-fetch-user": "?1",
  "sec-fetch-dest": "document",
  "sec-ch-ua": "\"Google Chrome\";v\u003d\"107\", \"Chromium\";v\u003d\"107\", \"Not\u003dA?Brand\";v\u003d\"24\"",
  "sec-ch-ua-mobile": "?0",
  "sec-ch-ua-platform": "\"Windows\"",
  "referer": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-US,en;q\u003d0.9,zh-CN;q\u003d0.8,zh;q\u003d0.7",
  "cookie": "__utmz\u003d201319536.1668662898.14.3.utmcsr\u003dcertification.openid.net|utmccn\u003d(referral)|utmcmd\u003dreferral|utmcct\u003d/; __utmc\u003d201319536; __utma\u003d201319536.1094656506.1667372526.1669169819.1669192421.17; JSESSIONID\u003dA99EA218D2554846F38BDDE459E8C220",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "x-forwarded-proto": "https",
  "x-forwarded-port": "443",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
http_method
GET
url_fragment
{
  "access_token": "c7SKAYkxRomrLSbXbO5j621pFIZIO1_xYrHy-tTpMuw.7-rEp2ZJX56G3OLCyZkOOyMGgad3bGDZOiMY6jrBh42eO6Tcl6sLd5oUA2LC1ppByfxfdVSCvJYIKwRKnIubIw.M18xNjY5NTc0MTAzXzE4",
  "code": "fdmwAAyiGvIU5wqtRMCA_3RjjTrIcLk33gBZiCM5q2M.Wxl4P05pv1ekFnNruNwVZyLJuE35h7i0nWKkrg_OiRY7PnIvtFiZ_xpBh3SzXGJ_0VBmPjZfyRCs7Hi1w4pVrQ",
  "expires_in": "7200",
  "id_token": "eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJxV1c1OGs2UDNoRk5MX2lOOUNMZFFBIiwiYXVkIjpbImViOWY4M2E3LTliZGYtNGMyYi04MjE0LWUzOWE5NDI0MDE2YiJdLCJhdXRoX3RpbWUiOjE2Njk1NzM2MDYsImNfaGFzaCI6InFUVzRETFFVZEF1eDAwWG41YjQxSkEiLCJleHAiOjE2Njk1ODEzMDMsImlhdCI6MTY2OTU3NDEwMywiaXNzIjoiaHR0cHM6Ly9vaWRjLWNvbmZvcm1hbmNlLnJlbC52ZXJpZnkuaWJtY2xvdWRzZWN1cml0eS5jb20vb2F1dGgyIiwianRpIjoiZDA0Mjg4MWUtYzZkOC00NzZiLTkwODEtNmM0ZjIzYWZjYzQ5IiwibmFtZSI6IklTViBEZXYiLCJub25jZSI6ImRTNWhlSFVydnAiLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJpc3ZkZXZAaWJtLmNvbSIsInJhdCI6MTY2OTU3NDEwMSwicmVhbG1OYW1lIjoiY2xvdWRJZGVudGl0eVJlYWxtIiwic19oYXNoIjoiLUthM1dUTEVDWW5VNWZUdVlKYlBnZyIsInN1YiI6IjYxNjAwMTdONjcifQ.jIz9oUydPgKMC0tvQoUu4kJ18DCq_xxqJOR-Tmi99LTlZQFeFgJRFZpnWcg_okdLrnl90RBzWSH4E19y9tpVGR-KsMNx4XnBOkIJaJmvoMlgKD8NSKHyXwb8TXFfh4N5dbCbM8kGgTU9069Ds7yR3C8PjdjIEy3VOoA31B_Aa4luXwnmmEJ0sH9VZMVL4_6gPOg4B_YEL8HLSkKo_0voolPMQZ1ACG6ttze6SpFnCGn5hZzbo0K5aa6ITzDnrXVzNnCt0NPGAmq6oX7x2vAFfVFzmPAosJJ6ThJ1uVUPMo6IcZx-iRII_Nkm1OP0BMo2K4tL1ZeiKXyuMD0UsRVFRQ",
  "iss": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "scope": "openid",
  "state": "9Luh5JXQ7m",
  "token_type": "bearer"
}
post_body
Second client: Verify authorization endpoint response
2022-11-27 18:35:04 SUCCESS
RejectAuthCodeInUrlQuery
Authorization code is not present in URL query returned from authorization endpoint
2022-11-27 18:35:04 SUCCESS
RejectErrorInUrlQuery
'error' is not present in URL query returned from authorization endpoint
2022-11-27 18:35:04 SUCCESS
CheckMatchingCallbackParameters
Callback parameters successfully verified
2022-11-27 18:35:04 SUCCESS
ValidateIssInAuthorizationResponse
'iss' parameter in authorization response matches server's issuer value.
2022-11-27 18:35:04 SUCCESS
CheckIfAuthorizationEndpointError
No error from authorization endpoint
2022-11-27 18:35:04 SUCCESS
CheckStateInAuthorizationResponse
State in response correctly returned
state
9Luh5JXQ7m
2022-11-27 18:35:04 SUCCESS
ExtractAuthorizationCodeFromAuthorizationResponse
Found authorization code
code
fdmwAAyiGvIU5wqtRMCA_3RjjTrIcLk33gBZiCM5q2M.Wxl4P05pv1ekFnNruNwVZyLJuE35h7i0nWKkrg_OiRY7PnIvtFiZ_xpBh3SzXGJ_0VBmPjZfyRCs7Hi1w4pVrQ
2022-11-27 18:35:04 SUCCESS
ExtractAccessTokenFromAuthorizationResponse
Extracted the access token
value
c7SKAYkxRomrLSbXbO5j621pFIZIO1_xYrHy-tTpMuw.7-rEp2ZJX56G3OLCyZkOOyMGgad3bGDZOiMY6jrBh42eO6Tcl6sLd5oUA2LC1ppByfxfdVSCvJYIKwRKnIubIw.M18xNjY5NTc0MTAzXzE4
type
bearer
2022-11-27 18:35:04 SUCCESS
ExtractIdTokenFromAuthorizationResponse
Found and parsed the id_token from authorization_endpoint_response
value
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJxV1c1OGs2UDNoRk5MX2lOOUNMZFFBIiwiYXVkIjpbImViOWY4M2E3LTliZGYtNGMyYi04MjE0LWUzOWE5NDI0MDE2YiJdLCJhdXRoX3RpbWUiOjE2Njk1NzM2MDYsImNfaGFzaCI6InFUVzRETFFVZEF1eDAwWG41YjQxSkEiLCJleHAiOjE2Njk1ODEzMDMsImlhdCI6MTY2OTU3NDEwMywiaXNzIjoiaHR0cHM6Ly9vaWRjLWNvbmZvcm1hbmNlLnJlbC52ZXJpZnkuaWJtY2xvdWRzZWN1cml0eS5jb20vb2F1dGgyIiwianRpIjoiZDA0Mjg4MWUtYzZkOC00NzZiLTkwODEtNmM0ZjIzYWZjYzQ5IiwibmFtZSI6IklTViBEZXYiLCJub25jZSI6ImRTNWhlSFVydnAiLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJpc3ZkZXZAaWJtLmNvbSIsInJhdCI6MTY2OTU3NDEwMSwicmVhbG1OYW1lIjoiY2xvdWRJZGVudGl0eVJlYWxtIiwic19oYXNoIjoiLUthM1dUTEVDWW5VNWZUdVlKYlBnZyIsInN1YiI6IjYxNjAwMTdONjcifQ.jIz9oUydPgKMC0tvQoUu4kJ18DCq_xxqJOR-Tmi99LTlZQFeFgJRFZpnWcg_okdLrnl90RBzWSH4E19y9tpVGR-KsMNx4XnBOkIJaJmvoMlgKD8NSKHyXwb8TXFfh4N5dbCbM8kGgTU9069Ds7yR3C8PjdjIEy3VOoA31B_Aa4luXwnmmEJ0sH9VZMVL4_6gPOg4B_YEL8HLSkKo_0voolPMQZ1ACG6ttze6SpFnCGn5hZzbo0K5aa6ITzDnrXVzNnCt0NPGAmq6oX7x2vAFfVFzmPAosJJ6ThJ1uVUPMo6IcZx-iRII_Nkm1OP0BMo2K4tL1ZeiKXyuMD0UsRVFRQ
header
{
  "kid": "server",
  "alg": "RS256"
}
claims
{
  "at_hash": "qWW58k6P3hFNL_iN9CLdQA",
  "sub": "6160017N67",
  "rat": 1669574101,
  "realmName": "cloudIdentityRealm",
  "amr": [
    "password"
  ],
  "iss": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "preferred_username": "isvdev@ibm.com",
  "nonce": "dS5heHUrvp",
  "acr": "urn:ibm:security:policy:id:1",
  "aud": "eb9f83a7-9bdf-4c2b-8214-e39a9424016b",
  "c_hash": "qTW4DLQUdAux00Xn5b41JA",
  "s_hash": "-Ka3WTLECYnU5fTuYJbPgg",
  "auth_time": 1669573606,
  "name": "ISV Dev",
  "exp": 1669581303,
  "iat": 1669574103,
  "jti": "d042881e-c6d8-476b-9081-6c4f23afcc49"
}
2022-11-27 18:35:04 SUCCESS
ValidateIdToken
ID token iss, aud, exp, iat, auth_time, acr & nbf claims passed validation checks
2022-11-27 18:35:04
ValidateIdTokenStandardClaims
sub is a string with content
2022-11-27 18:35:04
ValidateIdTokenStandardClaims
Skipping unknown claim: rat
2022-11-27 18:35:04
ValidateIdTokenStandardClaims
Skipping unknown claim: realmName
2022-11-27 18:35:04
ValidateIdTokenStandardClaims
preferred_username is a string with content
2022-11-27 18:35:04
ValidateIdTokenStandardClaims
name is a string with content
2022-11-27 18:35:04 SUCCESS
ValidateIdTokenStandardClaims
id_token claims are valid
2022-11-27 18:35:04 SUCCESS
ValidateIdTokenNonce
Nonce values match
nonce
dS5heHUrvp
2022-11-27 18:35:04 SUCCESS
ValidateIdTokenACRClaimAgainstRequest
Nothing to check; the conformance suite did not request an acr claim in request object
2022-11-27 18:35:04 SUCCESS
ValidateIdTokenSignature
id_token signature validated
