Test Summary

Test Results

Expand All Collapse All
All times are UTC
2022-11-27 17:12:16 INFO
TEST-RUNNER
Test instance XfEQJlyrYNtJX8H created
baseUrl
https://www.certification.openid.net/test/a/isv_op_oidc_core_test
variant
{
  "client_auth_type": "client_secret_basic",
  "response_type": "code token",
  "server_metadata": "discovery",
  "response_mode": "default",
  "client_registration": "dynamic_client"
}
alias
isv_op_oidc_core_test
description
isv_op_oidc_core_test_dynamic_client
planId
rdCLwWmseshp4
config
{
  "server": {
    "discoveryUrl": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/.well-known/openid-configuration",
    "login_hint": "isvdev@ibm.com"
  },
  "client": {
    "client_name": "Ristretto Core Conformance Test Dynamic Client One"
  },
  "client2": {
    "client_name": "Ristretto Core Conformance Test Dynamic Client Two"
  },
  "consent": {},
  "alias": "isv_op_oidc_core_test",
  "description": "isv_op_oidc_core_test_dynamic_client"
}
testName
oidcc-scope-profile
2022-11-27 17:12:16 SUCCESS
CreateRedirectUri
Created redirect URI
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
2022-11-27 17:12:16
GetDynamicServerConfiguration
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/.well-known/openid-configuration
request_method
GET
request_headers
{
  "accept": "text/plain, application/json, application/*+json, */*",
  "content-length": "0"
}
request_body

                                
2022-11-27 17:12:17 RESPONSE
GetDynamicServerConfiguration
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AKfb82f7f7-1180-4fc4-b742-fea2eca2efb0",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c28163839a7135134591",
  "vary": "Accept-Encoding",
  "date": "Sun, 27 Nov 2022 17:12:17 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:Ylad7OXJzQAV7WbXA3Wc3Q92hgzJ7egKtHA/O6m6PVg\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:54725591; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d0020A6DC28E6B8F83DBFDBC609009972~-1~YAAQBmrcF02dQIiEAQAAOEoTugjLVR3tzjl3VaZKWPTGT4Bw4QkPdemDyRV81Ry0aLSzDbBTkJeOPlrbaPRMGxcOjVC8Hi84a6wRECLOH8Ba1JWLxsTHLUsQoWwyYVHhH9xeLWGNn2Job7y7xHCPYWeMN55U4CHCLT6HfT19FWfc4kI6fqpMYyNzPlbY3Vnb1LSqCsrVN7w/oRUfPX9NHDNaQ946cZhfMwlIQUfV0oNHag0tDh7o++WPnwYNeS8d1/Vx6MQBfNhq18mhtupO3A5QZ0ZVvScXX231qa6GF4v+wHeNh0GgrUNYjn226DC94D45MwWSo6XVEFXjMsIksLygiZ9UHwoKq4huRVskhHnGXmN7ZaohFViHiHWBXj9jQL6O9Oc\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 27 Nov 2023 17:12:17 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d2322E54D0072C6E4D87436A6890D67DF~YAAQBmrcF06dQIiEAQAAOEoTuhE2tt9J5SR3eHLhBBSlS8+VNPPnZb5H76CIH1XM+b3GaG8ClT2cUE/0YLCD51vKI8cU3jZ2149o7kFnZ/POg2hKedq2Lg/74BD0E9u7gaLBbBE9Dh3uUm4IiUi+OAuZ7oGszlpgtfQv9mTFPD5/EFJWp6ud1PAGr1ps4OrdYjVBu7sw+WysLvdWCvn031NVnQpsfzsyXLDQGEjC8Lrfxsj9LLaCcfLt1f2qZ0ckCHoq2WfQPmQojAH0dDryVu33i5VIoFjJhHzsBdJUhGdZQHLuR+bUXRwFtkTJ~3359297~3616816; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dSun, 27 Nov 2022 21:12:17 GMT; Max-Age\u003d14400; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d85",
    "origin; dur\u003d94"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"issuer":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2","authorization_endpoint":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/authorize","token_endpoint":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/token","introspection_endpoint":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/introspect","userinfo_endpoint":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/userinfo","revocation_endpoint":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/revoke","pushed_authorization_request_endpoint":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/par","registration_endpoint":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register","jwks_uri":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/jwks","response_types_supported":["none","code","token","id_token","code token","code id_token","token id_token","code token id_token"],"response_modes_supported":["query","fragment","form_post","jwt","query.jwt","fragment.jwt","form_post.jwt"],"grant_types_supported":["authorization_code","implicit","password","refresh_token","client_credentials"],"token_endpoint_auth_methods_supported":["client_secret_basic","client_secret_post","private_key_jwt","tls_client_auth"],"authorization_signing_alg_values_supported":["RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512"],"authorization_encryption_alg_values_supported":["none","RSA-OAEP","RSA-OAEP-256"],"authorization_encryption_enc_values_supported":["none","A128GCM","A192GCM","A256GCM"],"id_token_signing_alg_values_supported":["RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512"],"id_token_encryption_alg_values_supported":["none","RSA-OAEP","RSA-OAEP-256"],"id_token_encryption_enc_values_supported":["none","A128GCM","A192GCM","A256GCM"],"userinfo_signing_alg_values_supported":["RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512"],"userinfo_encryption_alg_values_supported":["none","RSA-OAEP","RSA-OAEP-256"],"userinfo_encryption_enc_values_supported":["none","A128GCM","A192GCM","A256GCM"],"token_endpoint_auth_signing_alg_values_supported":["RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512"],"request_object_signing_alg_values_supported":["RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512"],"request_object_encryption_alg_values_supported":["none","RSA-OAEP","RSA-OAEP-256"],"request_object_encryption_enc_values_supported":["none","A128GCM","A192GCM","A256GCM"],"subject_types_supported":["public"],"scopes_supported":["openid","profile","email","phone","address"],"claims_supported":["upn","realmName","name","tenantId","department","mobile_number","job_title","employee_id","preferred_username","email","given_name","family_name","groupIds","uid","iss","acr"],"claim_types_supported":["normal"],"claims_parameter_supported":true,"request_parameter_supported":true,"request_uri_parameter_supported":true,"require_request_uri_registration":true,"tls_client_certificate_bound_access_tokens":true,"mtls_endpoint_aliases":{"introspection_endpoint":"https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/introspect","pushed_authorization_request_endpoint":"https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/par","revocation_endpoint":"https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/revoke","token_endpoint":"https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/token"},"dpop_signing_alg_values_supported":["RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512"]}
2022-11-27 17:12:17 SUCCESS
GetDynamicServerConfiguration
Successfully parsed server configuration
issuer
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2
authorization_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/authorize
token_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/token
introspection_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/introspect
userinfo_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/userinfo
revocation_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/revoke
pushed_authorization_request_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/par
registration_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register
jwks_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/jwks
response_types_supported
[
  "none",
  "code",
  "token",
  "id_token",
  "code token",
  "code id_token",
  "token id_token",
  "code token id_token"
]
response_modes_supported
[
  "query",
  "fragment",
  "form_post",
  "jwt",
  "query.jwt",
  "fragment.jwt",
  "form_post.jwt"
]
grant_types_supported
[
  "authorization_code",
  "implicit",
  "password",
  "refresh_token",
  "client_credentials"
]
token_endpoint_auth_methods_supported
[
  "client_secret_basic",
  "client_secret_post",
  "private_key_jwt",
  "tls_client_auth"
]
authorization_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "PS256",
  "PS384",
  "PS512",
  "ES256",
  "ES384",
  "ES512"
]
authorization_encryption_alg_values_supported
[
  "none",
  "RSA-OAEP",
  "RSA-OAEP-256"
]
authorization_encryption_enc_values_supported
[
  "none",
  "A128GCM",
  "A192GCM",
  "A256GCM"
]
id_token_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "PS256",
  "PS384",
  "PS512",
  "ES256",
  "ES384",
  "ES512"
]
id_token_encryption_alg_values_supported
[
  "none",
  "RSA-OAEP",
  "RSA-OAEP-256"
]
id_token_encryption_enc_values_supported
[
  "none",
  "A128GCM",
  "A192GCM",
  "A256GCM"
]
userinfo_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "PS256",
  "PS384",
  "PS512",
  "ES256",
  "ES384",
  "ES512"
]
userinfo_encryption_alg_values_supported
[
  "none",
  "RSA-OAEP",
  "RSA-OAEP-256"
]
userinfo_encryption_enc_values_supported
[
  "none",
  "A128GCM",
  "A192GCM",
  "A256GCM"
]
token_endpoint_auth_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "PS256",
  "PS384",
  "PS512",
  "ES256",
  "ES384",
  "ES512"
]
request_object_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "PS256",
  "PS384",
  "PS512",
  "ES256",
  "ES384",
  "ES512"
]
request_object_encryption_alg_values_supported
[
  "none",
  "RSA-OAEP",
  "RSA-OAEP-256"
]
request_object_encryption_enc_values_supported
[
  "none",
  "A128GCM",
  "A192GCM",
  "A256GCM"
]
subject_types_supported
[
  "public"
]
scopes_supported
[
  "openid",
  "profile",
  "email",
  "phone",
  "address"
]
claims_supported
[
  "upn",
  "realmName",
  "name",
  "tenantId",
  "department",
  "mobile_number",
  "job_title",
  "employee_id",
  "preferred_username",
  "email",
  "given_name",
  "family_name",
  "groupIds",
  "uid",
  "iss",
  "acr"
]
claim_types_supported
[
  "normal"
]
claims_parameter_supported
true
request_parameter_supported
true
request_uri_parameter_supported
true
require_request_uri_registration
true
tls_client_certificate_bound_access_tokens
true
mtls_endpoint_aliases
{
  "introspection_endpoint": "https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/introspect",
  "pushed_authorization_request_endpoint": "https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/par",
  "revocation_endpoint": "https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/revoke",
  "token_endpoint": "https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/token"
}
dpop_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "PS256",
  "PS384",
  "PS512",
  "ES256",
  "ES384",
  "ES512"
]
2022-11-27 17:12:17 SUCCESS
CheckServerConfiguration
Found required server configuration keys
required
[
  "authorization_endpoint",
  "token_endpoint",
  "issuer"
]
2022-11-27 17:12:17 SUCCESS
ExtractTLSTestValuesFromServerConfiguration
Extracted TLS information from authorization server configuration
registration_endpoint
{
  "testHost": "oidc-conformance.rel.verify.ibmcloudsecurity.com",
  "testPort": 443
}
authorization_endpoint
{
  "testHost": "oidc-conformance.rel.verify.ibmcloudsecurity.com",
  "testPort": 443
}
token_endpoint
{
  "testHost": "oidc-conformance.rel.verify.ibmcloudsecurity.com",
  "testPort": 443
}
userinfo_endpoint
{
  "testHost": "oidc-conformance.rel.verify.ibmcloudsecurity.com",
  "testPort": 443
}
2022-11-27 17:12:17
FetchServerKeys
Fetching server key
jwks_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/jwks
2022-11-27 17:12:17
FetchServerKeys
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/jwks
request_method
GET
request_headers
{
  "accept": "text/plain, application/json, application/*+json, */*",
  "content-length": "0"
}
request_body

                                
2022-11-27 17:12:17 RESPONSE
FetchServerKeys
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AKd4d08379-7f3f-40be-a5a9-cf6ee1e8a9b3",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c28163839a7120448265",
  "vary": "Accept-Encoding",
  "date": "Sun, 27 Nov 2022 17:12:17 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:5nShHPaaAcqUPKWQLOtP6g+MIY7c71T0ynADy7JEp3M\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:61017047; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003dDECF1A4239D106CB42A3D616A79413C4~-1~YAAQBmrcF3KdQIiEAQAAxEsTugjSGAJfx/4eVwnKzDoHrgmvey7AlAJ+uAsnpiNy6e1aIghjwymkzyhc1+JhlIm39smEpzbHbdROE4XuqhKHSSDPklTfw2oPHdN3QG8+Er/k/LQOg5v7uEYd87sGNIHnhqvHv/ktdp7S42B/puyHM9HF0jOk8ppbcQ9uCxD8ipW1IZm8bkzOlCROZ7TP3W5LEOKPFMlZYAmocWUIjoONx70p9V7BQVgXd/4gmiwx0egNMG3CUu8jh9GNE8UoUZET8HHtbvhI2+opPwEWDSnhJ9QBOt/mt1KF1Eyg03ogvlkodycLiDwcFSid7tlPDgJ10yvP4FMEK7M1H+eQiR3Nzu/9NbhGV8tq7wSxKjyQ17PzP3Y\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 27 Nov 2023 17:12:17 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d8A47B1A11AC5B7D51C9456FAE2C19B9F~YAAQBmrcF3OdQIiEAQAAxEsTuhFMxt4ukp7cbGagJ7oQwApixCTdbwHz31zlcJoGtEdFMOA2qH8jJgw4q6mxkCbTEyDAJF3XOczZC4PBv/coZMxWw20pTJqamSmBdfpPuyzsGEkTV9Zc7e2rd7c4hnwFiPab6FMI8dx6n5KgyctqDBw/mubhkyzLtfSw+wXRCDGTRYg4kOs2otcIFbjhxl+yIDyxBA0buD36qrnvxG+SEz8P6fW033UsmCRJYhsN/As2X/ToECgAiobVgqcjwJ2v3R24JoZ8YKiY3/6MtpyqQ312MjXBBOnYmPIM~3359297~3616816; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dSun, 27 Nov 2022 21:12:17 GMT; Max-Age\u003d14400; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d94",
    "origin; dur\u003d106"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"keys":[{"kid":"server","kty":"RSA","use":"sig","x5c":["MIIDYDCCAkigAwIBAgIEIFW8uDANBgkqhkiG9w0BAQsFADByMQkwBwYDVQQGEwAxCTAHBgNVBAgTADEJMAcGA1UEBxMAMQkwBwYDVQQKEwAxCTAHBgNVBAsTADE5MDcGA1UEAxMwb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tMB4XDTIyMTExNDA0NDI0MFoXDTMyMTExMTA0NDI0MFowcjEJMAcGA1UEBhMAMQkwBwYDVQQIEwAxCTAHBgNVBAcTADEJMAcGA1UEChMAMQkwBwYDVQQLEwAxOTA3BgNVBAMTMG9pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALBtmxl55OH/ceueSG0bRucWkdCLybhWwz+x9J6IOb8Q89d4lcd7xhdkN+9nYEjqQMDrUEFDj2ajikKlxrJk7tZSkbu5skFuxHUETDhjHBqnNQb1jwhAdYzBPFTyQ9Ii7lm0uYTthnBJKvpvjKPoz7H9Vuu15RNDujq7RF6sDGSIJUTaxbx7EM2Xv37iqfSAjaMCvfLelacNHUfCAoyGeJYXCIOnlg2/KdfoN4QHKw9Dwq12Br2vau/TcvbD8Na4b+Mm/NEf00wFjt+MtbMCDyUFMQbsAuAk2eFS3eABb1VOQ9ZZOOcsXwB4nRewWIVVhJyMEixDXxm73G9oJBUpI6sCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAhvvrczfcb1xsYJeEiVtctWlLfHXyKkfyJpIU1nTGdKpd18tPv4OeLMyuJsOFenhJD95UauFwz3AT1zdHShp04JHWTtkb7aezFN4C9fpb97BUR0BheoYzkC6pgZ7M4QkkKE/AKYZfWLahqcbZ6ICmUfXyDJ2mWpXLpLm+l6jh32NF74ho8h4b65cMpDk5mFEp9vf1WgnmaWGtFjVuhAgaS8IrYcDy3DzVrZX/0kCPa0EXng7Xx1IkhUaKz0ajx3ZCmC6HmNa6U+oDKboGq7w1ZfscjOr8nB9M0f5BUAQN1m0nGAR1Ac96BMjfwwS/05lpPLF3Dv5CzOGLuIi0Cws7xA=="],"x5t#S256":"PVCDmVgwC-YE7Q8Bfe_9jJ8izpYjwStjUEYZEe-58Y4","n":"sG2bGXnk4f9x655IbRtG5xaR0IvJuFbDP7H0nog5vxDz13iVx3vGF2Q372dgSOpAwOtQQUOPZqOKQqXGsmTu1lKRu7myQW7EdQRMOGMcGqc1BvWPCEB1jME8VPJD0iLuWbS5hO2GcEkq-m-Mo-jPsf1W67XlE0O6OrtEXqwMZIglRNrFvHsQzZe_fuKp9ICNowK98t6Vpw0dR8ICjIZ4lhcIg6eWDb8p1-g3hAcrD0PCrXYGva9q79Ny9sPw1rhv4yb80R_TTAWO34y1swIPJQUxBuwC4CTZ4VLd4AFvVU5D1lk45yxfAHidF7BYhVWEnIwSLENfGbvcb2gkFSkjqw","e":"AQAB"}]}
2022-11-27 17:12:17
FetchServerKeys
Found JWK set string
jwk_string
{"keys":[{"kid":"server","kty":"RSA","use":"sig","x5c":["MIIDYDCCAkigAwIBAgIEIFW8uDANBgkqhkiG9w0BAQsFADByMQkwBwYDVQQGEwAxCTAHBgNVBAgTADEJMAcGA1UEBxMAMQkwBwYDVQQKEwAxCTAHBgNVBAsTADE5MDcGA1UEAxMwb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tMB4XDTIyMTExNDA0NDI0MFoXDTMyMTExMTA0NDI0MFowcjEJMAcGA1UEBhMAMQkwBwYDVQQIEwAxCTAHBgNVBAcTADEJMAcGA1UEChMAMQkwBwYDVQQLEwAxOTA3BgNVBAMTMG9pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALBtmxl55OH/ceueSG0bRucWkdCLybhWwz+x9J6IOb8Q89d4lcd7xhdkN+9nYEjqQMDrUEFDj2ajikKlxrJk7tZSkbu5skFuxHUETDhjHBqnNQb1jwhAdYzBPFTyQ9Ii7lm0uYTthnBJKvpvjKPoz7H9Vuu15RNDujq7RF6sDGSIJUTaxbx7EM2Xv37iqfSAjaMCvfLelacNHUfCAoyGeJYXCIOnlg2/KdfoN4QHKw9Dwq12Br2vau/TcvbD8Na4b+Mm/NEf00wFjt+MtbMCDyUFMQbsAuAk2eFS3eABb1VOQ9ZZOOcsXwB4nRewWIVVhJyMEixDXxm73G9oJBUpI6sCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAhvvrczfcb1xsYJeEiVtctWlLfHXyKkfyJpIU1nTGdKpd18tPv4OeLMyuJsOFenhJD95UauFwz3AT1zdHShp04JHWTtkb7aezFN4C9fpb97BUR0BheoYzkC6pgZ7M4QkkKE/AKYZfWLahqcbZ6ICmUfXyDJ2mWpXLpLm+l6jh32NF74ho8h4b65cMpDk5mFEp9vf1WgnmaWGtFjVuhAgaS8IrYcDy3DzVrZX/0kCPa0EXng7Xx1IkhUaKz0ajx3ZCmC6HmNa6U+oDKboGq7w1ZfscjOr8nB9M0f5BUAQN1m0nGAR1Ac96BMjfwwS/05lpPLF3Dv5CzOGLuIi0Cws7xA=="],"x5t#S256":"PVCDmVgwC-YE7Q8Bfe_9jJ8izpYjwStjUEYZEe-58Y4","n":"sG2bGXnk4f9x655IbRtG5xaR0IvJuFbDP7H0nog5vxDz13iVx3vGF2Q372dgSOpAwOtQQUOPZqOKQqXGsmTu1lKRu7myQW7EdQRMOGMcGqc1BvWPCEB1jME8VPJD0iLuWbS5hO2GcEkq-m-Mo-jPsf1W67XlE0O6OrtEXqwMZIglRNrFvHsQzZe_fuKp9ICNowK98t6Vpw0dR8ICjIZ4lhcIg6eWDb8p1-g3hAcrD0PCrXYGva9q79Ny9sPw1rhv4yb80R_TTAWO34y1swIPJQUxBuwC4CTZ4VLd4AFvVU5D1lk45yxfAHidF7BYhVWEnIwSLENfGbvcb2gkFSkjqw","e":"AQAB"}]}
2022-11-27 17:12:17 SUCCESS
FetchServerKeys
Found server JWK set
server_jwks
{
  "keys": [
    {
      "kid": "server",
      "kty": "RSA",
      "use": "sig",
      "x5c": [
        "MIIDYDCCAkigAwIBAgIEIFW8uDANBgkqhkiG9w0BAQsFADByMQkwBwYDVQQGEwAxCTAHBgNVBAgTADEJMAcGA1UEBxMAMQkwBwYDVQQKEwAxCTAHBgNVBAsTADE5MDcGA1UEAxMwb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tMB4XDTIyMTExNDA0NDI0MFoXDTMyMTExMTA0NDI0MFowcjEJMAcGA1UEBhMAMQkwBwYDVQQIEwAxCTAHBgNVBAcTADEJMAcGA1UEChMAMQkwBwYDVQQLEwAxOTA3BgNVBAMTMG9pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALBtmxl55OH/ceueSG0bRucWkdCLybhWwz+x9J6IOb8Q89d4lcd7xhdkN+9nYEjqQMDrUEFDj2ajikKlxrJk7tZSkbu5skFuxHUETDhjHBqnNQb1jwhAdYzBPFTyQ9Ii7lm0uYTthnBJKvpvjKPoz7H9Vuu15RNDujq7RF6sDGSIJUTaxbx7EM2Xv37iqfSAjaMCvfLelacNHUfCAoyGeJYXCIOnlg2/KdfoN4QHKw9Dwq12Br2vau/TcvbD8Na4b+Mm/NEf00wFjt+MtbMCDyUFMQbsAuAk2eFS3eABb1VOQ9ZZOOcsXwB4nRewWIVVhJyMEixDXxm73G9oJBUpI6sCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAhvvrczfcb1xsYJeEiVtctWlLfHXyKkfyJpIU1nTGdKpd18tPv4OeLMyuJsOFenhJD95UauFwz3AT1zdHShp04JHWTtkb7aezFN4C9fpb97BUR0BheoYzkC6pgZ7M4QkkKE/AKYZfWLahqcbZ6ICmUfXyDJ2mWpXLpLm+l6jh32NF74ho8h4b65cMpDk5mFEp9vf1WgnmaWGtFjVuhAgaS8IrYcDy3DzVrZX/0kCPa0EXng7Xx1IkhUaKz0ajx3ZCmC6HmNa6U+oDKboGq7w1ZfscjOr8nB9M0f5BUAQN1m0nGAR1Ac96BMjfwwS/05lpPLF3Dv5CzOGLuIi0Cws7xA\u003d\u003d"
      ],
      "x5t#S256": "PVCDmVgwC-YE7Q8Bfe_9jJ8izpYjwStjUEYZEe-58Y4",
      "n": "sG2bGXnk4f9x655IbRtG5xaR0IvJuFbDP7H0nog5vxDz13iVx3vGF2Q372dgSOpAwOtQQUOPZqOKQqXGsmTu1lKRu7myQW7EdQRMOGMcGqc1BvWPCEB1jME8VPJD0iLuWbS5hO2GcEkq-m-Mo-jPsf1W67XlE0O6OrtEXqwMZIglRNrFvHsQzZe_fuKp9ICNowK98t6Vpw0dR8ICjIZ4lhcIg6eWDb8p1-g3hAcrD0PCrXYGva9q79Ny9sPw1rhv4yb80R_TTAWO34y1swIPJQUxBuwC4CTZ4VLd4AFvVU5D1lk45yxfAHidF7BYhVWEnIwSLENfGbvcb2gkFSkjqw",
      "e": "AQAB"
    }
  ]
}
2022-11-27 17:12:17 SUCCESS
CheckServerKeysIsValid
Server JWKs is valid
server_jwks
{
  "keys": [
    {
      "kid": "server",
      "kty": "RSA",
      "use": "sig",
      "x5c": [
        "MIIDYDCCAkigAwIBAgIEIFW8uDANBgkqhkiG9w0BAQsFADByMQkwBwYDVQQGEwAxCTAHBgNVBAgTADEJMAcGA1UEBxMAMQkwBwYDVQQKEwAxCTAHBgNVBAsTADE5MDcGA1UEAxMwb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tMB4XDTIyMTExNDA0NDI0MFoXDTMyMTExMTA0NDI0MFowcjEJMAcGA1UEBhMAMQkwBwYDVQQIEwAxCTAHBgNVBAcTADEJMAcGA1UEChMAMQkwBwYDVQQLEwAxOTA3BgNVBAMTMG9pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALBtmxl55OH/ceueSG0bRucWkdCLybhWwz+x9J6IOb8Q89d4lcd7xhdkN+9nYEjqQMDrUEFDj2ajikKlxrJk7tZSkbu5skFuxHUETDhjHBqnNQb1jwhAdYzBPFTyQ9Ii7lm0uYTthnBJKvpvjKPoz7H9Vuu15RNDujq7RF6sDGSIJUTaxbx7EM2Xv37iqfSAjaMCvfLelacNHUfCAoyGeJYXCIOnlg2/KdfoN4QHKw9Dwq12Br2vau/TcvbD8Na4b+Mm/NEf00wFjt+MtbMCDyUFMQbsAuAk2eFS3eABb1VOQ9ZZOOcsXwB4nRewWIVVhJyMEixDXxm73G9oJBUpI6sCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAhvvrczfcb1xsYJeEiVtctWlLfHXyKkfyJpIU1nTGdKpd18tPv4OeLMyuJsOFenhJD95UauFwz3AT1zdHShp04JHWTtkb7aezFN4C9fpb97BUR0BheoYzkC6pgZ7M4QkkKE/AKYZfWLahqcbZ6ICmUfXyDJ2mWpXLpLm+l6jh32NF74ho8h4b65cMpDk5mFEp9vf1WgnmaWGtFjVuhAgaS8IrYcDy3DzVrZX/0kCPa0EXng7Xx1IkhUaKz0ajx3ZCmC6HmNa6U+oDKboGq7w1ZfscjOr8nB9M0f5BUAQN1m0nGAR1Ac96BMjfwwS/05lpPLF3Dv5CzOGLuIi0Cws7xA\u003d\u003d"
      ],
      "x5t#S256": "PVCDmVgwC-YE7Q8Bfe_9jJ8izpYjwStjUEYZEe-58Y4",
      "n": "sG2bGXnk4f9x655IbRtG5xaR0IvJuFbDP7H0nog5vxDz13iVx3vGF2Q372dgSOpAwOtQQUOPZqOKQqXGsmTu1lKRu7myQW7EdQRMOGMcGqc1BvWPCEB1jME8VPJD0iLuWbS5hO2GcEkq-m-Mo-jPsf1W67XlE0O6OrtEXqwMZIglRNrFvHsQzZe_fuKp9ICNowK98t6Vpw0dR8ICjIZ4lhcIg6eWDb8p1-g3hAcrD0PCrXYGva9q79Ny9sPw1rhv4yb80R_TTAWO34y1swIPJQUxBuwC4CTZ4VLd4AFvVU5D1lk45yxfAHidF7BYhVWEnIwSLENfGbvcb2gkFSkjqw",
      "e": "AQAB"
    }
  ]
}
2022-11-27 17:12:17 SUCCESS
ValidateServerJWKs
Valid server JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2022-11-27 17:12:17 SUCCESS
CheckForKeyIdInServerJWKs
All keys contain kids
2022-11-27 17:12:17 SUCCESS
CheckDistinctKeyIdValueInServerJWKs
Distinct 'kid' value in all keys of server_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2022-11-27 17:12:17 SUCCESS
EnsureServerJwksDoesNotContainPrivateOrSymmetricKeys
Jwks does not contain any private or symmetric keys
2022-11-27 17:12:17
StoreOriginalClientConfiguration
Created original_client_config object from the client configuration.