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJxV1c1OGs2UDNoRk5MX2lOOUNMZFFBIiwiYXVkIjpbImViOWY4M2E3LTliZGYtNGMyYi04MjE0LWUzOWE5NDI0MDE2YiJdLCJhdXRoX3RpbWUiOjE2Njk1NzM2MDYsImNfaGFzaCI6InFUVzRETFFVZEF1eDAwWG41YjQxSkEiLCJleHAiOjE2Njk1ODEzMDMsImlhdCI6MTY2OTU3NDEwMywiaXNzIjoiaHR0cHM6Ly9vaWRjLWNvbmZvcm1hbmNlLnJlbC52ZXJpZnkuaWJtY2xvdWRzZWN1cml0eS5jb20vb2F1dGgyIiwianRpIjoiZDA0Mjg4MWUtYzZkOC00NzZiLTkwODEtNmM0ZjIzYWZjYzQ5IiwibmFtZSI6IklTViBEZXYiLCJub25jZSI6ImRTNWhlSFVydnAiLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJpc3ZkZXZAaWJtLmNvbSIsInJhdCI6MTY2OTU3NDEwMSwicmVhbG1OYW1lIjoiY2xvdWRJZGVudGl0eVJlYWxtIiwic19oYXNoIjoiLUthM1dUTEVDWW5VNWZUdVlKYlBnZyIsInN1YiI6IjYxNjAwMTdONjcifQ.jIz9oUydPgKMC0tvQoUu4kJ18DCq_xxqJOR-Tmi99LTlZQFeFgJRFZpnWcg_okdLrnl90RBzWSH4E19y9tpVGR-KsMNx4XnBOkIJaJmvoMlgKD8NSKHyXwb8TXFfh4N5dbCbM8kGgTU9069Ds7yR3C8PjdjIEy3VOoA31B_Aa4luXwnmmEJ0sH9VZMVL4_6gPOg4B_YEL8HLSkKo_0voolPMQZ1ACG6ttze6SpFnCGn5hZzbo0K5aa6ITzDnrXVzNnCt0NPGAmq6oX7x2vAFfVFzmPAosJJ6ThJ1uVUPMo6IcZx-iRII_Nkm1OP0BMo2K4tL1ZeiKXyuMD0UsRVFRQ
2022-11-27 18:35:04 SUCCESS
ValidateIdTokenSignatureUsingKid
id_token signature validated
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJxV1c1OGs2UDNoRk5MX2lOOUNMZFFBIiwiYXVkIjpbImViOWY4M2E3LTliZGYtNGMyYi04MjE0LWUzOWE5NDI0MDE2YiJdLCJhdXRoX3RpbWUiOjE2Njk1NzM2MDYsImNfaGFzaCI6InFUVzRETFFVZEF1eDAwWG41YjQxSkEiLCJleHAiOjE2Njk1ODEzMDMsImlhdCI6MTY2OTU3NDEwMywiaXNzIjoiaHR0cHM6Ly9vaWRjLWNvbmZvcm1hbmNlLnJlbC52ZXJpZnkuaWJtY2xvdWRzZWN1cml0eS5jb20vb2F1dGgyIiwianRpIjoiZDA0Mjg4MWUtYzZkOC00NzZiLTkwODEtNmM0ZjIzYWZjYzQ5IiwibmFtZSI6IklTViBEZXYiLCJub25jZSI6ImRTNWhlSFVydnAiLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJpc3ZkZXZAaWJtLmNvbSIsInJhdCI6MTY2OTU3NDEwMSwicmVhbG1OYW1lIjoiY2xvdWRJZGVudGl0eVJlYWxtIiwic19oYXNoIjoiLUthM1dUTEVDWW5VNWZUdVlKYlBnZyIsInN1YiI6IjYxNjAwMTdONjcifQ.jIz9oUydPgKMC0tvQoUu4kJ18DCq_xxqJOR-Tmi99LTlZQFeFgJRFZpnWcg_okdLrnl90RBzWSH4E19y9tpVGR-KsMNx4XnBOkIJaJmvoMlgKD8NSKHyXwb8TXFfh4N5dbCbM8kGgTU9069Ds7yR3C8PjdjIEy3VOoA31B_Aa4luXwnmmEJ0sH9VZMVL4_6gPOg4B_YEL8HLSkKo_0voolPMQZ1ACG6ttze6SpFnCGn5hZzbo0K5aa6ITzDnrXVzNnCt0NPGAmq6oX7x2vAFfVFzmPAosJJ6ThJ1uVUPMo6IcZx-iRII_Nkm1OP0BMo2K4tL1ZeiKXyuMD0UsRVFRQ
2022-11-27 18:35:04 SUCCESS
CheckForSubjectInIdToken
Found 'sub' in id_token
sub
6160017N67
2022-11-27 18:35:04
EnsureIdTokenUpdatedAtValid
id_token response does not contain 'updated_at'
2022-11-27 18:35:04 INFO
ValidateEncryptedIdTokenHasKid
Skipped evaluation due to missing required element: id_token jwe_header
path
jwe_header
mapped
object
id_token
Second client: Userinfo endpoint tests
2022-11-27 18:35:04
CallProtectedResource
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/userinfo
request_method
GET
request_headers
{
  "accept": "application/json",
  "authorization": "bearer c7SKAYkxRomrLSbXbO5j621pFIZIO1_xYrHy-tTpMuw.7-rEp2ZJX56G3OLCyZkOOyMGgad3bGDZOiMY6jrBh42eO6Tcl6sLd5oUA2LC1ppByfxfdVSCvJYIKwRKnIubIw.M18xNjY5NTc0MTAzXzE4",
  "content-length": "0"
}
request_body

                                
2022-11-27 18:35:05 RESPONSE
CallProtectedResource
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK8e7d73e7-2959-4426-b102-a3a17494d512",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c2816383add83551de21",
  "content-length": "324",
  "date": "Sun, 27 Nov 2022 18:35:05 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:vSxVGidsRUYjqOS+czWQWONu777SUI0loySnuVF/RWs\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:57871319; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d4D9B4EF4353DB550BDC51D01F1F39434~-1~YAAQJHYGF2aK44SEAQAA0xdfugghTKlp3YxsUq2niPeOaGk9Azv8nDaqPKDE8L6FKe1kGk/lPuMcBGYkm7bV977jTC4J+U5Ait1SXtPXe3pr1E93OcJ26G4guJX5vg57jWF9l70ZwBp4nX8qPPV8hf8vsKAvMiuzUgLmPDtGk8waENc1/mIXl4bM3vZmVrP10Agzq6cxe6ZL1k33FQIAg7lr7vWqOUlbESY5I6s+dKeaIeYu8j79GU3l3nHoQnPBk0o3guo35fKvKOdBVhulzqurm9AaZ4QoNCjog57mXPIqUD57YdDErXDADrN+VfazbaAl/0wt6wVOnvb1qwzFHmexuaGtB4OFlycOr76jwSVEBk0uN8Zn3lqTlVumWZFr7xOCYy8\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 27 Nov 2023 18:35:05 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d679BBC50CFDB56CAFE92B52E9CBC7D32~YAAQJHYGF2eK44SEAQAA0xdfuhFZCgSg3fSyKJjgWm/HQFtLSQ0kVsG1Brf4mES0svKsXNMVsHvvJL0UQ5DLFNrFvvkAchL8y2pwWQQ0TuZrp7rRsqvKqc0uGaHxdHy4CYxKpzx+akZh1OtsFc8eGy/3gZN/K/mFdRw4Hh6NMHik3oaQgWuqN191uviPL1yQ7d9wnEdAMQTiX/ELjJlxQE231fssEjlZfWgFjivfc25SHMUFYJZvvabmSRvqarroTe178/T8HJf4aZQc9h9VMAB8KKw5v+z0V8piKZzcMJlTT/Z4oLWibwe5PkGy~3753281~3420727; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dSun, 27 Nov 2022 22:35:04 GMT; Max-Age\u003d14399; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d90",
    "origin; dur\u003d129"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"acr":"urn:ibm:security:policy:id:1","amr":["password"],"aud":["eb9f83a7-9bdf-4c2b-8214-e39a9424016b"],"auth_time":1669573606,"iss":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2","name":"ISV Dev","preferred_username":"isvdev@ibm.com","rat":1669574101,"realmName":"cloudIdentityRealm","sub":"6160017N67"}
2022-11-27 18:35:05 SUCCESS
CallProtectedResource
Got a response from the resource endpoint
status
200
endpoint_name
resource
headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK8e7d73e7-2959-4426-b102-a3a17494d512",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c2816383add83551de21",
  "content-length": "324",
  "date": "Sun, 27 Nov 2022 18:35:05 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:vSxVGidsRUYjqOS+czWQWONu777SUI0loySnuVF/RWs\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:57871319; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d4D9B4EF4353DB550BDC51D01F1F39434~-1~YAAQJHYGF2aK44SEAQAA0xdfugghTKlp3YxsUq2niPeOaGk9Azv8nDaqPKDE8L6FKe1kGk/lPuMcBGYkm7bV977jTC4J+U5Ait1SXtPXe3pr1E93OcJ26G4guJX5vg57jWF9l70ZwBp4nX8qPPV8hf8vsKAvMiuzUgLmPDtGk8waENc1/mIXl4bM3vZmVrP10Agzq6cxe6ZL1k33FQIAg7lr7vWqOUlbESY5I6s+dKeaIeYu8j79GU3l3nHoQnPBk0o3guo35fKvKOdBVhulzqurm9AaZ4QoNCjog57mXPIqUD57YdDErXDADrN+VfazbaAl/0wt6wVOnvb1qwzFHmexuaGtB4OFlycOr76jwSVEBk0uN8Zn3lqTlVumWZFr7xOCYy8\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 27 Nov 2023 18:35:05 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d679BBC50CFDB56CAFE92B52E9CBC7D32~YAAQJHYGF2eK44SEAQAA0xdfuhFZCgSg3fSyKJjgWm/HQFtLSQ0kVsG1Brf4mES0svKsXNMVsHvvJL0UQ5DLFNrFvvkAchL8y2pwWQQ0TuZrp7rRsqvKqc0uGaHxdHy4CYxKpzx+akZh1OtsFc8eGy/3gZN/K/mFdRw4Hh6NMHik3oaQgWuqN191uviPL1yQ7d9wnEdAMQTiX/ELjJlxQE231fssEjlZfWgFjivfc25SHMUFYJZvvabmSRvqarroTe178/T8HJf4aZQc9h9VMAB8KKw5v+z0V8piKZzcMJlTT/Z4oLWibwe5PkGy~3753281~3420727; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dSun, 27 Nov 2022 22:35:04 GMT; Max-Age\u003d14399; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d90",