client_name
Ristretto Core Conformance Test Dynamic Client One
2022-11-27 17:12:17
ExtractClientNameFromStoredConfig
Extracted client_name from stored client configuration.
client_name
Ristretto Core Conformance Test Dynamic Client One
2022-11-27 17:12:17 SUCCESS
GenerateRS256ClientJWKs
Generated client JWKs
client_jwks
{
  "keys": [
    {
      "p": "0EfBhtNclzd-7ki1DD7Y7q4MBwCBKKsKUM60EkEixXfD0DI8v-DkZfzl0VSoDZGym43so2dVA90PxLhYX9C6tMwClcWX-VvTxFnn-pjDL-WbrRx7qsh6GNEcw64VTIFIXBRmIvgFmWCXSM4I6MGHcgO_6R4UkMFfwhAdDa8kmAk",
      "kty": "RSA",
      "q": "xCWtAFVec9R-jz8I46TWPPt0ubZwwJLwa6_xrjGQABqoOrdOj5AtuAXXuX0q81bSAp_9NB79mTp2ElKn1OgT7XYZPHMC0ChdCaL8KYv_f6r-LM12SVICQfeCjTLk1oC9KgufLb0fg-EeB25Meyb94VYw9cqyVaf1AF3LC8BQZPc",
      "d": "QC_zAntxQwsB8629gVQOBk5asUBe_GtAf1fenK90K-Ze8L8HuV8V2q3mRAmkQtQhhlYdEvNRCFWNHi3bFoyd64RGWVd1j5szec2JsB3uYJ0A9vnEI57yuZL77rs8-uS8Cc_oj6aUjuNq1zG6jVQ2ix27WmDn5rzFfhaMx6Wl2eSpuBqKLZ1M0XYsjOX2O8JCN-4e_EToGIR4dNnT2q_NRJ9JPlyDh0lUWhTaT7QlqG93YN6L9zXvFtD0eBZKPaXIQ6XCdJOGWXOxwdkAhChB21OGAVY_sx89EYzsa6M35uXy9pdevLk7bJHde6o-mK4GaFU8ohCjcRqRRet0Zn0SgQ",
      "e": "AQAB",
      "use": "sig",
      "qi": "I9_L-TPxV2-WOajZlTKarilTqGtJZOEzhUWavsoCsUHzAQgosHNBgSi-vbti-86vSKVm81I68XRZ1onOZLiDE2_kS-TZ4-a9pLHRTpPGqn1XtHzPzFv-OJ7-exFAligIkw-wWN8dvQAIDYSEKc2uW6KMpi4x-gibipVnrIpm9Pg",
      "dp": "j9HcuoLcnrZ9eYDPM6N6HGYme_dHOJPSzbXN9gTwQ7bNicgG1uAuFpapAwEYAjanRG6eBr9lnwNYzhgVPiRdqFZvOoh0xoU4F4-Vdh9iOIKuGr1eT7GbTeOnnx9oKankE2Eqnd7xztU54dYTpNVt97bLH-fbf5Fn1BNYXIiiFjE",
      "alg": "RS256",
      "dq": "Gw_fqJYeq_h7ZaQaw92wOUWwOxcywz8CsLjbrV7lMT58S22TBzerNyKHOu5MCLrHytjsBE7qSkPImoqQ4U0Lws1yeeacUr_e5j94bvsDy0d6PhAy67bG3PcbKgQFkpq8fpqP4a2gNX_PttK-9pbQnFBZ_O90X2EG6oAGTZ7A-M0",
      "n": "n5WXSvWMONXcZ1RPFTm4T9VvBShTQZhTs3m5zzCRFhbyeQbXcqn8XZRTdiu-jD2TVK6wJDV95h1EBJzgHFrx3HANVxK2pfXuBhHnRUyDcXceknqNiDoFXa0TrFDqOklo8yQmiBxSQLfq0Ka_Ra3WgVLObsErCemWcT0YTPCrivJPK9J2xGxdAF2AC9hiHZIX8wEXhX31BsiiK2HawJUrjHvfEgAt_iGw9lI2aTvdNro5fermG_qSByFCRSRvB750C2St4hy4FWtqq_YcgIYkrwgIk78m7aV00ZOQg-WVFR0BZBpYINPtELwrnjmFMIKFDyhQfYiQz2am7jl3ioI0rw"
    }
  ]
}
public_client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "alg": "RS256",
      "n": "n5WXSvWMONXcZ1RPFTm4T9VvBShTQZhTs3m5zzCRFhbyeQbXcqn8XZRTdiu-jD2TVK6wJDV95h1EBJzgHFrx3HANVxK2pfXuBhHnRUyDcXceknqNiDoFXa0TrFDqOklo8yQmiBxSQLfq0Ka_Ra3WgVLObsErCemWcT0YTPCrivJPK9J2xGxdAF2AC9hiHZIX8wEXhX31BsiiK2HawJUrjHvfEgAt_iGw9lI2aTvdNro5fermG_qSByFCRSRvB750C2St4hy4FWtqq_YcgIYkrwgIk78m7aV00ZOQg-WVFR0BZBpYINPtELwrnjmFMIKFDyhQfYiQz2am7jl3ioI0rw"
    }
  ]
}
2022-11-27 17:12:17 SUCCESS
CheckDistinctKeyIdValueInClientJWKs
Distinct 'kid' value in all keys of client_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2022-11-27 17:12:17
CreateEmptyDynamicRegistrationRequest
Created empty dynamic registration request
2022-11-27 17:12:17
AddClientNameToDynamicRegistrationRequest
Added client_name to registration request
client_name
Ristretto Core Conformance Test Dynamic Client One XfEQJlyrYNtJX8H
2022-11-27 17:12:17
AddAuthorizationCodeGrantTypeToDynamicRegistrationRequest
Added 'authorization_code' to 'grant_types'
grant_types
[
  "authorization_code"
]
2022-11-27 17:12:17
AddImplicitGrantTypeToDynamicRegistrationRequest
Added 'implicit' to 'grant_types'
grant_types
[
  "authorization_code",
  "implicit"
]
2022-11-27 17:12:17
AddPublicJwksToDynamicRegistrationRequest
Added client public JWKS to dynamic registration request
dynamic_registration_request
{
  "client_name": "Ristretto Core Conformance Test Dynamic Client One XfEQJlyrYNtJX8H",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "n5WXSvWMONXcZ1RPFTm4T9VvBShTQZhTs3m5zzCRFhbyeQbXcqn8XZRTdiu-jD2TVK6wJDV95h1EBJzgHFrx3HANVxK2pfXuBhHnRUyDcXceknqNiDoFXa0TrFDqOklo8yQmiBxSQLfq0Ka_Ra3WgVLObsErCemWcT0YTPCrivJPK9J2xGxdAF2AC9hiHZIX8wEXhX31BsiiK2HawJUrjHvfEgAt_iGw9lI2aTvdNro5fermG_qSByFCRSRvB750C2St4hy4FWtqq_YcgIYkrwgIk78m7aV00ZOQg-WVFR0BZBpYINPtELwrnjmFMIKFDyhQfYiQz2am7jl3ioI0rw"
      }
    ]
  }
}
2022-11-27 17:12:17
AddTokenEndpointAuthMethodToDynamicRegistrationRequestFromEnvironment
Added token endpoint auth method to dynamic registration request
dynamic_registration_request
{
  "client_name": "Ristretto Core Conformance Test Dynamic Client One XfEQJlyrYNtJX8H",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "n5WXSvWMONXcZ1RPFTm4T9VvBShTQZhTs3m5zzCRFhbyeQbXcqn8XZRTdiu-jD2TVK6wJDV95h1EBJzgHFrx3HANVxK2pfXuBhHnRUyDcXceknqNiDoFXa0TrFDqOklo8yQmiBxSQLfq0Ka_Ra3WgVLObsErCemWcT0YTPCrivJPK9J2xGxdAF2AC9hiHZIX8wEXhX31BsiiK2HawJUrjHvfEgAt_iGw9lI2aTvdNro5fermG_qSByFCRSRvB750C2St4hy4FWtqq_YcgIYkrwgIk78m7aV00ZOQg-WVFR0BZBpYINPtELwrnjmFMIKFDyhQfYiQz2am7jl3ioI0rw"
      }
    ]
  },
  "token_endpoint_auth_method": "client_secret_basic"
}
2022-11-27 17:12:17
AddResponseTypesArrayToDynamicRegistrationRequestFromEnvironment
Added response_types array to dynamic registration request
dynamic_registration_request
{
  "client_name": "Ristretto Core Conformance Test Dynamic Client One XfEQJlyrYNtJX8H",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "n5WXSvWMONXcZ1RPFTm4T9VvBShTQZhTs3m5zzCRFhbyeQbXcqn8XZRTdiu-jD2TVK6wJDV95h1EBJzgHFrx3HANVxK2pfXuBhHnRUyDcXceknqNiDoFXa0TrFDqOklo8yQmiBxSQLfq0Ka_Ra3WgVLObsErCemWcT0YTPCrivJPK9J2xGxdAF2AC9hiHZIX8wEXhX31BsiiK2HawJUrjHvfEgAt_iGw9lI2aTvdNro5fermG_qSByFCRSRvB750C2St4hy4FWtqq_YcgIYkrwgIk78m7aV00ZOQg-WVFR0BZBpYINPtELwrnjmFMIKFDyhQfYiQz2am7jl3ioI0rw"
      }
    ]
  },
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code token"
  ]
}
2022-11-27 17:12:17
AddRedirectUriToDynamicRegistrationRequest
Added redirect_uris array to dynamic registration request
dynamic_registration_request
{
  "client_name": "Ristretto Core Conformance Test Dynamic Client One XfEQJlyrYNtJX8H",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "n5WXSvWMONXcZ1RPFTm4T9VvBShTQZhTs3m5zzCRFhbyeQbXcqn8XZRTdiu-jD2TVK6wJDV95h1EBJzgHFrx3HANVxK2pfXuBhHnRUyDcXceknqNiDoFXa0TrFDqOklo8yQmiBxSQLfq0Ka_Ra3WgVLObsErCemWcT0YTPCrivJPK9J2xGxdAF2AC9hiHZIX8wEXhX31BsiiK2HawJUrjHvfEgAt_iGw9lI2aTvdNro5fermG_qSByFCRSRvB750C2St4hy4FWtqq_YcgIYkrwgIk78m7aV00ZOQg-WVFR0BZBpYINPtELwrnjmFMIKFDyhQfYiQz2am7jl3ioI0rw"
      }
    ]
  },
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code token"
  ],
  "redirect_uris": [
    "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"
  ]
}
2022-11-27 17:12:17
AddContactsToDynamicRegistrationRequest
Added contacts array to dynamic registration request
dynamic_registration_request
{
  "client_name": "Ristretto Core Conformance Test Dynamic Client One XfEQJlyrYNtJX8H",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "n5WXSvWMONXcZ1RPFTm4T9VvBShTQZhTs3m5zzCRFhbyeQbXcqn8XZRTdiu-jD2TVK6wJDV95h1EBJzgHFrx3HANVxK2pfXuBhHnRUyDcXceknqNiDoFXa0TrFDqOklo8yQmiBxSQLfq0Ka_Ra3WgVLObsErCemWcT0YTPCrivJPK9J2xGxdAF2AC9hiHZIX8wEXhX31BsiiK2HawJUrjHvfEgAt_iGw9lI2aTvdNro5fermG_qSByFCRSRvB750C2St4hy4FWtqq_YcgIYkrwgIk78m7aV00ZOQg-WVFR0BZBpYINPtELwrnjmFMIKFDyhQfYiQz2am7jl3ioI0rw"
      }
    ]
  },
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code token"
  ],
  "redirect_uris": [
    "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"
  ],
  "contacts": [
    "certification@oidf.org"
  ]
}
2022-11-27 17:12:17
CallDynamicRegistrationEndpoint
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register
request_method
POST
request_headers
{
  "accept": "application/json",
  "accept-charset": "utf-8",
  "content-type": "application/json",
  "content-length": "766"
}
request_body
{"client_name":"Ristretto Core Conformance Test Dynamic Client One XfEQJlyrYNtJX8H","grant_types":["authorization_code","implicit"],"jwks":{"keys":[{"kty":"RSA","e":"AQAB","use":"sig","alg":"RS256","n":"n5WXSvWMONXcZ1RPFTm4T9VvBShTQZhTs3m5zzCRFhbyeQbXcqn8XZRTdiu-jD2TVK6wJDV95h1EBJzgHFrx3HANVxK2pfXuBhHnRUyDcXceknqNiDoFXa0TrFDqOklo8yQmiBxSQLfq0Ka_Ra3WgVLObsErCemWcT0YTPCrivJPK9J2xGxdAF2AC9hiHZIX8wEXhX31BsiiK2HawJUrjHvfEgAt_iGw9lI2aTvdNro5fermG_qSByFCRSRvB750C2St4hy4FWtqq_YcgIYkrwgIk78m7aV00ZOQg-WVFR0BZBpYINPtELwrnjmFMIKFDyhQfYiQz2am7jl3ioI0rw"}]},"token_endpoint_auth_method":"client_secret_basic","response_types":["code token"],"redirect_uris":["https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"],"contacts":["certification@oidf.org"]}
2022-11-27 17:12:20 RESPONSE
CallDynamicRegistrationEndpoint
HTTP response
response_status_code
201 CREATED
response_status_text
Created
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK87d04087-c212-4b35-9292-3088e6cae987",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c28163839a71351344d1",
  "content-length": "1434",
  "date": "Sun, 27 Nov 2022 17:12:20 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:3whNGREkg17yU2j37W02vQ9c26+B53haB+l/0ooCErg\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:54725591; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d920FFDD8AC2887C6ADACC6FA5B9E3D1C~-1~YAAQBmrcF3yeQIiEAQAAnVYTuggSlY+srA9UCV0R3CN13jMecJbP4VEGXmLNDnOn1LPVpND/wujfdJ4fbQ4uOvf8eW8PoVFVdUmmfELwN5RqkFR4iVXa472lYPIm5w7SAIqpyZS8ANG6QcaPj9LJztIOcrqzINoXlZ4rFzp9LfQYpAs+JTFi925s4gHUQMcvnt6J6Is7qj6ehsv13oHDySpmn2ezKQpbFBCE1JjPS1ypo/z5228mww/Vq+Gs6H/5wV7xodoLYcQINDxswanfNul0Chg0+sqJ64oyp+GkE/YprRWXp7+3wtnHZ8kLnNIMcmewF5C2d7hbO2yXZ6tp+ohuMo4FIgwrf9poD8RCDesZyAClVzcU8ygHhsHcExGvMQ5Y8LE\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 27 Nov 2023 17:12:20 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d5CC8E2F5D7EDFF69B1D9FAFE27E2E630~YAAQBmrcF32eQIiEAQAAnVYTuhG9Ja8LTSIcYOIc5AYtpJE2bp7+1eOmoXNYPHFHR9KcEn97SswavXYplPUmIstzIglpS/7FSxXY03CYQoYAvpCo/kgJFoZsL9dHd9xtkHPxGDromUGolKDxZc2vLYasl3R4pWydE/6Q9/9Nk8/BoUk4ss2T4eJ0N/xtjzzROGCuNPXovkL1jVLCxXac6yXpYQUBQNyT18D9OuUx8W8OUzsM09qTDMnbczZ8pMvK59tQEQumOIquftjxPcwMbpok96F84NHbNVQdZuVnCYBRQhGhLkERhtTBVDkC~3359297~3616816; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dSun, 27 Nov 2022 21:12:17 GMT; Max-Age\u003d14397; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d251",
    "origin; dur\u003d2247"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"all_users_entitled":true,"client_id":"5a8959e0-7c78-423a-b7f0-99918e3435dc","client_id_issued_at":"2022-11-27T17:12:18Z","client_name":"Ristretto Core Conformance Test Dynamic Client One XfEQJlyrYNtJX8H","client_secret":"doJeWyh6o5","client_secret_expires_at":0,"consent_action":"always_prompt","enforce_pkce":false,"grant_types":["authorization_code","implicit"],"id_token_map":[],"id_token_signed_response_alg":"RS256","initiate_login_uri":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com","jwks":{"keys":[{"use":"sig","kty":"RSA","alg":"RS256","n":"n5WXSvWMONXcZ1RPFTm4T9VvBShTQZhTs3m5zzCRFhbyeQbXcqn8XZRTdiu-jD2TVK6wJDV95h1EBJzgHFrx3HANVxK2pfXuBhHnRUyDcXceknqNiDoFXa0TrFDqOklo8yQmiBxSQLfq0Ka_Ra3WgVLObsErCemWcT0YTPCrivJPK9J2xGxdAF2AC9hiHZIX8wEXhX31BsiiK2HawJUrjHvfEgAt_iGw9lI2aTvdNro5fermG_qSByFCRSRvB750C2St4hy4FWtqq_YcgIYkrwgIk78m7aV00ZOQg-WVFR0BZBpYINPtELwrnjmFMIKFDyhQfYiQz2am7jl3ioI0rw","e":"AQAB"}]},"redirect_uris":["https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"],"registration_access_token":"dKA1wb0rgf82u4Ue4Dqysp3PQffkXhLyFHXrKqrNvAQ.bPnSR5lunWyiz2SKo74a_KW4cNbYDkVVU1pGZk-_YravsGjyDxxbesw6n2e2orxqJllIU51VGjzL3GKDj6qoJw.M18xNjY5NTY5MTQwXzE4","registration_client_uri":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register/5a8959e0-7c78-423a-b7f0-99918e3435dc","response_types":["code token"],"token_endpoint_auth_method":"client_secret_basic","token_map":[]}
2022-11-27 17:12:20
CallDynamicRegistrationEndpoint
Parsed registration endpoint response
status
201
endpoint_name
dynamic registration
headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK87d04087-c212-4b35-9292-3088e6cae987",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c28163839a71351344d1",
  "content-length": "1434",
  "date": "Sun, 27 Nov 2022 17:12:20 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:3whNGREkg17yU2j37W02vQ9c26+B53haB+l/0ooCErg\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:54725591; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d920FFDD8AC2887C6ADACC6FA5B9E3D1C~-1~YAAQBmrcF3yeQIiEAQAAnVYTuggSlY+srA9UCV0R3CN13jMecJbP4VEGXmLNDnOn1LPVpND/wujfdJ4fbQ4uOvf8eW8PoVFVdUmmfELwN5RqkFR4iVXa472lYPIm5w7SAIqpyZS8ANG6QcaPj9LJztIOcrqzINoXlZ4rFzp9LfQYpAs+JTFi925s4gHUQMcvnt6J6Is7qj6ehsv13oHDySpmn2ezKQpbFBCE1JjPS1ypo/z5228mww/Vq+Gs6H/5wV7xodoLYcQINDxswanfNul0Chg0+sqJ64oyp+GkE/YprRWXp7+3wtnHZ8kLnNIMcmewF5C2d7hbO2yXZ6tp+ohuMo4FIgwrf9poD8RCDesZyAClVzcU8ygHhsHcExGvMQ5Y8LE\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 27 Nov 2023 17:12:20 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d5CC8E2F5D7EDFF69B1D9FAFE27E2E630~YAAQBmrcF32eQIiEAQAAnVYTuhG9Ja8LTSIcYOIc5AYtpJE2bp7+1eOmoXNYPHFHR9KcEn97SswavXYplPUmIstzIglpS/7FSxXY03CYQoYAvpCo/kgJFoZsL9dHd9xtkHPxGDromUGolKDxZc2vLYasl3R4pWydE/6Q9/9Nk8/BoUk4ss2T4eJ0N/xtjzzROGCuNPXovkL1jVLCxXac6yXpYQUBQNyT18D9OuUx8W8OUzsM09qTDMnbczZ8pMvK59tQEQumOIquftjxPcwMbpok96F84NHbNVQdZuVnCYBRQhGhLkERhtTBVDkC~3359297~3616816; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dSun, 27 Nov 2022 21:12:17 GMT; Max-Age\u003d14397; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d251",
    "origin; dur\u003d2247"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
body
{"all_users_entitled":true,"client_id":"5a8959e0-7c78-423a-b7f0-99918e3435dc","client_id_issued_at":"2022-11-27T17:12:18Z","client_name":"Ristretto Core Conformance Test Dynamic Client One XfEQJlyrYNtJX8H","client_secret":"doJeWyh6o5","client_secret_expires_at":0,"consent_action":"always_prompt","enforce_pkce":false,"grant_types":["authorization_code","implicit"],"id_token_map":[],"id_token_signed_response_alg":"RS256","initiate_login_uri":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com","jwks":{"keys":[{"use":"sig","kty":"RSA","alg":"RS256","n":"n5WXSvWMONXcZ1RPFTm4T9VvBShTQZhTs3m5zzCRFhbyeQbXcqn8XZRTdiu-jD2TVK6wJDV95h1EBJzgHFrx3HANVxK2pfXuBhHnRUyDcXceknqNiDoFXa0TrFDqOklo8yQmiBxSQLfq0Ka_Ra3WgVLObsErCemWcT0YTPCrivJPK9J2xGxdAF2AC9hiHZIX8wEXhX31BsiiK2HawJUrjHvfEgAt_iGw9lI2aTvdNro5fermG_qSByFCRSRvB750C2St4hy4FWtqq_YcgIYkrwgIk78m7aV00ZOQg-WVFR0BZBpYINPtELwrnjmFMIKFDyhQfYiQz2am7jl3ioI0rw","e":"AQAB"}]},"redirect_uris":["https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"],"registration_access_token":"dKA1wb0rgf82u4Ue4Dqysp3PQffkXhLyFHXrKqrNvAQ.bPnSR5lunWyiz2SKo74a_KW4cNbYDkVVU1pGZk-_YravsGjyDxxbesw6n2e2orxqJllIU51VGjzL3GKDj6qoJw.M18xNjY5NTY5MTQwXzE4","registration_client_uri":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register/5a8959e0-7c78-423a-b7f0-99918e3435dc","response_types":["code token"],"token_endpoint_auth_method":"client_secret_basic","token_map":[]}
body_json
{
  "all_users_entitled": true,
  "client_id": "5a8959e0-7c78-423a-b7f0-99918e3435dc",
  "client_id_issued_at": "2022-11-27T17:12:18Z",
  "client_name": "Ristretto Core Conformance Test Dynamic Client One XfEQJlyrYNtJX8H",
  "client_secret": "doJeWyh6o5",
  "client_secret_expires_at": 0,
  "consent_action": "always_prompt",
  "enforce_pkce": false,
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "id_token_map": [],
  "id_token_signed_response_alg": "RS256",
  "initiate_login_uri": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com",
  "jwks": {
    "keys": [
      {
        "use": "sig",
        "kty": "RSA",
        "alg": "RS256",
        "n": "n5WXSvWMONXcZ1RPFTm4T9VvBShTQZhTs3m5zzCRFhbyeQbXcqn8XZRTdiu-jD2TVK6wJDV95h1EBJzgHFrx3HANVxK2pfXuBhHnRUyDcXceknqNiDoFXa0TrFDqOklo8yQmiBxSQLfq0Ka_Ra3WgVLObsErCemWcT0YTPCrivJPK9J2xGxdAF2AC9hiHZIX8wEXhX31BsiiK2HawJUrjHvfEgAt_iGw9lI2aTvdNro5fermG_qSByFCRSRvB750C2St4hy4FWtqq_YcgIYkrwgIk78m7aV00ZOQg-WVFR0BZBpYINPtELwrnjmFMIKFDyhQfYiQz2am7jl3ioI0rw",
        "e": "AQAB"
      }
    ]
  },
  "redirect_uris": [
    "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"
  ],
  "registration_access_token": "dKA1wb0rgf82u4Ue4Dqysp3PQffkXhLyFHXrKqrNvAQ.bPnSR5lunWyiz2SKo74a_KW4cNbYDkVVU1pGZk-_YravsGjyDxxbesw6n2e2orxqJllIU51VGjzL3GKDj6qoJw.M18xNjY5NTY5MTQwXzE4",
  "registration_client_uri": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register/5a8959e0-7c78-423a-b7f0-99918e3435dc",
  "response_types": [
    "code token"
  ],
  "token_endpoint_auth_method": "client_secret_basic",
  "token_map": []
}
2022-11-27 17:12:20 SUCCESS
EnsureContentTypeJson
endpoint_response Content-Type: header is application/json
2022-11-27 17:12:20 SUCCESS
EnsureHttpStatusCodeIs201
dynamic registration endpoint returned the expected http status
expected_status
201
http_status
201
2022-11-27 17:12:20 SUCCESS
CheckNoErrorFromDynamicRegistrationEndpoint
Dynamic registration endpoint did not return an error.