    "origin; dur\u003d129"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
body
{"acr":"urn:ibm:security:policy:id:1","amr":["password"],"aud":["eb9f83a7-9bdf-4c2b-8214-e39a9424016b"],"auth_time":1669573606,"iss":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2","name":"ISV Dev","preferred_username":"isvdev@ibm.com","rat":1669574101,"realmName":"cloudIdentityRealm","sub":"6160017N67"}
2022-11-27 18:35:05 SUCCESS
EnsureHttpStatusCodeIs200
resource endpoint returned the expected http status
expected_status
200
http_status
200
2022-11-27 18:35:05 SUCCESS
CreateTokenEndpointRequestForAuthorizationCodeGrant
Created token endpoint request
grant_type
authorization_code
code
fdmwAAyiGvIU5wqtRMCA_3RjjTrIcLk33gBZiCM5q2M.Wxl4P05pv1ekFnNruNwVZyLJuE35h7i0nWKkrg_OiRY7PnIvtFiZ_xpBh3SzXGJ_0VBmPjZfyRCs7Hi1w4pVrQ
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
2022-11-27 18:35:05 SUCCESS
AddBasicAuthClientSecretAuthenticationParameters
Added basic authorization header
Authorization
Basic ZWI5ZjgzYTctOWJkZi00YzJiLTgyMTQtZTM5YTk0MjQwMTZiOlFqa0dCem55cUU=
2022-11-27 18:35:05
CallTokenEndpoint
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/token
request_method
POST
request_headers
{
  "accept": "application/json",
  "authorization": "Basic ZWI5ZjgzYTctOWJkZi00YzJiLTgyMTQtZTM5YTk0MjQwMTZiOlFqa0dCem55cUU\u003d",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "267"
}
request_body
grant_type=authorization_code&code=fdmwAAyiGvIU5wqtRMCA_3RjjTrIcLk33gBZiCM5q2M.Wxl4P05pv1ekFnNruNwVZyLJuE35h7i0nWKkrg_OiRY7PnIvtFiZ_xpBh3SzXGJ_0VBmPjZfyRCs7Hi1w4pVrQ&redirect_uri=https%3A%2F%2Fwww.certification.openid.net%2Ftest%2Fa%2Fisv_op_oidc_core_test%2Fcallback
2022-11-27 18:35:05 RESPONSE
CallTokenEndpoint
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK82e5703e-e8cb-4d18-b64e-0629112e940f",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c2816383add93551dc01",
  "content-length": "1498",
  "date": "Sun, 27 Nov 2022 18:35:05 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:xTDIlpGo8SsHGzY1qsDlFUxSEZIgl57cWv64/0IR144\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:54725591; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003dB6E4F82F9A8323B430748410A8FDF475~-1~YAAQJHYGF2yK44SEAQAAKRlfughxtr80boAz6FBh6CaRsWATLH0/9PNqHZGP6cSwYkmzjivl94huHkKdDtgMtOvAqxHbJKWu01iBijyhMwFNQ37LiejW/gzAqHI2ctsGaLa60DYGJjx3bulJvj+eNB2vMqKapj9/XHB7jFq6qDUj2uCR40xRdMMwlyOO7yRHyisYt+kJHFtvJgYRyDtNUAQ+M/DiCnnWYHUT/vsaJKKUdxTIta1r7zX6XWUpkUGj7NPKL5bJOL/uAOL1sr3uvBri3grPX+mcIBxpnHAqj8QLHf1Jc/ubgGX9R9F4FAN9KuzTRmQYcAVxB7TDUdQGX2WwixwGeksj58c9pd5YPP6uxbWTsiWqVtP8hGW7GwwSR3rVDQY\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 27 Nov 2023 18:35:05 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d4F2B281112C74B85678F04A626034C16~YAAQJHYGF22K44SEAQAAKRlfuhGsePlnBfT7PF+l/6FdzVd7MJJW9YhkRJRpaBRGBMR2/C5nJcQQRCY+bsqLsFpCfY4d1b7VQWmJcVUPWZGfdGKxoLZPsSefHFWUjBZuuIRrk5bOgdncOyI6NmdORrAj2+UbrpqLNkSY2brIdkhlUybqfv79submiYere9Pmht575nirKqkj6MSfy36RT3Kmqad7qD/KRQ8Bpvp+c0mvNaVJ8aJCFra7WW9Sd0TW+hSpqRIhocwPnlwG3S9UdJ1rYN9uaNK/femmgM/Lf7GcmLkgXK+BKHqpOgxs~4469303~3684420; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dSun, 27 Nov 2022 22:35:05 GMT; Max-Age\u003d14400; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d98",
    "origin; dur\u003d173"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"access_token":"af4zckAhX6VWh11CnfVMg5iq-5VqbJJqDgIC1nI35X4.lU5ZcGuyyQW0VGIGt9VKcXZPo0D-VPmYLp2311agCeqgDXNfDhcYNqA4vdk1MpukshgsqWu8ZbYsFys8VW1u7A.M18xNjY5NTc0MTA1XzE4","expires_in":7199,"id_token":"eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJjS25OVDd6WjZQR0V6SGlqRGc2U1lRIiwiYXVkIjpbImViOWY4M2E3LTliZGYtNGMyYi04MjE0LWUzOWE5NDI0MDE2YiJdLCJhdXRoX3RpbWUiOjE2Njk1NzM2MDYsImV4cCI6MTY2OTU4MTMwNSwiaWF0IjoxNjY5NTc0MTA1LCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiIxNGRlZjE4Mi1lYmQwLTQ1OGItYjVjMi0yODljNjNmZmQzOGIiLCJuYW1lIjoiSVNWIERldiIsIm5vbmNlIjoiZFM1aGVIVXJ2cCIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NTc0MTAxLCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoib3p1S1dQSzNUY282b28xMU05YzZsdyIsInNfaGFzaCI6Ii1LYTNXVExFQ1luVTVmVHVZSmJQZ2ciLCJzdWIiOiI2MTYwMDE3TjY3In0.AEUynIVJDCgsXcaKMCIulFCh-EOPm9d7dk_AGlXU7smg9pcdYZyhuU3JikybEZdNw1Hme7X_KB8_tNlTchB4QPINlKtXWAoR8A_xDyNqlKpZXPCttFLFsudPNyYCSedjhEWMTa2rMNjZXeXzuMla6MW10KhmWXHz44sgd1rATgVCMuW-gjREwm9odeenvggqyCzAfEeNB8VJN5UMIPGtoVrNRyldBUtCTg52tjjFSNJIPFi2iWs6AyJOj_WJa5coXYDB_AFUOQL3lEwRGuAcJZaS3a1B5HLX9Fzsqkq1mbiXF24qDKyJv1cvrcmMz_OkYqyTcUHqU3BsGi_NiWgjoQ","refresh_token":"KpfG4Knv9eSirKRhkttg-lfaBS3ue-3Bem82UwgSFvo.Z3KUOl42Fuqvf9FHIMOeL7GLJBUCW5Yf_CprONEo0VajaUto80cA3XvGYGtpLJ4cdk6YurErMI6QKKMRUDa_kw.M18xNjY5NTc0MTA1XzE4","scope":"openid","token_type":"bearer"}
2022-11-27 18:35:05 SUCCESS
CallTokenEndpoint
Parsed token endpoint response
access_token
af4zckAhX6VWh11CnfVMg5iq-5VqbJJqDgIC1nI35X4.lU5ZcGuyyQW0VGIGt9VKcXZPo0D-VPmYLp2311agCeqgDXNfDhcYNqA4vdk1MpukshgsqWu8ZbYsFys8VW1u7A.M18xNjY5NTc0MTA1XzE4
expires_in
7199
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJjS25OVDd6WjZQR0V6SGlqRGc2U1lRIiwiYXVkIjpbImViOWY4M2E3LTliZGYtNGMyYi04MjE0LWUzOWE5NDI0MDE2YiJdLCJhdXRoX3RpbWUiOjE2Njk1NzM2MDYsImV4cCI6MTY2OTU4MTMwNSwiaWF0IjoxNjY5NTc0MTA1LCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiIxNGRlZjE4Mi1lYmQwLTQ1OGItYjVjMi0yODljNjNmZmQzOGIiLCJuYW1lIjoiSVNWIERldiIsIm5vbmNlIjoiZFM1aGVIVXJ2cCIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NTc0MTAxLCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoib3p1S1dQSzNUY282b28xMU05YzZsdyIsInNfaGFzaCI6Ii1LYTNXVExFQ1luVTVmVHVZSmJQZ2ciLCJzdWIiOiI2MTYwMDE3TjY3In0.AEUynIVJDCgsXcaKMCIulFCh-EOPm9d7dk_AGlXU7smg9pcdYZyhuU3JikybEZdNw1Hme7X_KB8_tNlTchB4QPINlKtXWAoR8A_xDyNqlKpZXPCttFLFsudPNyYCSedjhEWMTa2rMNjZXeXzuMla6MW10KhmWXHz44sgd1rATgVCMuW-gjREwm9odeenvggqyCzAfEeNB8VJN5UMIPGtoVrNRyldBUtCTg52tjjFSNJIPFi2iWs6AyJOj_WJa5coXYDB_AFUOQL3lEwRGuAcJZaS3a1B5HLX9Fzsqkq1mbiXF24qDKyJv1cvrcmMz_OkYqyTcUHqU3BsGi_NiWgjoQ
refresh_token
KpfG4Knv9eSirKRhkttg-lfaBS3ue-3Bem82UwgSFvo.Z3KUOl42Fuqvf9FHIMOeL7GLJBUCW5Yf_CprONEo0VajaUto80cA3XvGYGtpLJ4cdk6YurErMI6QKKMRUDa_kw.M18xNjY5NTc0MTA1XzE4
scope
openid
token_type
bearer
2022-11-27 18:35:05 SUCCESS
CheckIfTokenEndpointResponseError