2022-11-27 17:12:20 SUCCESS
ExtractDynamicRegistrationResponse
Extracted client from dynamic registration response
client_id
5a8959e0-7c78-423a-b7f0-99918e3435dc
2022-11-27 17:12:20 SUCCESS
VerifyClientManagementCredentials
Verified dynamic registration management credentials
registration_client_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register/5a8959e0-7c78-423a-b7f0-99918e3435dc
registration_access_token
dKA1wb0rgf82u4Ue4Dqysp3PQffkXhLyFHXrKqrNvAQ.bPnSR5lunWyiz2SKo74a_KW4cNbYDkVVU1pGZk-_YravsGjyDxxbesw6n2e2orxqJllIU51VGjzL3GKDj6qoJw.M18xNjY5NTY5MTQwXzE4
2022-11-27 17:12:20
SetScopeInClientConfigurationToOpenId
Set scope in client configuration to "openid"
scope
openid
2022-11-27 17:12:20 SUCCESS
EnsureServerConfigurationSupportsClientSecretBasic
Contents of 'token_endpoint_auth_methods_supported' in discovery document matches expectations.
actual
[
  "client_secret_basic",
  "client_secret_post",
  "private_key_jwt",
  "tls_client_auth"
]
expected
[
  "client_secret_basic"
]
minimum_matches_required
1
2022-11-27 17:12:20
SetScopeInClientConfigurationToOpenIdProfile
Set scope in client configuration to "openid profile"
scope
openid profile
2022-11-27 17:12:20 SUCCESS
OIDCCCheckScopesSupportedContainScopeTest
'scopes_supported' in discovery document contain expected scopes
actual
[
  "openid",
  "profile",
  "email",
  "phone",
  "address"
]
expected
openid profile
2022-11-27 17:12:20 SUCCESS
SetProtectedResourceUrlToUserInfoEndpoint
userinfo_endpoint will be used to test access token. The user info is not a mandatory to implement feature in the OpenID Connect specification, but is mandatory for certification.
protected_resource_url
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/userinfo
2022-11-27 17:12:20
oidcc-scope-profile
Setup Done
Make request to authorization endpoint
2022-11-27 17:12:20 SUCCESS
CreateAuthorizationEndpointRequestFromClientInformation
Created authorization endpoint request
client_id
5a8959e0-7c78-423a-b7f0-99918e3435dc
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
scope
openid profile
2022-11-27 17:12:20
CreateRandomStateValue
Created state value
requested_state_length
10
state
zpXOqfshno
2022-11-27 17:12:20 SUCCESS
AddStateToAuthorizationEndpointRequest
Added state parameter to request
client_id
5a8959e0-7c78-423a-b7f0-99918e3435dc
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
scope
openid profile
state
zpXOqfshno
2022-11-27 17:12:20
CreateRandomNonceValue
Created nonce value
requested_nonce_length
10
nonce
XDDKCTLCZ0
2022-11-27 17:12:20 SUCCESS
AddNonceToAuthorizationEndpointRequest
Added nonce parameter to request
client_id
5a8959e0-7c78-423a-b7f0-99918e3435dc
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
scope
openid profile
state
zpXOqfshno
nonce
XDDKCTLCZ0
2022-11-27 17:12:20 SUCCESS
SetAuthorizationEndpointRequestResponseTypeFromEnvironment
Added response_type parameter to request
client_id
5a8959e0-7c78-423a-b7f0-99918e3435dc
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
scope
openid profile
state
zpXOqfshno
nonce
XDDKCTLCZ0
response_type
code token
2022-11-27 17:12:20 SUCCESS
BuildPlainRedirectToAuthorizationEndpoint
Sending to authorization endpoint
auth_request
{
  "client_id": "5a8959e0-7c78-423a-b7f0-99918e3435dc",
  "redirect_uri": "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback",
  "scope": "openid profile",
  "state": "zpXOqfshno",
  "nonce": "XDDKCTLCZ0",
  "response_type": "code token"
}
redirect_to_authorization_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/authorize?client_id=5a8959e0-7c78-423a-b7f0-99918e3435dc&redirect_uri=https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback&scope=openid%20profile&state=zpXOqfshno&nonce=XDDKCTLCZ0&response_type=code%20token
2022-11-27 17:12:20 REDIRECT
oidcc-scope-profile
Redirecting to authorization endpoint
redirect_to
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/authorize?client_id=5a8959e0-7c78-423a-b7f0-99918e3435dc&redirect_uri=https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback&scope=openid%20profile&state=zpXOqfshno&nonce=XDDKCTLCZ0&response_type=code%20token
2022-11-27 17:13:41 INCOMING
oidcc-scope-profile
Incoming HTTP request to /test/a/isv_op_oidc_core_test/callback
incoming_headers
{
  "host": "www.certification.openid.net",
  "cache-control": "max-age\u003d0",
  "upgrade-insecure-requests": "1",
  "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,image/avif,image/webp,image/apng,*/*;q\u003d0.8,application/signed-exchange;v\u003db3;q\u003d0.9",
  "sec-fetch-site": "cross-site",
  "sec-fetch-mode": "navigate",
  "sec-fetch-user": "?1",
  "sec-fetch-dest": "document",
  "sec-ch-ua": "\"Google Chrome\";v\u003d\"107\", \"Chromium\";v\u003d\"107\", \"Not\u003dA?Brand\";v\u003d\"24\"",
  "sec-ch-ua-mobile": "?0",
  "sec-ch-ua-platform": "\"Windows\"",
  "referer": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-US,en;q\u003d0.9,zh-CN;q\u003d0.8,zh;q\u003d0.7",
  "cookie": "__utmz\u003d201319536.1668662898.14.3.utmcsr\u003dcertification.openid.net|utmccn\u003d(referral)|utmcmd\u003dreferral|utmcct\u003d/; __utmc\u003d201319536; __utma\u003d201319536.1094656506.1667372526.1669169819.1669192421.17; JSESSIONID\u003dA99EA218D2554846F38BDDE459E8C220",
  "connection": "close"
}
incoming_path
/test/a/isv_op_oidc_core_test/callback
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cert
incoming_query_string_params
{}
incoming_body
incoming_tls_chain
[
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL"
]
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_body_json
2022-11-27 17:13:41 SUCCESS
CreateRandomImplicitSubmitUrl
Created random implicit submission URL
implicit_submit
{
  "path": "implicit/XXN5I6MHMd66JAlFS7jt",
  "fullUrl": "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/implicit/XXN5I6MHMd66JAlFS7jt"
}
2022-11-27 17:13:41 OUTGOING
oidcc-scope-profile
Response to HTTP request to test instance XfEQJlyrYNtJX8H
outgoing
ModelAndView [view="implicitCallback"; model={implicitSubmitUrl=https://www.certification.openid.net/test/a/isv_op_oidc_core_test/implicit/XXN5I6MHMd66JAlFS7jt, returnUrl=/log-detail.html?log=XfEQJlyrYNtJX8H}]
outgoing_path
callback
2022-11-27 17:13:42 INCOMING
oidcc-scope-profile
Incoming HTTP request to /test/a/isv_op_oidc_core_test/implicit/XXN5I6MHMd66JAlFS7jt
incoming_headers
{
  "host": "www.certification.openid.net",
  "sec-ch-ua": "\"Google Chrome\";v\u003d\"107\", \"Chromium\";v\u003d\"107\", \"Not\u003dA?Brand\";v\u003d\"24\"",
  "accept": "*/*",
  "content-type": "text/plain",
  "x-requested-with": "XMLHttpRequest",
  "sec-ch-ua-mobile": "?0",
  "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36",
  "sec-ch-ua-platform": "\"Windows\"",
  "origin": "https://www.certification.openid.net",
  "sec-fetch-site": "same-origin",
  "sec-fetch-mode": "cors",
  "sec-fetch-dest": "empty",
  "referer": "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-US,en;q\u003d0.9,zh-CN;q\u003d0.8,zh;q\u003d0.7",
  "cookie": "__utmz\u003d201319536.1668662898.14.3.utmcsr\u003dcertification.openid.net|utmccn\u003d(referral)|utmcmd\u003dreferral|utmcct\u003d/; __utmc\u003d201319536; __utma\u003d201319536.1094656506.1667372526.1669169819.1669192421.17; JSESSIONID\u003dA99EA218D2554846F38BDDE459E8C220",
  "connection": "close",
  "content-length": "449"
}
incoming_path
/test/a/isv_op_oidc_core_test/implicit/XXN5I6MHMd66JAlFS7jt
incoming_body_form_params
incoming_method
POST
incoming_tls_version
TLSv1.2
incoming_tls_cert
incoming_query_string_params
{}
incoming_body
#access_token=-NF452mVKx_OlNgNv_3D-KJEGOYfn1-r99GhIM-Sio8.7z6oJzB0sI-uo6YcXnGxQFDq_CpdwV0MynEHdUwmPU52v_i6KyzX4FAEmi8xR3jyYuVM8v92dkzhjCEeDVytbg.M18xNjY5NTY5MjIxXzE4&code=1jF74RLcttRPEMKvkL_CI1cCOFj3eBN1WZP0tfSD4yA.34g1hye9dAYlkEVo08dVw-19nkqIVN58NIiRDSLFxN9iy4m38GT1u-CgiCOdYzmLNHf--DoBHJo4ggrr1LVvDg&expires_in=7199&iss=https%3A%2F%2Foidc-conformance.rel.verify.ibmcloudsecurity.com%2Foauth2&scope=openid+profile&state=zpXOqfshno&token_type=bearer
incoming_tls_chain
[
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL"
]
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_body_json
2022-11-27 17:13:42 OUTGOING
oidcc-scope-profile
Response to HTTP request to test instance XfEQJlyrYNtJX8H
outgoing_status_code
204
outgoing_headers
{}
outgoing_body

                                
outgoing_path
implicit/XXN5I6MHMd66JAlFS7jt
2022-11-27 17:13:42
ExtractImplicitHashToCallbackResponse
Extracted response from URL fragment
parameters
[
  {
    "name": "access_token",
    "value": "-NF452mVKx_OlNgNv_3D-KJEGOYfn1-r99GhIM-Sio8.7z6oJzB0sI-uo6YcXnGxQFDq_CpdwV0MynEHdUwmPU52v_i6KyzX4FAEmi8xR3jyYuVM8v92dkzhjCEeDVytbg.M18xNjY5NTY5MjIxXzE4"
  },
  {
    "name": "code",
    "value": "1jF74RLcttRPEMKvkL_CI1cCOFj3eBN1WZP0tfSD4yA.34g1hye9dAYlkEVo08dVw-19nkqIVN58NIiRDSLFxN9iy4m38GT1u-CgiCOdYzmLNHf--DoBHJo4ggrr1LVvDg"
  },
  {
    "name": "expires_in",
    "value": "7199"
  },
  {
    "name": "iss",
    "value": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2"
  },
  {
    "name": "scope",
    "value": "openid profile"
  },
  {
    "name": "state",
    "value": "zpXOqfshno"
  },
  {
    "name": "token_type",
    "value": "bearer"
  }
]
2022-11-27 17:13:42 SUCCESS
ExtractImplicitHashToCallbackResponse
Extracted the hash values
access_token
-NF452mVKx_OlNgNv_3D-KJEGOYfn1-r99GhIM-Sio8.7z6oJzB0sI-uo6YcXnGxQFDq_CpdwV0MynEHdUwmPU52v_i6KyzX4FAEmi8xR3jyYuVM8v92dkzhjCEeDVytbg.M18xNjY5NTY5MjIxXzE4
code
1jF74RLcttRPEMKvkL_CI1cCOFj3eBN1WZP0tfSD4yA.34g1hye9dAYlkEVo08dVw-19nkqIVN58NIiRDSLFxN9iy4m38GT1u-CgiCOdYzmLNHf--DoBHJo4ggrr1LVvDg
expires_in
7199
iss
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2
scope
openid profile
state
zpXOqfshno
token_type
bearer
2022-11-27 17:13:42 REDIRECT-IN
oidcc-scope-profile
Authorization endpoint response captured
url_query
{}
headers
{
  "host": "www.certification.openid.net",
  "cache-control": "max-age\u003d0",
  "upgrade-insecure-requests": "1",
  "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,image/avif,image/webp,image/apng,*/*;q\u003d0.8,application/signed-exchange;v\u003db3;q\u003d0.9",
  "sec-fetch-site": "cross-site",
  "sec-fetch-mode": "navigate",
  "sec-fetch-user": "?1",
  "sec-fetch-dest": "document",
  "sec-ch-ua": "\"Google Chrome\";v\u003d\"107\", \"Chromium\";v\u003d\"107\", \"Not\u003dA?Brand\";v\u003d\"24\"",
  "sec-ch-ua-mobile": "?0",
  "sec-ch-ua-platform": "\"Windows\"",
  "referer": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-US,en;q\u003d0.9,zh-CN;q\u003d0.8,zh;q\u003d0.7",
  "cookie": "__utmz\u003d201319536.1668662898.14.3.utmcsr\u003dcertification.openid.net|utmccn\u003d(referral)|utmcmd\u003dreferral|utmcct\u003d/; __utmc\u003d201319536; __utma\u003d201319536.1094656506.1667372526.1669169819.1669192421.17; JSESSIONID\u003dA99EA218D2554846F38BDDE459E8C220",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "x-forwarded-proto": "https",
  "x-forwarded-port": "443",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
http_method
GET
url_fragment
{
  "access_token": "-NF452mVKx_OlNgNv_3D-KJEGOYfn1-r99GhIM-Sio8.7z6oJzB0sI-uo6YcXnGxQFDq_CpdwV0MynEHdUwmPU52v_i6KyzX4FAEmi8xR3jyYuVM8v92dkzhjCEeDVytbg.M18xNjY5NTY5MjIxXzE4",
  "code": "1jF74RLcttRPEMKvkL_CI1cCOFj3eBN1WZP0tfSD4yA.34g1hye9dAYlkEVo08dVw-19nkqIVN58NIiRDSLFxN9iy4m38GT1u-CgiCOdYzmLNHf--DoBHJo4ggrr1LVvDg",
  "expires_in": "7199",
  "iss": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "scope": "openid profile",
  "state": "zpXOqfshno",
  "token_type": "bearer"
}
post_body
Verify authorization endpoint response
2022-11-27 17:13:42 SUCCESS
RejectAuthCodeInUrlQuery
Authorization code is not present in URL query returned from authorization endpoint
2022-11-27 17:13:42 SUCCESS
RejectErrorInUrlQuery
'error' is not present in URL query returned from authorization endpoint
2022-11-27 17:13:42 SUCCESS
CheckMatchingCallbackParameters
Callback parameters successfully verified
2022-11-27 17:13:42 SUCCESS
ValidateIssInAuthorizationResponse
'iss' parameter in authorization response matches server's issuer value.
2022-11-27 17:13:42 SUCCESS
CheckIfAuthorizationEndpointError
No error from authorization endpoint
2022-11-27 17:13:42 SUCCESS
CheckStateInAuthorizationResponse
State in response correctly returned
state
zpXOqfshno
2022-11-27 17:13:42 SUCCESS
ExtractAuthorizationCodeFromAuthorizationResponse
Found authorization code
code
1jF74RLcttRPEMKvkL_CI1cCOFj3eBN1WZP0tfSD4yA.34g1hye9dAYlkEVo08dVw-19nkqIVN58NIiRDSLFxN9iy4m38GT1u-CgiCOdYzmLNHf--DoBHJo4ggrr1LVvDg
2022-11-27 17:13:42 SUCCESS
ExtractAccessTokenFromAuthorizationResponse
Extracted the access token
value
-NF452mVKx_OlNgNv_3D-KJEGOYfn1-r99GhIM-Sio8.7z6oJzB0sI-uo6YcXnGxQFDq_CpdwV0MynEHdUwmPU52v_i6KyzX4FAEmi8xR3jyYuVM8v92dkzhjCEeDVytbg.M18xNjY5NTY5MjIxXzE4
type
bearer
Userinfo endpoint tests
2022-11-27 17:13:42
CallProtectedResource
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/userinfo
request_method
GET
request_headers
{
  "accept": "application/json",
  "authorization": "bearer -NF452mVKx_OlNgNv_3D-KJEGOYfn1-r99GhIM-Sio8.7z6oJzB0sI-uo6YcXnGxQFDq_CpdwV0MynEHdUwmPU52v_i6KyzX4FAEmi8xR3jyYuVM8v92dkzhjCEeDVytbg.M18xNjY5NTY5MjIxXzE4",
  "content-length": "0"
}
request_body

                                
2022-11-27 17:13:42 RESPONSE
CallProtectedResource
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AKc859a568-6968-4912-a3d6-0109d19e416a",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c28163839ac607ac2c33",
  "content-length": "890",
  "date": "Sun, 27 Nov 2022 17:13:42 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:gQbHliX1uwsExuX37f4HKtgEcbFi2gmnIhNiV8jF5rA\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:61017047; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d2009F77A95212D18A4B2462797D9B6C1~-1~YAAQEmrcF2vEsX+EAQAAspgUugjuIilx5DPsefj3mxclqUthvNYVQyC5+GxybTTG69igZ08O5QJX+Ael7Qi+OB9iKhQPTjXsuqr8Ub+kQ3xGSmWO5os5om/cdB1bdAni5YjeDeN35VnhZ+KNXwp8EoZSaZB4sUaLx/B/FTX/12X7oFPcLuASvb/AzDpIH3IhsW8Nz+tKXed5ku2Z9If2OLdiMlLNsTd3dWQzfV/PMF/FRDmiI12k914HSbJN7zDcu4v9nwK/2fKQat46672GuwmfbMSnQvc+nvFmmi0QvXWmvpquVd0KfR/LzMeYeb+Y4r3/teUlBqD6lkYQ7ovK0CepzGBukTcsEbEs0IQF1Zd6L6UHP1UNzMJx2cKYVGLzsp6E0K4\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 27 Nov 2023 17:13:42 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003dB6ADF0A69B64280FEB59191EED22E252~YAAQEmrcF2zEsX+EAQAAspgUuhGMjJZxKRdeuiO2/l4HHu3H2S1HIbnPuKghj0UBPxIa8NpVKtIRT5y8e+2EnG1Eg9JGsvIYhYfCjtuvUX+TTEtVKKV5wGGcL2M6fAZHXWTvkm9kHCSOknIZd9FLTIxmb22kTlf4n1Nu2J2hXgBiMnxprPtJ0ds+DwvMrzOH/SznkDteJPE2/U/HhAiuyI4PetOe13h98ZY/JcB20nwMamLkHHYyhcWoD3ARGF+mhbN6rha/RRKMLW84N9GtdFzxNFghLtd+SHzTV0EfPo4r/HlTGSo+oLzUvxUl~4538949~3225157; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dSun, 27 Nov 2022 21:13:42 GMT; Max-Age\u003d14400; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d95",
    "origin; dur\u003d226"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"acr":"1","address":{"address":{"country":"US","locality":"Los Angeles","postal_code":"90210","region":"CA","street_address":"1234 Hollywood Blvd."},"phone_number":"+1 (310) 123-4567"},"amr":["password"],"aud":["5a8959e0-7c78-423a-b7f0-99918e3435dc"],"auth_time":1669568408,"birthdate":"2022-11-23","email":"test@ibm.com","email_verified":true,"family_name":"Dev","gender":"Male","given_name":"ISV","iss":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2","locale":"en-US","middle_name":"MiddleName","name":"ISV Dev","nickname":"nickname","phone_number":"123456789","phone_number_verified":true,"picture":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com","preferred_username":"isvdev@ibm.com","profile":"End-User","rat":1669569218,"realmName":"cloudIdentityRealm","sub":"6160017N67","updated_at":1669172854,"website":"www.ibm.com","zoneinfo":"America/Los_Angeles"}
2022-11-27 17:13:42 SUCCESS
CallProtectedResource
Got a response from the resource endpoint
status
200
endpoint_name
resource
headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AKc859a568-6968-4912-a3d6-0109d19e416a",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c28163839ac607ac2c33",
  "content-length": "890",
  "date": "Sun, 27 Nov 2022 17:13:42 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:gQbHliX1uwsExuX37f4HKtgEcbFi2gmnIhNiV8jF5rA\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:61017047; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d2009F77A95212D18A4B2462797D9B6C1~-1~YAAQEmrcF2vEsX+EAQAAspgUugjuIilx5DPsefj3mxclqUthvNYVQyC5+GxybTTG69igZ08O5QJX+Ael7Qi+OB9iKhQPTjXsuqr8Ub+kQ3xGSmWO5os5om/cdB1bdAni5YjeDeN35VnhZ+KNXwp8EoZSaZB4sUaLx/B/FTX/12X7oFPcLuASvb/AzDpIH3IhsW8Nz+tKXed5ku2Z9If2OLdiMlLNsTd3dWQzfV/PMF/FRDmiI12k914HSbJN7zDcu4v9nwK/2fKQat46672GuwmfbMSnQvc+nvFmmi0QvXWmvpquVd0KfR/LzMeYeb+Y4r3/teUlBqD6lkYQ7ovK0CepzGBukTcsEbEs0IQF1Zd6L6UHP1UNzMJx2cKYVGLzsp6E0K4\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 27 Nov 2023 17:13:42 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003dB6ADF0A69B64280FEB59191EED22E252~YAAQEmrcF2zEsX+EAQAAspgUuhGMjJZxKRdeuiO2/l4HHu3H2S1HIbnPuKghj0UBPxIa8NpVKtIRT5y8e+2EnG1Eg9JGsvIYhYfCjtuvUX+TTEtVKKV5wGGcL2M6fAZHXWTvkm9kHCSOknIZd9FLTIxmb22kTlf4n1Nu2J2hXgBiMnxprPtJ0ds+DwvMrzOH/SznkDteJPE2/U/HhAiuyI4PetOe13h98ZY/JcB20nwMamLkHHYyhcWoD3ARGF+mhbN6rha/RRKMLW84N9GtdFzxNFghLtd+SHzTV0EfPo4r/HlTGSo+oLzUvxUl~4538949~3225157; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dSun, 27 Nov 2022 21:13:42 GMT; Max-Age\u003d14400; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d95",
    "origin; dur\u003d226"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
body
{"acr":"1","address":{"address":{"country":"US","locality":"Los Angeles","postal_code":"90210","region":"CA","street_address":"1234 Hollywood Blvd."},"phone_number":"+1 (310) 123-4567"},"amr":["password"],"aud":["5a8959e0-7c78-423a-b7f0-99918e3435dc"],"auth_time":1669568408,"birthdate":"2022-11-23","email":"test@ibm.com","email_verified":true,"family_name":"Dev","gender":"Male","given_name":"ISV","iss":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2","locale":"en-US","middle_name":"MiddleName","name":"ISV Dev","nickname":"nickname","phone_number":"123456789","phone_number_verified":true,"picture":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com","preferred_username":"isvdev@ibm.com","profile":"End-User","rat":1669569218,"realmName":"cloudIdentityRealm","sub":"6160017N67","updated_at":1669172854,"website":"www.ibm.com","zoneinfo":"America/Los_Angeles"}
2022-11-27 17:13:42 SUCCESS
EnsureHttpStatusCodeIs200
resource endpoint returned the expected http status
expected_status
200
http_status
200
2022-11-27 17:13:42 SUCCESS
CreateTokenEndpointRequestForAuthorizationCodeGrant
Created token endpoint request
grant_type
authorization_code
code
1jF74RLcttRPEMKvkL_CI1cCOFj3eBN1WZP0tfSD4yA.34g1hye9dAYlkEVo08dVw-19nkqIVN58NIiRDSLFxN9iy4m38GT1u-CgiCOdYzmLNHf--DoBHJo4ggrr1LVvDg
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
2022-11-27 17:13:42 SUCCESS
AddBasicAuthClientSecretAuthenticationParameters
Added basic authorization header
Authorization
Basic NWE4OTU5ZTAtN2M3OC00MjNhLWI3ZjAtOTk5MThlMzQzNWRjOmRvSmVXeWg2bzU=
2022-11-27 17:13:42
CallTokenEndpoint
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/token
request_method
POST
request_headers
{
  "accept": "application/json",
  "authorization": "Basic NWE4OTU5ZTAtN2M3OC00MjNhLWI3ZjAtOTk5MThlMzQzNWRjOmRvSmVXeWg2bzU\u003d",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "267"
}
request_body
grant_type=authorization_code&code=1jF74RLcttRPEMKvkL_CI1cCOFj3eBN1WZP0tfSD4yA.34g1hye9dAYlkEVo08dVw-19nkqIVN58NIiRDSLFxN9iy4m38GT1u-CgiCOdYzmLNHf--DoBHJo4ggrr1LVvDg&redirect_uri=https%3A%2F%2Fwww.certification.openid.net%2Ftest%2Fa%2Fisv_op_oidc_core_test%2Fcallback
2022-11-27 17:13:43 RESPONSE
CallTokenEndpoint