No error from token endpoint
2022-11-27 18:35:05 SUCCESS
CheckForAccessTokenValue
Found an access token
access_token
af4zckAhX6VWh11CnfVMg5iq-5VqbJJqDgIC1nI35X4.lU5ZcGuyyQW0VGIGt9VKcXZPo0D-VPmYLp2311agCeqgDXNfDhcYNqA4vdk1MpukshgsqWu8ZbYsFys8VW1u7A.M18xNjY5NTc0MTA1XzE4
2022-11-27 18:35:05 SUCCESS
ExtractAccessTokenFromTokenResponse
Extracted the access token
value
af4zckAhX6VWh11CnfVMg5iq-5VqbJJqDgIC1nI35X4.lU5ZcGuyyQW0VGIGt9VKcXZPo0D-VPmYLp2311agCeqgDXNfDhcYNqA4vdk1MpukshgsqWu8ZbYsFys8VW1u7A.M18xNjY5NTc0MTA1XzE4
type
bearer
2022-11-27 18:35:05 SUCCESS
ExtractExpiresInFromTokenEndpointResponse
Extracted 'expires_in'
expires_in
7199
2022-11-27 18:35:05 SUCCESS
ValidateExpiresIn
expires_in passed all validation checks
expires_in
7199
2022-11-27 18:35:05 SUCCESS
CheckForRefreshTokenValue
Found a refresh token
refresh_token
KpfG4Knv9eSirKRhkttg-lfaBS3ue-3Bem82UwgSFvo.Z3KUOl42Fuqvf9FHIMOeL7GLJBUCW5Yf_CprONEo0VajaUto80cA3XvGYGtpLJ4cdk6YurErMI6QKKMRUDa_kw.M18xNjY5NTc0MTA1XzE4
2022-11-27 18:35:05 SUCCESS
ExtractIdTokenFromTokenResponse
Found and parsed the id_token from token_endpoint_response
value
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJjS25OVDd6WjZQR0V6SGlqRGc2U1lRIiwiYXVkIjpbImViOWY4M2E3LTliZGYtNGMyYi04MjE0LWUzOWE5NDI0MDE2YiJdLCJhdXRoX3RpbWUiOjE2Njk1NzM2MDYsImV4cCI6MTY2OTU4MTMwNSwiaWF0IjoxNjY5NTc0MTA1LCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiIxNGRlZjE4Mi1lYmQwLTQ1OGItYjVjMi0yODljNjNmZmQzOGIiLCJuYW1lIjoiSVNWIERldiIsIm5vbmNlIjoiZFM1aGVIVXJ2cCIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NTc0MTAxLCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoib3p1S1dQSzNUY282b28xMU05YzZsdyIsInNfaGFzaCI6Ii1LYTNXVExFQ1luVTVmVHVZSmJQZ2ciLCJzdWIiOiI2MTYwMDE3TjY3In0.AEUynIVJDCgsXcaKMCIulFCh-EOPm9d7dk_AGlXU7smg9pcdYZyhuU3JikybEZdNw1Hme7X_KB8_tNlTchB4QPINlKtXWAoR8A_xDyNqlKpZXPCttFLFsudPNyYCSedjhEWMTa2rMNjZXeXzuMla6MW10KhmWXHz44sgd1rATgVCMuW-gjREwm9odeenvggqyCzAfEeNB8VJN5UMIPGtoVrNRyldBUtCTg52tjjFSNJIPFi2iWs6AyJOj_WJa5coXYDB_AFUOQL3lEwRGuAcJZaS3a1B5HLX9Fzsqkq1mbiXF24qDKyJv1cvrcmMz_OkYqyTcUHqU3BsGi_NiWgjoQ
header
{
  "kid": "server",
  "alg": "RS256"
}
claims
{
  "at_hash": "cKnNT7zZ6PGEzHijDg6SYQ",
  "sub": "6160017N67",
  "rat": 1669574101,
  "realmName": "cloudIdentityRealm",
  "amr": [
    "password"
  ],
  "iss": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "preferred_username": "isvdev@ibm.com",
  "nonce": "dS5heHUrvp",
  "rt_hash": "ozuKWPK3Tco6oo11M9c6lw",
  "acr": "urn:ibm:security:policy:id:1",
  "aud": "eb9f83a7-9bdf-4c2b-8214-e39a9424016b",
  "s_hash": "-Ka3WTLECYnU5fTuYJbPgg",
  "auth_time": 1669573606,
  "name": "ISV Dev",
  "exp": 1669581305,
  "iat": 1669574105,
  "jti": "14def182-ebd0-458b-b5c2-289c63ffd38b"
}
2022-11-27 18:35:05 SUCCESS
ValidateIdToken
ID token iss, aud, exp, iat, auth_time, acr & nbf claims passed validation checks
2022-11-27 18:35:05
ValidateIdTokenStandardClaims
sub is a string with content
2022-11-27 18:35:05
ValidateIdTokenStandardClaims
Skipping unknown claim: rat
2022-11-27 18:35:05
ValidateIdTokenStandardClaims
Skipping unknown claim: realmName
2022-11-27 18:35:05
ValidateIdTokenStandardClaims
preferred_username is a string with content
2022-11-27 18:35:05
ValidateIdTokenStandardClaims
Skipping unknown claim: rt_hash
2022-11-27 18:35:05
ValidateIdTokenStandardClaims
name is a string with content
2022-11-27 18:35:05 SUCCESS
ValidateIdTokenStandardClaims
id_token claims are valid
2022-11-27 18:35:05 SUCCESS
ValidateIdTokenNonce
Nonce values match
nonce
dS5heHUrvp
2022-11-27 18:35:05 SUCCESS
ValidateIdTokenACRClaimAgainstRequest
Nothing to check; the conformance suite did not request an acr claim in request object
2022-11-27 18:35:05 SUCCESS
ValidateIdTokenSignature
id_token signature validated
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJjS25OVDd6WjZQR0V6SGlqRGc2U1lRIiwiYXVkIjpbImViOWY4M2E3LTliZGYtNGMyYi04MjE0LWUzOWE5NDI0MDE2YiJdLCJhdXRoX3RpbWUiOjE2Njk1NzM2MDYsImV4cCI6MTY2OTU4MTMwNSwiaWF0IjoxNjY5NTc0MTA1LCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiIxNGRlZjE4Mi1lYmQwLTQ1OGItYjVjMi0yODljNjNmZmQzOGIiLCJuYW1lIjoiSVNWIERldiIsIm5vbmNlIjoiZFM1aGVIVXJ2cCIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NTc0MTAxLCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoib3p1S1dQSzNUY282b28xMU05YzZsdyIsInNfaGFzaCI6Ii1LYTNXVExFQ1luVTVmVHVZSmJQZ2ciLCJzdWIiOiI2MTYwMDE3TjY3In0.AEUynIVJDCgsXcaKMCIulFCh-EOPm9d7dk_AGlXU7smg9pcdYZyhuU3JikybEZdNw1Hme7X_KB8_tNlTchB4QPINlKtXWAoR8A_xDyNqlKpZXPCttFLFsudPNyYCSedjhEWMTa2rMNjZXeXzuMla6MW10KhmWXHz44sgd1rATgVCMuW-gjREwm9odeenvggqyCzAfEeNB8VJN5UMIPGtoVrNRyldBUtCTg52tjjFSNJIPFi2iWs6AyJOj_WJa5coXYDB_AFUOQL3lEwRGuAcJZaS3a1B5HLX9Fzsqkq1mbiXF24qDKyJv1cvrcmMz_OkYqyTcUHqU3BsGi_NiWgjoQ
2022-11-27 18:35:05 SUCCESS
ValidateIdTokenSignatureUsingKid
id_token signature validated
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJjS25OVDd6WjZQR0V6SGlqRGc2U1lRIiwiYXVkIjpbImViOWY4M2E3LTliZGYtNGMyYi04MjE0LWUzOWE5NDI0MDE2YiJdLCJhdXRoX3RpbWUiOjE2Njk1NzM2MDYsImV4cCI6MTY2OTU4MTMwNSwiaWF0IjoxNjY5NTc0MTA1LCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiIxNGRlZjE4Mi1lYmQwLTQ1OGItYjVjMi0yODljNjNmZmQzOGIiLCJuYW1lIjoiSVNWIERldiIsIm5vbmNlIjoiZFM1aGVIVXJ2cCIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NTc0MTAxLCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoib3p1S1dQSzNUY282b28xMU05YzZsdyIsInNfaGFzaCI6Ii1LYTNXVExFQ1luVTVmVHVZSmJQZ2ciLCJzdWIiOiI2MTYwMDE3TjY3In0.AEUynIVJDCgsXcaKMCIulFCh-EOPm9d7dk_AGlXU7smg9pcdYZyhuU3JikybEZdNw1Hme7X_KB8_tNlTchB4QPINlKtXWAoR8A_xDyNqlKpZXPCttFLFsudPNyYCSedjhEWMTa2rMNjZXeXzuMla6MW10KhmWXHz44sgd1rATgVCMuW-gjREwm9odeenvggqyCzAfEeNB8VJN5UMIPGtoVrNRyldBUtCTg52tjjFSNJIPFi2iWs6AyJOj_WJa5coXYDB_AFUOQL3lEwRGuAcJZaS3a1B5HLX9Fzsqkq1mbiXF24qDKyJv1cvrcmMz_OkYqyTcUHqU3BsGi_NiWgjoQ
2022-11-27 18:35:05 SUCCESS
CheckForSubjectInIdToken
Found 'sub' in id_token
sub
6160017N67
2022-11-27 18:35:05
EnsureIdTokenUpdatedAtValid
id_token response does not contain 'updated_at'
2022-11-27 18:35:05 INFO
ValidateEncryptedIdTokenHasKid
Skipped evaluation due to missing required element: id_token jwe_header
path
jwe_header
mapped
object
id_token
2022-11-27 18:35:05 SUCCESS
VerifyIdTokenSubConsistentHybridFlow
authorization endpoint and token endpoint id_token have same sub
sub_auth_endpoint
6160017N67
sub_token_endpoint
6160017N67
2022-11-27 18:35:05 SUCCESS
ExtractRefreshTokenFromTokenResponse
Extracted refresh token from response
refresh_token