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK1c141d3a-0924-4b75-aea6-a6a2840f5857",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c28163839ac710d125d9",
  "content-length": "2044",
  "date": "Sun, 27 Nov 2022 17:13:43 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:VRcm3o4YIrurvYDqgfdXvTrm9V9n0r4dZyO9SdeIiNo\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:57871319; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003dAD38AC202112FE096B07016A4616CBBD~-1~YAAQEmrcF4HEsX+EAQAAM5oUughfG7lwMkk1xZM787YPygXo9XKOGJs+UWAHX6o9kFeRwTd0gMbV/7W+knlD0NrFdjiraQxSJlRTcZ3QyI2ABp3WLjUeTTx9K6Hihhxd7cmOw0/g6UWB35Zegluuf5Lor+y3CPS52nTaofB3RhYxNyzz7cPC8lju2HAZBjvqem5zssu0sJnQBJPDmkBbUUBDIe1DjNDozSS30k8lhh5nl+uOY/wF24dSMUIlRoDHY5yL1IClTNOziubmygG40xYUU7iBr7w97OjvFwf4gCBWFjLdFosoHwDxwvtOoHNoYs4VdKbqu9reqA3kOPbh/9uh0gXxujgtTrHCWH1ylKlmssLROjIGh1oaFsBBEi/8FWmFOaE\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 27 Nov 2023 17:13:43 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003dE114EBF3542A0D9C4C7F5339A9BC7551~YAAQEmrcF4LEsX+EAQAAM5oUuhEbfSbKw3icprRCil9MVpjH2SsXiiBQfwibfxu2cxB37mhwJrR7LsxBK/oFwiJfJtbAuE3tuuxe22ZZ383W9yf18lRxlDjQunydCV8LI69msqQwl0hXKubyVw51/NRq5UjvrSCatkdOUUsA0sg6Mmn0LcXf9hgcq1KSXxxZHzugvd8r8dinStYPqJO38PpUXthCKVa9M1jVZRG+l/NJO6BE1eT5g/bnC2wSGx7WtzsuWQaOrWGlV484P7DxufHqjJbGb5sFZmTd8JyVmH2b3Qdftu8BYYKu0BRh~4538949~3225157; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dSun, 27 Nov 2022 21:13:42 GMT; Max-Age\u003d14399; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d85",
    "origin; dur\u003d181"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"access_token":"Tn2Yof_IURlV_qMOcSlEpf-ZxPVHLRVHKhHUQYAneDM.SAfwpvaBSfK8CYavZXNoBlinAIyP9YwwEpUH6NuJbFH3nzCTimGmauik8V9MrNYwECipsQzOQHq19ddzZFSgfg.M18xNjY5NTY5MjIzXzE4","expires_in":7199,"id_token":"eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiIxIiwiYWRkcmVzcyI6eyJhZGRyZXNzIjp7ImNvdW50cnkiOiJVUyIsImxvY2FsaXR5IjoiTG9zIEFuZ2VsZXMiLCJwb3N0YWxfY29kZSI6IjkwMjEwIiwicmVnaW9uIjoiQ0EiLCJzdHJlZXRfYWRkcmVzcyI6IjEyMzQgSG9sbHl3b29kIEJsdmQuIn0sInBob25lX251bWJlciI6IisxICgzMTApIDEyMy00NTY3In0sImFtciI6WyJwYXNzd29yZCJdLCJhdF9oYXNoIjoiTTgtRnVGOVdqQXN2Ql9PalpOUjFzdyIsImF1ZCI6WyI1YTg5NTllMC03Yzc4LTQyM2EtYjdmMC05OTkxOGUzNDM1ZGMiXSwiYXV0aF90aW1lIjoxNjY5NTY4NDA4LCJiaXJ0aGRhdGUiOiIyMDIyLTExLTIzIiwiZW1haWwiOiJ0ZXN0QGlibS5jb20iLCJlbWFpbF92ZXJpZmllZCI6dHJ1ZSwiZXhwIjoxNjY5NTc2NDIzLCJmYW1pbHlfbmFtZSI6IkRldiIsImdlbmRlciI6Ik1hbGUiLCJnaXZlbl9uYW1lIjoiSVNWIiwiaWF0IjoxNjY5NTY5MjIzLCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiI1MGU1MWFlNi00NjJlLTQ2ZDEtODZmNC0yZGVmYjMyNDQ4MTAiLCJsb2NhbGUiOiJlbi1VUyIsIm1pZGRsZV9uYW1lIjoiTWlkZGxlTmFtZSIsIm5hbWUiOiJJU1YgRGV2Iiwibmlja25hbWUiOiJuaWNrbmFtZSIsIm5vbmNlIjoiWERES0NUTENaMCIsInBob25lX251bWJlciI6IjEyMzQ1Njc4OSIsInBob25lX251bWJlcl92ZXJpZmllZCI6dHJ1ZSwicGljdHVyZSI6Imh0dHBzOi8vb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tIiwicHJlZmVycmVkX3VzZXJuYW1lIjoiaXN2ZGV2QGlibS5jb20iLCJwcm9maWxlIjoiRW5kLVVzZXIiLCJyYXQiOjE2Njk1NjkyMTgsInJlYWxtTmFtZSI6ImNsb3VkSWRlbnRpdHlSZWFsbSIsInNfaGFzaCI6IjlqU0tDNXU0YVlaQVdtYW1QQk5XNGciLCJzdWIiOiI2MTYwMDE3TjY3IiwidXBkYXRlZF9hdCI6MTY2OTE3Mjg1NCwid2Vic2l0ZSI6Ind3dy5pYm0uY29tIiwiem9uZWluZm8iOiJBbWVyaWNhL0xvc19BbmdlbGVzIn0.ilaplfeIZ3KCx5Hq2EXrJfJY5SfaCJFa16JYPLfcjxD3tyIbKc9h0gw-_yVoiGETl847cR1NSz0W4zM0lzupE2SJXONgJieTKODiErEeDGeSGQKiqNgr8riUHdIFPbhnVCyrQlFXAq7s7TRB27SFFyp5AC2psVMOEmM6rzcZQS-_wsBMZNHUCh9_o-wC_PMLlhZEB6TIAZJ7UDiFdgnV1ySNnK-ss93NdpBJoRQqlpSAwTzGiUPnHIc4pjrJDxtOTw7oMt9P6BbzXT9AaKBc3LCpF8kwU9saCVS79zgab0FYnYTv7tenUXL8d2gYQfO_oPw2e3nxXuPUy82CCewjqg","scope":"openid profile","token_type":"bearer"}
2022-11-27 17:13:43 SUCCESS
CallTokenEndpoint
Parsed token endpoint response
access_token
Tn2Yof_IURlV_qMOcSlEpf-ZxPVHLRVHKhHUQYAneDM.SAfwpvaBSfK8CYavZXNoBlinAIyP9YwwEpUH6NuJbFH3nzCTimGmauik8V9MrNYwECipsQzOQHq19ddzZFSgfg.M18xNjY5NTY5MjIzXzE4
expires_in
7199
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiIxIiwiYWRkcmVzcyI6eyJhZGRyZXNzIjp7ImNvdW50cnkiOiJVUyIsImxvY2FsaXR5IjoiTG9zIEFuZ2VsZXMiLCJwb3N0YWxfY29kZSI6IjkwMjEwIiwicmVnaW9uIjoiQ0EiLCJzdHJlZXRfYWRkcmVzcyI6IjEyMzQgSG9sbHl3b29kIEJsdmQuIn0sInBob25lX251bWJlciI6IisxICgzMTApIDEyMy00NTY3In0sImFtciI6WyJwYXNzd29yZCJdLCJhdF9oYXNoIjoiTTgtRnVGOVdqQXN2Ql9PalpOUjFzdyIsImF1ZCI6WyI1YTg5NTllMC03Yzc4LTQyM2EtYjdmMC05OTkxOGUzNDM1ZGMiXSwiYXV0aF90aW1lIjoxNjY5NTY4NDA4LCJiaXJ0aGRhdGUiOiIyMDIyLTExLTIzIiwiZW1haWwiOiJ0ZXN0QGlibS5jb20iLCJlbWFpbF92ZXJpZmllZCI6dHJ1ZSwiZXhwIjoxNjY5NTc2NDIzLCJmYW1pbHlfbmFtZSI6IkRldiIsImdlbmRlciI6Ik1hbGUiLCJnaXZlbl9uYW1lIjoiSVNWIiwiaWF0IjoxNjY5NTY5MjIzLCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiI1MGU1MWFlNi00NjJlLTQ2ZDEtODZmNC0yZGVmYjMyNDQ4MTAiLCJsb2NhbGUiOiJlbi1VUyIsIm1pZGRsZV9uYW1lIjoiTWlkZGxlTmFtZSIsIm5hbWUiOiJJU1YgRGV2Iiwibmlja25hbWUiOiJuaWNrbmFtZSIsIm5vbmNlIjoiWERES0NUTENaMCIsInBob25lX251bWJlciI6IjEyMzQ1Njc4OSIsInBob25lX251bWJlcl92ZXJpZmllZCI6dHJ1ZSwicGljdHVyZSI6Imh0dHBzOi8vb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tIiwicHJlZmVycmVkX3VzZXJuYW1lIjoiaXN2ZGV2QGlibS5jb20iLCJwcm9maWxlIjoiRW5kLVVzZXIiLCJyYXQiOjE2Njk1NjkyMTgsInJlYWxtTmFtZSI6ImNsb3VkSWRlbnRpdHlSZWFsbSIsInNfaGFzaCI6IjlqU0tDNXU0YVlaQVdtYW1QQk5XNGciLCJzdWIiOiI2MTYwMDE3TjY3IiwidXBkYXRlZF9hdCI6MTY2OTE3Mjg1NCwid2Vic2l0ZSI6Ind3dy5pYm0uY29tIiwiem9uZWluZm8iOiJBbWVyaWNhL0xvc19BbmdlbGVzIn0.ilaplfeIZ3KCx5Hq2EXrJfJY5SfaCJFa16JYPLfcjxD3tyIbKc9h0gw-_yVoiGETl847cR1NSz0W4zM0lzupE2SJXONgJieTKODiErEeDGeSGQKiqNgr8riUHdIFPbhnVCyrQlFXAq7s7TRB27SFFyp5AC2psVMOEmM6rzcZQS-_wsBMZNHUCh9_o-wC_PMLlhZEB6TIAZJ7UDiFdgnV1ySNnK-ss93NdpBJoRQqlpSAwTzGiUPnHIc4pjrJDxtOTw7oMt9P6BbzXT9AaKBc3LCpF8kwU9saCVS79zgab0FYnYTv7tenUXL8d2gYQfO_oPw2e3nxXuPUy82CCewjqg
scope
openid profile
token_type
bearer
2022-11-27 17:13:43 SUCCESS
CheckIfTokenEndpointResponseError
No error from token endpoint
2022-11-27 17:13:43 SUCCESS
CheckForAccessTokenValue
Found an access token
access_token
Tn2Yof_IURlV_qMOcSlEpf-ZxPVHLRVHKhHUQYAneDM.SAfwpvaBSfK8CYavZXNoBlinAIyP9YwwEpUH6NuJbFH3nzCTimGmauik8V9MrNYwECipsQzOQHq19ddzZFSgfg.M18xNjY5NTY5MjIzXzE4
2022-11-27 17:13:43 SUCCESS
ExtractAccessTokenFromTokenResponse
Extracted the access token
value
Tn2Yof_IURlV_qMOcSlEpf-ZxPVHLRVHKhHUQYAneDM.SAfwpvaBSfK8CYavZXNoBlinAIyP9YwwEpUH6NuJbFH3nzCTimGmauik8V9MrNYwECipsQzOQHq19ddzZFSgfg.M18xNjY5NTY5MjIzXzE4
type
bearer
2022-11-27 17:13:43 SUCCESS
ExtractExpiresInFromTokenEndpointResponse
Extracted 'expires_in'
expires_in
7199
2022-11-27 17:13:43 SUCCESS
ValidateExpiresIn
expires_in passed all validation checks
expires_in
7199
2022-11-27 17:13:43 INFO
CheckForRefreshTokenValue
Couldn't find refresh token
2022-11-27 17:13:43 SUCCESS
ExtractIdTokenFromTokenResponse
Found and parsed the id_token from token_endpoint_response
value
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiIxIiwiYWRkcmVzcyI6eyJhZGRyZXNzIjp7ImNvdW50cnkiOiJVUyIsImxvY2FsaXR5IjoiTG9zIEFuZ2VsZXMiLCJwb3N0YWxfY29kZSI6IjkwMjEwIiwicmVnaW9uIjoiQ0EiLCJzdHJlZXRfYWRkcmVzcyI6IjEyMzQgSG9sbHl3b29kIEJsdmQuIn0sInBob25lX251bWJlciI6IisxICgzMTApIDEyMy00NTY3In0sImFtciI6WyJwYXNzd29yZCJdLCJhdF9oYXNoIjoiTTgtRnVGOVdqQXN2Ql9PalpOUjFzdyIsImF1ZCI6WyI1YTg5NTllMC03Yzc4LTQyM2EtYjdmMC05OTkxOGUzNDM1ZGMiXSwiYXV0aF90aW1lIjoxNjY5NTY4NDA4LCJiaXJ0aGRhdGUiOiIyMDIyLTExLTIzIiwiZW1haWwiOiJ0ZXN0QGlibS5jb20iLCJlbWFpbF92ZXJpZmllZCI6dHJ1ZSwiZXhwIjoxNjY5NTc2NDIzLCJmYW1pbHlfbmFtZSI6IkRldiIsImdlbmRlciI6Ik1hbGUiLCJnaXZlbl9uYW1lIjoiSVNWIiwiaWF0IjoxNjY5NTY5MjIzLCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiI1MGU1MWFlNi00NjJlLTQ2ZDEtODZmNC0yZGVmYjMyNDQ4MTAiLCJsb2NhbGUiOiJlbi1VUyIsIm1pZGRsZV9uYW1lIjoiTWlkZGxlTmFtZSIsIm5hbWUiOiJJU1YgRGV2Iiwibmlja25hbWUiOiJuaWNrbmFtZSIsIm5vbmNlIjoiWERES0NUTENaMCIsInBob25lX251bWJlciI6IjEyMzQ1Njc4OSIsInBob25lX251bWJlcl92ZXJpZmllZCI6dHJ1ZSwicGljdHVyZSI6Imh0dHBzOi8vb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tIiwicHJlZmVycmVkX3VzZXJuYW1lIjoiaXN2ZGV2QGlibS5jb20iLCJwcm9maWxlIjoiRW5kLVVzZXIiLCJyYXQiOjE2Njk1NjkyMTgsInJlYWxtTmFtZSI6ImNsb3VkSWRlbnRpdHlSZWFsbSIsInNfaGFzaCI6IjlqU0tDNXU0YVlaQVdtYW1QQk5XNGciLCJzdWIiOiI2MTYwMDE3TjY3IiwidXBkYXRlZF9hdCI6MTY2OTE3Mjg1NCwid2Vic2l0ZSI6Ind3dy5pYm0uY29tIiwiem9uZWluZm8iOiJBbWVyaWNhL0xvc19BbmdlbGVzIn0.ilaplfeIZ3KCx5Hq2EXrJfJY5SfaCJFa16JYPLfcjxD3tyIbKc9h0gw-_yVoiGETl847cR1NSz0W4zM0lzupE2SJXONgJieTKODiErEeDGeSGQKiqNgr8riUHdIFPbhnVCyrQlFXAq7s7TRB27SFFyp5AC2psVMOEmM6rzcZQS-_wsBMZNHUCh9_o-wC_PMLlhZEB6TIAZJ7UDiFdgnV1ySNnK-ss93NdpBJoRQqlpSAwTzGiUPnHIc4pjrJDxtOTw7oMt9P6BbzXT9AaKBc3LCpF8kwU9saCVS79zgab0FYnYTv7tenUXL8d2gYQfO_oPw2e3nxXuPUy82CCewjqg