KpfG4Knv9eSirKRhkttg-lfaBS3ue-3Bem82UwgSFvo.Z3KUOl42Fuqvf9FHIMOeL7GLJBUCW5Yf_CprONEo0VajaUto80cA3XvGYGtpLJ4cdk6YurErMI6QKKMRUDa_kw.M18xNjY5NTc0MTA1XzE4
2022-11-27 18:35:05 SUCCESS
EnsureServerConfigurationSupportsRefreshToken
The server configuration indicates support for refresh tokens
supported_grant_types
[
  "authorization_code",
  "implicit",
  "password",
  "refresh_token",
  "client_credentials"
]
2022-11-27 18:35:05 SUCCESS
EnsureRefreshTokenContainsAllowedCharactersOnly
Refresh token does not contain any illegal characters
Second client: Refresh Token Request
2022-11-27 18:35:05 SUCCESS
CreateRefreshTokenRequest
Created token endpoint request parameters
grant_type
refresh_token
refresh_token
KpfG4Knv9eSirKRhkttg-lfaBS3ue-3Bem82UwgSFvo.Z3KUOl42Fuqvf9FHIMOeL7GLJBUCW5Yf_CprONEo0VajaUto80cA3XvGYGtpLJ4cdk6YurErMI6QKKMRUDa_kw.M18xNjY5NTc0MTA1XzE4
2022-11-27 18:35:05 SUCCESS
AddBasicAuthClientSecretAuthenticationParameters
Added basic authorization header
Authorization
Basic ZWI5ZjgzYTctOWJkZi00YzJiLTgyMTQtZTM5YTk0MjQwMTZiOlFqa0dCem55cUU=
2022-11-27 18:35:05 SUCCESS
WaitForOneSecond
Pausing for 1 seconds
2022-11-27 18:35:06 SUCCESS
WaitForOneSecond
Woke up after 1 seconds sleep
2022-11-27 18:35:06
CallTokenEndpointAndReturnFullResponse
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/token
request_method
POST
request_headers
{
  "accept": "application/json",
  "authorization": "Basic ZWI5ZjgzYTctOWJkZi00YzJiLTgyMTQtZTM5YTk0MjQwMTZiOlFqa0dCem55cUU\u003d",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "190"
}
request_body
grant_type=refresh_token&refresh_token=KpfG4Knv9eSirKRhkttg-lfaBS3ue-3Bem82UwgSFvo.Z3KUOl42Fuqvf9FHIMOeL7GLJBUCW5Yf_CprONEo0VajaUto80cA3XvGYGtpLJ4cdk6YurErMI6QKKMRUDa_kw.M18xNjY5NTc0MTA1XzE4
2022-11-27 18:35:06 RESPONSE
CallTokenEndpointAndReturnFullResponse
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK20a6f64b-490f-478e-ab5f-71218a13e6ce",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c2816383adda3551e2e1",
  "content-length": "1425",
  "date": "Sun, 27 Nov 2022 18:35:06 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:m+on6auftLaRw2NTT6KJ7qsBJNwH2ShxwYmLyxQePME\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:61017047; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d9277A775728A9B52AFD8429455B8E823~-1~YAAQJHYGF5WK44SEAQAAix5fughoNGNpMCQmSQzaY/6lB+tnlpPdQMHN15ZbKY5Xqudc+gnO7P63w067snfHVIr1GybvAlsV65wOz4OJXHVE90+rAxU3NcV1lmJMn24OQrkRqAYhvSFZlD0fltrB3Ai7w+hLGFqTq/WhZvyIvsZS5HPTq427ed98meHK07xFZK4N+/HI+xh+Kt/BomEseEcFOOkn43/atrrT5zuFICBptBxEOhy7lMpk+exRz14pkqIxxSfjf+HyguC66814AVGKdIT0103hLSglict5dZfjk1+Ljk3Lk5nejOgyOR5VMFx6wZXqc1+tf/HXM4Qpjes5hHf4qmW2TDvF9mhVO3kA23Bhcys3SxdW7laBOjMT5SXZiGU\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 27 Nov 2023 18:35:06 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d2A00FDD5B9B64238E0447F1269D08B9F~YAAQJHYGF5aK44SEAQAAix5fuhFiCrKgl6AOUeALwvOz3khwNy5SInheHmA6l6eJh0IuTtv0BF8K+nNtOJzpvKjBr/GLtvmY5ukJcxlDhxDBTwVPTTcYRJP5GlCb4QxHfcjM87jAPwaPCnidYtp05b45+YOwCLntrrLsoJUS4UUp6ph+2zFWzlSqY2SY1BcY/NoLIeeNNg5Ucvh45mx5NuO8bmhfdyC63aQCH7z5oy6E54z5uMvD8xuEZ8ZE5a6ANv5oNT/1AJKfuvFR1y4gZQU7A+uujkE7CiFcbQH0GUFEpUbhu0yZieE/BFdc~3618870~4536131; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dSun, 27 Nov 2022 22:35:06 GMT; Max-Age\u003d14400; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d109",
    "origin; dur\u003d150"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"access_token":"rOFgkIOYtG3E_KK3KDlCupRUnXy5wSxAhqd4zjkhIw4.12xO3bIbufEkPooj-r5P8dgaykfZfyuUz9N1c2oHnXR_CNTXcCSgre-11F_XHJLHMQbNWrH1XV1-_C1Z9ok9TA.M18xNjY5NTc0MTA2XzE4","expires_in":7200,"id_token":"eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiI2eG9nZ2JWTjZDMXpBa2xTTVRoS3lnIiwiYXVkIjpbImViOWY4M2E3LTliZGYtNGMyYi04MjE0LWUzOWE5NDI0MDE2YiJdLCJhdXRoX3RpbWUiOjE2Njk1NzM2MDYsImV4cCI6MTY2OTU4MTMwNiwiaWF0IjoxNjY5NTc0MTA2LCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiIwNDZkZDdhNy1hYWY4LTRkMjQtYmVkYy04OGE2ZThiZDI1NGYiLCJuYW1lIjoiSVNWIERldiIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NTc0MTAxLCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoieGxzbWh0SWxBQ1pYQXhHWU9zZUxQdyIsInN1YiI6IjYxNjAwMTdONjcifQ.OzwggH4FtOLN6Tbh_wFXhn6JhUWQFN8FKIf6Om0DnSr7JQa105iWal6azGlesXW8P_FBEsy4FcsdrCtGQbC6JiOU0EEaqPBo-J-dQro7zbkobEHIDhXl8Afao1-s5yYWBXL1BvAbOQxkfmbWWUX2Qdgcb8MxX1zam4E0oYwmyApDmWVfaI3U_mb5Z1oIWX11CSgsAT-3wNTc48pzwhnEslggH6TOggbmiSciP90tuLltm0J60icauKlERbebv78eQJNK9vJDJ1ncRkfALMf-qyBYzB7F5vz7VCNtJhNQRElOqiH0sCplCShMC49ON3iivq-OtYWlGY8YoXe4WODQVA","refresh_token":"PJmTNlsCO2EV5zxRn2_HxN6IHJ_6cm0-r6HrE64S-dY.wp5Sav5bqSQgSAoXXNvZWf-cwUgxcKsX49gzjtUgPRoS-JnokRW71hk0Ofn57InpOOiAKpyNDxMV45Ql1qjhhg.M18xNjY5NTc0MTA2XzE4","scope":"openid","token_type":"bearer"}
2022-11-27 18:35:06 SUCCESS
CallTokenEndpointAndReturnFullResponse
Parsed token endpoint response
access_token
rOFgkIOYtG3E_KK3KDlCupRUnXy5wSxAhqd4zjkhIw4.12xO3bIbufEkPooj-r5P8dgaykfZfyuUz9N1c2oHnXR_CNTXcCSgre-11F_XHJLHMQbNWrH1XV1-_C1Z9ok9TA.M18xNjY5NTc0MTA2XzE4
expires_in
7200
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiI2eG9nZ2JWTjZDMXpBa2xTTVRoS3lnIiwiYXVkIjpbImViOWY4M2E3LTliZGYtNGMyYi04MjE0LWUzOWE5NDI0MDE2YiJdLCJhdXRoX3RpbWUiOjE2Njk1NzM2MDYsImV4cCI6MTY2OTU4MTMwNiwiaWF0IjoxNjY5NTc0MTA2LCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiIwNDZkZDdhNy1hYWY4LTRkMjQtYmVkYy04OGE2ZThiZDI1NGYiLCJuYW1lIjoiSVNWIERldiIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NTc0MTAxLCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoieGxzbWh0SWxBQ1pYQXhHWU9zZUxQdyIsInN1YiI6IjYxNjAwMTdONjcifQ.OzwggH4FtOLN6Tbh_wFXhn6JhUWQFN8FKIf6Om0DnSr7JQa105iWal6azGlesXW8P_FBEsy4FcsdrCtGQbC6JiOU0EEaqPBo-J-dQro7zbkobEHIDhXl8Afao1-s5yYWBXL1BvAbOQxkfmbWWUX2Qdgcb8MxX1zam4E0oYwmyApDmWVfaI3U_mb5Z1oIWX11CSgsAT-3wNTc48pzwhnEslggH6TOggbmiSciP90tuLltm0J60icauKlERbebv78eQJNK9vJDJ1ncRkfALMf-qyBYzB7F5vz7VCNtJhNQRElOqiH0sCplCShMC49ON3iivq-OtYWlGY8YoXe4WODQVA
refresh_token
PJmTNlsCO2EV5zxRn2_HxN6IHJ_6cm0-r6HrE64S-dY.wp5Sav5bqSQgSAoXXNvZWf-cwUgxcKsX49gzjtUgPRoS-JnokRW71hk0Ofn57InpOOiAKpyNDxMV45Ql1qjhhg.M18xNjY5NTc0MTA2XzE4
scope
openid
token_type
bearer
2022-11-27 18:35:06 SUCCESS
CheckTokenEndpointHttpStatus200
Token endpoint http status code was 200
2022-11-27 18:35:06 SUCCESS
CheckTokenEndpointReturnedJsonContentType
token_endpoint_response_headers Content-Type: header is application/json
2022-11-27 18:35:06 SUCCESS
CheckTokenEndpointCacheHeaders
'cache-control' header in token endpoint response contains expected value.
cache_control_header
no-store
2022-11-27 18:35:06 SUCCESS
CheckIfTokenEndpointResponseError
No error from token endpoint
2022-11-27 18:35:06 SUCCESS
ExtractAccessTokenFromTokenResponse
Extracted the access token
value
rOFgkIOYtG3E_KK3KDlCupRUnXy5wSxAhqd4zjkhIw4.12xO3bIbufEkPooj-r5P8dgaykfZfyuUz9N1c2oHnXR_CNTXcCSgre-11F_XHJLHMQbNWrH1XV1-_C1Z9ok9TA.M18xNjY5NTc0MTA2XzE4
type
bearer
2022-11-27 18:35:06 SUCCESS
CheckTokenTypeIsBearer
Token type is bearer
2022-11-27 18:35:06 SUCCESS
EnsureMinimumAccessTokenEntropy
Calculated shannon entropy seems sufficient
actual
856.4174221394536
expected
96.0
value
rOFgkIOYtG3E_KK3KDlCupRUnXy5wSxAhqd4zjkhIw4.12xO3bIbufEkPooj-r5P8dgaykfZfyuUz9N1c2oHnXR_CNTXcCSgre-11F_XHJLHMQbNWrH1XV1-_C1Z9ok9TA.M18xNjY5NTc0MTA2XzE4
2022-11-27 18:35:06 SUCCESS
EnsureAccessTokenContainsAllowedCharactersOnly
Access token does not contain any illegal characters
2022-11-27 18:35:06 SUCCESS
ExtractExpiresInFromTokenEndpointResponse
Extracted 'expires_in'
expires_in
7200
2022-11-27 18:35:06 SUCCESS
ValidateExpiresIn
expires_in passed all validation checks
expires_in
7200
2022-11-27 18:35:06 SUCCESS
EnsureAccessTokenValuesAreDifferent
Access token values are not the same
first_access_token
af4zckAhX6VWh11CnfVMg5iq-5VqbJJqDgIC1nI35X4.lU5ZcGuyyQW0VGIGt9VKcXZPo0D-VPmYLp2311agCeqgDXNfDhcYNqA4vdk1MpukshgsqWu8ZbYsFys8VW1u7A.M18xNjY5NTc0MTA1XzE4
second_access_token
rOFgkIOYtG3E_KK3KDlCupRUnXy5wSxAhqd4zjkhIw4.12xO3bIbufEkPooj-r5P8dgaykfZfyuUz9N1c2oHnXR_CNTXcCSgre-11F_XHJLHMQbNWrH1XV1-_C1Z9ok9TA.M18xNjY5NTc0MTA2XzE4
2022-11-27 18:35:06 SUCCESS
ExtractIdTokenFromTokenResponse
Found and parsed the id_token from token_endpoint_response
value
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiI2eG9nZ2JWTjZDMXpBa2xTTVRoS3lnIiwiYXVkIjpbImViOWY4M2E3LTliZGYtNGMyYi04MjE0LWUzOWE5NDI0MDE2YiJdLCJhdXRoX3RpbWUiOjE2Njk1NzM2MDYsImV4cCI6MTY2OTU4MTMwNiwiaWF0IjoxNjY5NTc0MTA2LCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiIwNDZkZDdhNy1hYWY4LTRkMjQtYmVkYy04OGE2ZThiZDI1NGYiLCJuYW1lIjoiSVNWIERldiIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NTc0MTAxLCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoieGxzbWh0SWxBQ1pYQXhHWU9zZUxQdyIsInN1YiI6IjYxNjAwMTdONjcifQ.OzwggH4FtOLN6Tbh_wFXhn6JhUWQFN8FKIf6Om0DnSr7JQa105iWal6azGlesXW8P_FBEsy4FcsdrCtGQbC6JiOU0EEaqPBo-J-dQro7zbkobEHIDhXl8Afao1-s5yYWBXL1BvAbOQxkfmbWWUX2Qdgcb8MxX1zam4E0oYwmyApDmWVfaI3U_mb5Z1oIWX11CSgsAT-3wNTc48pzwhnEslggH6TOggbmiSciP90tuLltm0J60icauKlERbebv78eQJNK9vJDJ1ncRkfALMf-qyBYzB7F5vz7VCNtJhNQRElOqiH0sCplCShMC49ON3iivq-OtYWlGY8YoXe4WODQVA
header
{
  "kid": "server",
  "alg": "RS256"
}
claims
{
  "at_hash": "6xoggbVN6C1zAklSMThKyg",
  "sub": "6160017N67",
  "rat": 1669574101,
  "realmName": "cloudIdentityRealm",
  "amr": [
    "password"
  ],
  "iss": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "preferred_username": "isvdev@ibm.com",
  "rt_hash": "xlsmhtIlACZXAxGYOseLPw",
  "acr": "urn:ibm:security:policy:id:1",
  "aud": "eb9f83a7-9bdf-4c2b-8214-e39a9424016b",
  "auth_time": 1669573606,
  "name": "ISV Dev",
  "exp": 1669581306,
  "iat": 1669574106,
  "jti": "046dd7a7-aaf8-4d24-bedc-88a6e8bd254f"
}
2022-11-27 18:35:06 SUCCESS
ExtractRefreshTokenFromTokenResponse
Extracted refresh token from response
refresh_token
PJmTNlsCO2EV5zxRn2_HxN6IHJ_6cm0-r6HrE64S-dY.wp5Sav5bqSQgSAoXXNvZWf-cwUgxcKsX49gzjtUgPRoS-JnokRW71hk0Ofn57InpOOiAKpyNDxMV45Ql1qjhhg.M18xNjY5NTc0MTA2XzE4
2022-11-27 18:35:06 SUCCESS
EnsureMinimumRefreshTokenLength
Refresh token is of sufficient length
actual
1208
required
128
2022-11-27 18:35:06 SUCCESS
EnsureMinimumRefreshTokenEntropy
Calculated shannon entropy seems sufficient
actual
859.8273316736704
expected
96.0
value
PJmTNlsCO2EV5zxRn2_HxN6IHJ_6cm0-r6HrE64S-dY.wp5Sav5bqSQgSAoXXNvZWf-cwUgxcKsX49gzjtUgPRoS-JnokRW71hk0Ofn57InpOOiAKpyNDxMV45Ql1qjhhg.M18xNjY5NTc0MTA2XzE4
2022-11-27 18:35:06 SUCCESS
CompareIdTokenClaims
Validated id token claims successfully
iss
{
  "first": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "second": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "note": "Values are expected to be equal"
}
sub
{
  "first": "6160017N67",
  "second": "6160017N67",
  "note": "Values are expected to be equal"
}
iat
{
  "first": 1669574105,
  "second": 1669574106,
  "note": "Values are expected to be different"
}
aud
{
  "first": "eb9f83a7-9bdf-4c2b-8214-e39a9424016b",
  "second": "eb9f83a7-9bdf-4c2b-8214-e39a9424016b",
  "note": "Values are expected to be equal"
}
auth_time
{
  "first": 1669573606,
  "second": 1669573606,
  "note": "Values are expected to be equal"
}
azp
Id tokens do not contain azp claims
Second client: Userinfo endpoint tests
2022-11-27 18:35:06
CallProtectedResource
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/userinfo
request_method
GET
request_headers
{
  "accept": "application/json",
  "authorization": "bearer rOFgkIOYtG3E_KK3KDlCupRUnXy5wSxAhqd4zjkhIw4.12xO3bIbufEkPooj-r5P8dgaykfZfyuUz9N1c2oHnXR_CNTXcCSgre-11F_XHJLHMQbNWrH1XV1-_C1Z9ok9TA.M18xNjY5NTc0MTA2XzE4",
  "content-length": "0"
}
request_body

                                
2022-11-27 18:35:07 RESPONSE
CallProtectedResource
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AKc761330e-2360-4f3a-bf4a-9e284e4c0a9d",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c2816383adda206b8e35",
  "content-length": "324",
  "date": "Sun, 27 Nov 2022 18:35:07 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:1dJOUqi+RlqClQcb91u5pAxwjDUu1joH1fXVUz+MURo\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:61017047; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d82B6744064DC1D538632FFB0CEC1BF28~-1~YAAQJHYGF6GK44SEAQAA5B9fugjHHqrFlRPeQ6M89g6Pl96gQNdBo5JXS5l8ZEVRIqcF3jismXtDmMv7A9QbLDJ/2337ZmsOT86EW8yhD33L5gLrBCl28RMVPV+lF0uJ8wB8dPPl5kfCs3WsT87NAqfHkukp+UsLuVXDxvaP7FiSX/LVXPfhjRQWM3dZdSNTSwCWBt0TuG/qasq5gwpY3ujfbivCSYZnFTg2gSsVswmP4fcTBThaDRBZvk7MutKq+8YmUVSZY6M/9YwTd8UGNCZQfo39hkuTuHYXDqrXON0lQOLehKLq6sXLxuELLxEb2por7U5aVkMBMgBzaQ4tkE0koiz2NvJCEa+620drSYLQKXzgh0W4yTEVhxP92h4hl3Ucoxc\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 27 Nov 2023 18:35:07 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003dCF57C9638D68E43EBA23D8374DB40DA1~YAAQJHYGF6KK44SEAQAA5R9fuhGGb1GKx/D8d9ATnO6y/EtzP2lHZnKAgkdshDqEEQxn/VMcsUZ72O3Cbqs9ZdM2Pdy2gQXWn897a7IFd7a2s9fQDuHdQzI9HQfvCqz3zcWsr6JLT5gGngWOu1APYcUDspvNVoQ/kQib8FwibI9zMZ2EUrGb4qhcgqjDsaWocrh1+5UUlw6pvF6YlYBzvdot7Gwn2yH5jytg2zu6qeurcwW74uDTDzuzj7tYY2M9l/a7oRpEduQZ1+BJ9qKMcDRHGeUDEN0GaPvr+zsm5Eruvj1BJhnlYTnlVivl~3618870~4536131; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dSun, 27 Nov 2022 22:35:06 GMT; Max-Age\u003d14399; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d122",
    "origin; dur\u003d148"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"acr":"urn:ibm:security:policy:id:1","amr":["password"],"aud":["eb9f83a7-9bdf-4c2b-8214-e39a9424016b"],"auth_time":1669573606,"iss":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2","name":"ISV Dev","preferred_username":"isvdev@ibm.com","rat":1669574101,"realmName":"cloudIdentityRealm","sub":"6160017N67"}
2022-11-27 18:35:07 SUCCESS
CallProtectedResource
Got a response from the resource endpoint
status
200
endpoint_name
resource
headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AKc761330e-2360-4f3a-bf4a-9e284e4c0a9d",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c2816383adda206b8e35",
  "content-length": "324",
  "date": "Sun, 27 Nov 2022 18:35:07 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:1dJOUqi+RlqClQcb91u5pAxwjDUu1joH1fXVUz+MURo\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:61017047; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d82B6744064DC1D538632FFB0CEC1BF28~-1~YAAQJHYGF6GK44SEAQAA5B9fugjHHqrFlRPeQ6M89g6Pl96gQNdBo5JXS5l8ZEVRIqcF3jismXtDmMv7A9QbLDJ/2337ZmsOT86EW8yhD33L5gLrBCl28RMVPV+lF0uJ8wB8dPPl5kfCs3WsT87NAqfHkukp+UsLuVXDxvaP7FiSX/LVXPfhjRQWM3dZdSNTSwCWBt0TuG/qasq5gwpY3ujfbivCSYZnFTg2gSsVswmP4fcTBThaDRBZvk7MutKq+8YmUVSZY6M/9YwTd8UGNCZQfo39hkuTuHYXDqrXON0lQOLehKLq6sXLxuELLxEb2por7U5aVkMBMgBzaQ4tkE0koiz2NvJCEa+620drSYLQKXzgh0W4yTEVhxP92h4hl3Ucoxc\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 27 Nov 2023 18:35:07 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003dCF57C9638D68E43EBA23D8374DB40DA1~YAAQJHYGF6KK44SEAQAA5R9fuhGGb1GKx/D8d9ATnO6y/EtzP2lHZnKAgkdshDqEEQxn/VMcsUZ72O3Cbqs9ZdM2Pdy2gQXWn897a7IFd7a2s9fQDuHdQzI9HQfvCqz3zcWsr6JLT5gGngWOu1APYcUDspvNVoQ/kQib8FwibI9zMZ2EUrGb4qhcgqjDsaWocrh1+5UUlw6pvF6YlYBzvdot7Gwn2yH5jytg2zu6qeurcwW74uDTDzuzj7tYY2M9l/a7oRpEduQZ1+BJ9qKMcDRHGeUDEN0GaPvr+zsm5Eruvj1BJhnlYTnlVivl~3618870~4536131; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dSun, 27 Nov 2022 22:35:06 GMT; Max-Age\u003d14399; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d122",
    "origin; dur\u003d148"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
body
{"acr":"urn:ibm:security:policy:id:1","amr":["password"],"aud":["eb9f83a7-9bdf-4c2b-8214-e39a9424016b"],"auth_time":1669573606,"iss":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2","name":"ISV Dev","preferred_username":"isvdev@ibm.com","rat":1669574101,"realmName":"cloudIdentityRealm","sub":"6160017N67"}
2022-11-27 18:35:07 SUCCESS
EnsureHttpStatusCodeIs200
resource endpoint returned the expected http status
expected_status
200
http_status
200
Attempting to use refresh_token issued to client 2 with client 1
2022-11-27 18:35:07 SUCCESS
CreateRefreshTokenRequest
Created token endpoint request parameters
grant_type
refresh_token
refresh_token
PJmTNlsCO2EV5zxRn2_HxN6IHJ_6cm0-r6HrE64S-dY.wp5Sav5bqSQgSAoXXNvZWf-cwUgxcKsX49gzjtUgPRoS-JnokRW71hk0Ofn57InpOOiAKpyNDxMV45Ql1qjhhg.M18xNjY5NTc0MTA2XzE4
2022-11-27 18:35:07 SUCCESS
AddScopeToTokenEndpointRequest
Added scope of 'openid' to token endpoint request
grant_type
refresh_token
refresh_token
PJmTNlsCO2EV5zxRn2_HxN6IHJ_6cm0-r6HrE64S-dY.wp5Sav5bqSQgSAoXXNvZWf-cwUgxcKsX49gzjtUgPRoS-JnokRW71hk0Ofn57InpOOiAKpyNDxMV45Ql1qjhhg.M18xNjY5NTc0MTA2XzE4
scope
openid
2022-11-27 18:35:07 SUCCESS
AddBasicAuthClientSecretAuthenticationParameters
Added basic authorization header
Authorization
Basic Y2YzMTY2Y2YtOGI2Ny00NDgzLTkwYmUtNDg3NTViYzg4M2FhOndiOFp3Q1lVejQ=
2022-11-27 18:35:07
CallTokenEndpointAndReturnFullResponse
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/token
request_method
POST
request_headers
{
  "accept": "application/json",
  "authorization": "Basic Y2YzMTY2Y2YtOGI2Ny00NDgzLTkwYmUtNDg3NTViYzg4M2FhOndiOFp3Q1lVejQ\u003d",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "203"
}
request_body
grant_type=refresh_token&refresh_token=PJmTNlsCO2EV5zxRn2_HxN6IHJ_6cm0-r6HrE64S-dY.wp5Sav5bqSQgSAoXXNvZWf-cwUgxcKsX49gzjtUgPRoS-JnokRW71hk0Ofn57InpOOiAKpyNDxMV45Ql1qjhhg.M18xNjY5NTc0MTA2XzE4&scope=openid
2022-11-27 18:35:07 RESPONSE
CallTokenEndpointAndReturnFullResponse
HTTP response
response_status_code
400 BAD_REQUEST
response_status_text
Bad Request
response_headers
{
  "x-backside-transport": "FAIL FAIL",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK50ab0da9-d093-4849-a60b-f3cd81260c0b",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c2816383addb3551e541",
  "content-length": "157",
  "date": "Sun, 27 Nov 2022 18:35:07 GMT",
  "connection": "close",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:tnSpYOW8Q6FBCjhjrOZHqTvy4RVO3zpm/w3Ifs0pgLg\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:54725591; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d3086DE613F58CE79C9E061FD5A69590A~-1~YAAQJHYGF6qK44SEAQAACCFfugj4je/Qm1rUF/TTTOKLrz7s2hikDwkb8ns9WKGaLhXbATweTLABjDyH0GndS0CrYnxrVzlyR+3vODzWWIf4bgAMjz7GXu1Gh0hvU+aLxG51TmEPaCnzctnN6Ch6Uogh2FhHhl6wPkG3vrsTSLJLVrvF4cWb3FU02xuO0VOJ5OuR6+9yXoF2+kXTYJz7FCydU71fVe9fg/DiydzG4nRWEshs6FRRoHNlmFrFtfvAd4FwSmuT2tW5VQRoQa7ZMmX4rICR6Rsy4oxvLUJTn2xE88HMVEQWkARAMYuwaTn4u2ZAYV/mNk7XhZC56D0qEK/H7gdQSTaUwNwXh4qopBm6NbSv79yOwNZ4SwERamMvRbGXCpU\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 27 Nov 2023 18:35:07 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003dA528A29F037B45AD9A6998C2556FB1AE~YAAQJHYGF6uK44SEAQAACCFfuhHz0sV3HoP+UrKaVgblsRzNfczmv9YsTaR/9J/DCC0F4BcbBdy9cXqVuEq28lu4fVR7HZ85yddnMHLU06HLVFb+5WGHctXK3Sak4HPt2wf/b1zjgXIYuxEmyU6F8WFq0KqIndIct63RUvJSs06xeSikRs+tfrk0fOEq/3MkuCdiI8jWeVGyp9CQAdrGWgOD4h+DC2aW8fxDzJ0hwYSY2nr2/DxtnKTUj5J6+l5LoY+LZj2UU2XsUEV/1I2SfGYK7x4ICCF2OJ3AOLLPkfzljaQSimeLcLbKp0XZ~3621684~3551811; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dSun, 27 Nov 2022 22:35:07 GMT; Max-Age\u003d14400; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d104",
    "origin; dur\u003d104"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"error":"invalid_grant","error_description":"CSIAQ5087E The OAuth 2.0 Client ID from this request does not match the ID during the initial token issuance."}
2022-11-27 18:35:07 SUCCESS
CallTokenEndpointAndReturnFullResponse
Parsed token endpoint response
error
invalid_grant
error_description
CSIAQ5087E The OAuth 2.0 Client ID from this request does not match the ID during the initial token issuance.
2022-11-27 18:35:07 SUCCESS
ValidateErrorFromTokenEndpointResponseError
Token endpoint response error returned valid 'error' field
error
invalid_grant
2022-11-27 18:35:07 SUCCESS
CheckTokenEndpointHttpStatus400
Token endpoint http status code was 400
2022-11-27 18:35:07 SUCCESS
CheckTokenEndpointReturnedJsonContentType
token_endpoint_response_headers Content-Type: header is application/json
2022-11-27 18:35:07 SUCCESS
CheckErrorFromTokenEndpointResponseErrorInvalidGrant
Token Endpoint response error returned expected 'error' of 'invalid_grant'
expected
[
  "invalid_grant"
]
2022-11-27 18:35:07 FINISHED
oidcc-refresh-token
Test has run to completion
testmodule_result
PASSED
Unregister dynamically registered client
2022-11-27 18:35:07
UnregisterDynamicallyRegisteredClient
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register/cf3166cf-8b67-4483-90be-48755bc883aa
request_method
DELETE
request_headers
{
  "accept": "application/json",
  "authorization": "Bearer fJCyNtQLX4wFFmstrlRqasJk3YzriPls3-6YQ6iCAwI.Xs9iEwswUUXzO7R4PYnvty4Fq7J4GJApoiV9m3142w4DnsyIiU12Om-w5r27kJEyV_Cy2f4NPWN3oInefTQ_kQ.M18xNjY5NTc0MDgwXzE4",
  "content-length": "0"
}
request_body

                                
2022-11-27 18:35:09 RESPONSE
UnregisterDynamicallyRegisteredClient
HTTP response
response_status_code
204 NO_CONTENT
response_status_text
No Content
response_headers
{
  "x-backside-transport": "OK OK",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK7d237c00-e586-41fc-9ea3-1e69adeeb301",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c2816383addb206b91a5",
  "date": "Sun, 27 Nov 2022 18:35:09 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:aa1UafCePbcPfbjjI6Gx51k5T86SWxTaCrDK+1j138g\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:54725591; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003dD8E0CD1505CF2DF30B36964789EDBCFC~-1~YAAQJHYGF8mK44SEAQAAaCdfugjd3XMoeNecFpl3Ijj8qEMkZuJ47UUe4ng8Jyb299k6TqAETaGmfxJWXJcBIXjyZjQAKsj/eQ6ybjBaXE2Nuc/ionk6AyUuZVT7/jV7svNc0ZpmyPUbFsveZyiOSmJ5B8GZrJ0d5qguOaQGMbAey9cwsUWYPtPAdCYWRkPt7orJCQdQwa4Sx7VXNGQ4YIjCRyjdEOZyyHDHEhWtK6vFJBBdMboG0mGWELETuuDooYJBMneZJF487zXeaxyhb5SiDF/SrxIJgdnwh3LiaawDOmXVNiaVyFYG8csJhol1cx3UoeTvmAkLAf/659V0SFXx7zvjsbBnjAX1z55LwvS6HaxoBUICOkBHr5wrnfV3XTbdS8A\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 27 Nov 2023 18:35:09 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003dEACFD6AECDB8FDEB455BBB210E3FC62C~YAAQJHYGF8qK44SEAQAAaCdfuhGVJh0+nNJ2GW1xVZJnYLI3O0OghJVgQLiKUQLwq+95WNZd5rJtplFib0GzL0UMthTiBatmTm0NII/nYzwEeItuyyoLdgDt387leHQ76lmXBZV2bvMzUXgKZJRSx0fWIGR0+cKu4OrfE20MfAQF14WucydsfqyCBCaXcdmlh3TQPrhCq1V2MGucH5m2g+BjkLBKLt2XaoF6lSPPoFYs8Ac/ULiarCaA16fyUuLOlT+zTq8IqU+VWDNfzBYg92B59Wf1LYCmwxfJ8gF2d/OmUCSTQeSwvni/ssUj~3621684~3551811; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dSun, 27 Nov 2022 22:35:07 GMT; Max-Age\u003d14398; Secure"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body

                                
2022-11-27 18:35:09 SUCCESS
UnregisterDynamicallyRegisteredClient
Client successfully unregistered
Second client: Unregister dynamically registered client
2022-11-27 18:35:09
UnregisterDynamicallyRegisteredClient
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register/eb9f83a7-9bdf-4c2b-8214-e39a9424016b
request_method
DELETE
request_headers
{
  "accept": "application/json",
  "authorization": "Bearer QvdhbAUEBsKDx-vwlNfmISPvW6JhlaNitIxDggNQdtU.3CTl2k2VL178R_enMMNddL4Hz1xth0AdLoSR05fJBLbzkidlpYfjkRgy-O4i7jyfA_Wddz-1nBH6yHJK-aQWdw.M18xNjY5NTc0MDgyXzE4",
  "content-length": "0"
}
request_body

                                
2022-11-27 18:35:10 RESPONSE
UnregisterDynamicallyRegisteredClient
HTTP response
response_status_code
204 NO_CONTENT
response_status_text
No Content
response_headers
{
  "x-backside-transport": "OK OK",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK2b497e99-94fb-47de-bf4b-910e16b5852a",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c2816383addd3551e991",
  "date": "Sun, 27 Nov 2022 18:35:10 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:Azwbe/KPiHOOafBKFnlFTYiJPWbUZgGM+UJKxTWz1Z0\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:54725591; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d1A078E1FC094B1898BD36DD897A24E5D~-1~YAAQJHYGFxCL44SEAQAANy1fuggo0IqCiJRY5cqewHMFksBLDpzVuBb/eYUUELbc00oFRjTBVJUp84s43tKF26AVl4/ayNcs5+3khXk6ZhDcyXG/iPJFwiJM5q9AL1TvD3EW0xqCJ0AL2q4mFbqKkdSKb5QYCLEC6TE5s93eX3WgmYqlrhdpHzRgi+ErzjogUAnSpTMz9iR1eJnF80zdO+bG5C2r0tVtNQKs8DW21DaZr/W8v8lrFfWxUgb0jA8eCJAv9a91WTKAO5hXGZnqIEbHd5E4BU+8CpjLa+cvvXVzTz6s+Rf9KTEeo4QbTIeFc45PVFhp2dQZ/gJbXyZMJKO6jY268064lPvjhFc93d3phv9Zt3F2lsAmKwCmopo6L2/ReA4\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 27 Nov 2023 18:35:10 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d978AB7457A400B99C5C7290944F842A0~YAAQJHYGFxGL44SEAQAANy1fuhFxBtTB0dAoUEWPthO9hUYvoEhsVULKztXqxyaD2BV4VJ4jCfczotPS/QoRqGkivh/KT5xgY1qt/g4nw50BmYFEbLY4gh1M6Dvt+7cIT34KNm5KgMlGBlHL4WEpXUeYvFSNAwZSELnBO0/2Bt7cjzTFLXl7euIsjSf/XqP+QCaqGJCFSw0FwvFVbboRVpK1/rXx0Bp+bGs/BdBk5bZuASMnD7WQxj02kFs/n2VeeDxUGVTMTY7k3XJbDtcu2yfDJIlHXtOel0dEtDKsbF+pPRNeOI2cO3YUNaWk~3618611~4277560; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dSun, 27 Nov 2022 22:35:09 GMT; Max-Age\u003d14399; Secure"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body

                                
2022-11-27 18:35:10 SUCCESS
UnregisterDynamicallyRegisteredClient
Client successfully unregistered
2022-11-27 18:37:32
TEST-RUNNER
Alias has now been claimed by another test
alias
isv_op_oidc_core_test
new_test_id
6KYrvGsQKcvkSzo
Test Results