header
{
  "kid": "server",
  "alg": "RS256"
}
claims
{
  "at_hash": "M8-FuF9WjAsvB_OjZNR1sw",
  "sub": "6160017N67",
  "zoneinfo": "America/Los_Angeles",
  "birthdate": "2022-11-23",
  "gender": "Male",
  "realmName": "cloudIdentityRealm",
  "amr": [
    "password"
  ],
  "iss": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "preferred_username": "isvdev@ibm.com",
  "locale": "en-US",
  "acr": "1",
  "updated_at": 1669172854,
  "auth_time": 1669568408,
  "nickname": "nickname",
  "exp": 1669576423,
  "iat": 1669569223,
  "email": "test@ibm.com",
  "jti": "50e51ae6-462e-46d1-86f4-2defb3244810",
  "website": "www.ibm.com",
  "address": {
    "address": {
      "country": "US",
      "street_address": "1234 Hollywood Blvd.",
      "locality": "Los Angeles",
      "postal_code": "90210",
      "region": "CA"
    },
    "phone_number": "+1 (310) 123-4567"
  },
  "email_verified": true,
  "rat": 1669569218,
  "profile": "End-User",
  "phone_number_verified": true,
  "given_name": "ISV",
  "middle_name": "MiddleName",
  "nonce": "XDDKCTLCZ0",
  "picture": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com",
  "aud": "5a8959e0-7c78-423a-b7f0-99918e3435dc",
  "s_hash": "9jSKC5u4aYZAWmamPBNW4g",
  "name": "ISV Dev",
  "phone_number": "123456789",
  "family_name": "Dev"
}
2022-11-27 17:13:43 SUCCESS
ValidateIdToken
ID token iss, aud, exp, iat, auth_time, acr & nbf claims passed validation checks
2022-11-27 17:13:43
ValidateIdTokenStandardClaims
sub is a string with content
2022-11-27 17:13:43
ValidateIdTokenStandardClaims
zoneinfo is a string with content
2022-11-27 17:13:43
ValidateIdTokenStandardClaims
birthdate is a valid birthdate in the format stated in OpenID Connect Standard - YYYY-MM-DD, 0000-MM-DD or YYYY
2022-11-27 17:13:43
ValidateIdTokenStandardClaims
gender is a string with content
2022-11-27 17:13:43
ValidateIdTokenStandardClaims
Skipping unknown claim: realmName
2022-11-27 17:13:43
ValidateIdTokenStandardClaims
preferred_username is a string with content
2022-11-27 17:13:43
ValidateIdTokenStandardClaims
locale is a string with content
2022-11-27 17:13:43
ValidateIdTokenStandardClaims
updated_at is a number
2022-11-27 17:13:43
ValidateIdTokenStandardClaims
nickname is a string with content
2022-11-27 17:13:43
ValidateIdTokenStandardClaims
email is a string with content
2022-11-27 17:13:43
ValidateIdTokenStandardClaims
website is a string with content
2022-11-27 17:13:43
ValidateIdTokenStandardClaims
Skipping unknown claim: address.address
2022-11-27 17:13:43
ValidateIdTokenStandardClaims
Skipping unknown claim: address.phone_number
2022-11-27 17:13:43
ValidateIdTokenStandardClaims
address is a valid object or contains invalid claims
2022-11-27 17:13:43
ValidateIdTokenStandardClaims
email_verified is a boolean
2022-11-27 17:13:43
ValidateIdTokenStandardClaims
Skipping unknown claim: rat
2022-11-27 17:13:43
ValidateIdTokenStandardClaims
profile is a string with content
2022-11-27 17:13:43
ValidateIdTokenStandardClaims
phone_number_verified is a boolean
2022-11-27 17:13:43
ValidateIdTokenStandardClaims
given_name is a string with content
2022-11-27 17:13:43
ValidateIdTokenStandardClaims
middle_name is a string with content
2022-11-27 17:13:43
ValidateIdTokenStandardClaims
picture is a string with content
2022-11-27 17:13:43
ValidateIdTokenStandardClaims
name is a string with content
2022-11-27 17:13:43
ValidateIdTokenStandardClaims
phone_number is a string with content
2022-11-27 17:13:43
ValidateIdTokenStandardClaims
family_name is a string with content
2022-11-27 17:13:43 SUCCESS
ValidateIdTokenStandardClaims
id_token claims are valid
2022-11-27 17:13:43 SUCCESS
ValidateIdTokenNonce
Nonce values match
nonce
XDDKCTLCZ0
2022-11-27 17:13:43 SUCCESS
ValidateIdTokenACRClaimAgainstRequest
Nothing to check; the conformance suite did not request an acr claim in request object
2022-11-27 17:13:43 SUCCESS
ValidateIdTokenSignature
id_token signature validated
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiIxIiwiYWRkcmVzcyI6eyJhZGRyZXNzIjp7ImNvdW50cnkiOiJVUyIsImxvY2FsaXR5IjoiTG9zIEFuZ2VsZXMiLCJwb3N0YWxfY29kZSI6IjkwMjEwIiwicmVnaW9uIjoiQ0EiLCJzdHJlZXRfYWRkcmVzcyI6IjEyMzQgSG9sbHl3b29kIEJsdmQuIn0sInBob25lX251bWJlciI6IisxICgzMTApIDEyMy00NTY3In0sImFtciI6WyJwYXNzd29yZCJdLCJhdF9oYXNoIjoiTTgtRnVGOVdqQXN2Ql9PalpOUjFzdyIsImF1ZCI6WyI1YTg5NTllMC03Yzc4LTQyM2EtYjdmMC05OTkxOGUzNDM1ZGMiXSwiYXV0aF90aW1lIjoxNjY5NTY4NDA4LCJiaXJ0aGRhdGUiOiIyMDIyLTExLTIzIiwiZW1haWwiOiJ0ZXN0QGlibS5jb20iLCJlbWFpbF92ZXJpZmllZCI6dHJ1ZSwiZXhwIjoxNjY5NTc2NDIzLCJmYW1pbHlfbmFtZSI6IkRldiIsImdlbmRlciI6Ik1hbGUiLCJnaXZlbl9uYW1lIjoiSVNWIiwiaWF0IjoxNjY5NTY5MjIzLCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiI1MGU1MWFlNi00NjJlLTQ2ZDEtODZmNC0yZGVmYjMyNDQ4MTAiLCJsb2NhbGUiOiJlbi1VUyIsIm1pZGRsZV9uYW1lIjoiTWlkZGxlTmFtZSIsIm5hbWUiOiJJU1YgRGV2Iiwibmlja25hbWUiOiJuaWNrbmFtZSIsIm5vbmNlIjoiWERES0NUTENaMCIsInBob25lX251bWJlciI6IjEyMzQ1Njc4OSIsInBob25lX251bWJlcl92ZXJpZmllZCI6dHJ1ZSwicGljdHVyZSI6Imh0dHBzOi8vb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tIiwicHJlZmVycmVkX3VzZXJuYW1lIjoiaXN2ZGV2QGlibS5jb20iLCJwcm9maWxlIjoiRW5kLVVzZXIiLCJyYXQiOjE2Njk1NjkyMTgsInJlYWxtTmFtZSI6ImNsb3VkSWRlbnRpdHlSZWFsbSIsInNfaGFzaCI6IjlqU0tDNXU0YVlaQVdtYW1QQk5XNGciLCJzdWIiOiI2MTYwMDE3TjY3IiwidXBkYXRlZF9hdCI6MTY2OTE3Mjg1NCwid2Vic2l0ZSI6Ind3dy5pYm0uY29tIiwiem9uZWluZm8iOiJBbWVyaWNhL0xvc19BbmdlbGVzIn0.ilaplfeIZ3KCx5Hq2EXrJfJY5SfaCJFa16JYPLfcjxD3tyIbKc9h0gw-_yVoiGETl847cR1NSz0W4zM0lzupE2SJXONgJieTKODiErEeDGeSGQKiqNgr8riUHdIFPbhnVCyrQlFXAq7s7TRB27SFFyp5AC2psVMOEmM6rzcZQS-_wsBMZNHUCh9_o-wC_PMLlhZEB6TIAZJ7UDiFdgnV1ySNnK-ss93NdpBJoRQqlpSAwTzGiUPnHIc4pjrJDxtOTw7oMt9P6BbzXT9AaKBc3LCpF8kwU9saCVS79zgab0FYnYTv7tenUXL8d2gYQfO_oPw2e3nxXuPUy82CCewjqg
2022-11-27 17:13:43 SUCCESS
ValidateIdTokenSignatureUsingKid
id_token signature validated
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiIxIiwiYWRkcmVzcyI6eyJhZGRyZXNzIjp7ImNvdW50cnkiOiJVUyIsImxvY2FsaXR5IjoiTG9zIEFuZ2VsZXMiLCJwb3N0YWxfY29kZSI6IjkwMjEwIiwicmVnaW9uIjoiQ0EiLCJzdHJlZXRfYWRkcmVzcyI6IjEyMzQgSG9sbHl3b29kIEJsdmQuIn0sInBob25lX251bWJlciI6IisxICgzMTApIDEyMy00NTY3In0sImFtciI6WyJwYXNzd29yZCJdLCJhdF9oYXNoIjoiTTgtRnVGOVdqQXN2Ql9PalpOUjFzdyIsImF1ZCI6WyI1YTg5NTllMC03Yzc4LTQyM2EtYjdmMC05OTkxOGUzNDM1ZGMiXSwiYXV0aF90aW1lIjoxNjY5NTY4NDA4LCJiaXJ0aGRhdGUiOiIyMDIyLTExLTIzIiwiZW1haWwiOiJ0ZXN0QGlibS5jb20iLCJlbWFpbF92ZXJpZmllZCI6dHJ1ZSwiZXhwIjoxNjY5NTc2NDIzLCJmYW1pbHlfbmFtZSI6IkRldiIsImdlbmRlciI6Ik1hbGUiLCJnaXZlbl9uYW1lIjoiSVNWIiwiaWF0IjoxNjY5NTY5MjIzLCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiI1MGU1MWFlNi00NjJlLTQ2ZDEtODZmNC0yZGVmYjMyNDQ4MTAiLCJsb2NhbGUiOiJlbi1VUyIsIm1pZGRsZV9uYW1lIjoiTWlkZGxlTmFtZSIsIm5hbWUiOiJJU1YgRGV2Iiwibmlja25hbWUiOiJuaWNrbmFtZSIsIm5vbmNlIjoiWERES0NUTENaMCIsInBob25lX251bWJlciI6IjEyMzQ1Njc4OSIsInBob25lX251bWJlcl92ZXJpZmllZCI6dHJ1ZSwicGljdHVyZSI6Imh0dHBzOi8vb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tIiwicHJlZmVycmVkX3VzZXJuYW1lIjoiaXN2ZGV2QGlibS5jb20iLCJwcm9maWxlIjoiRW5kLVVzZXIiLCJyYXQiOjE2Njk1NjkyMTgsInJlYWxtTmFtZSI6ImNsb3VkSWRlbnRpdHlSZWFsbSIsInNfaGFzaCI6IjlqU0tDNXU0YVlaQVdtYW1QQk5XNGciLCJzdWIiOiI2MTYwMDE3TjY3IiwidXBkYXRlZF9hdCI6MTY2OTE3Mjg1NCwid2Vic2l0ZSI6Ind3dy5pYm0uY29tIiwiem9uZWluZm8iOiJBbWVyaWNhL0xvc19BbmdlbGVzIn0.ilaplfeIZ3KCx5Hq2EXrJfJY5SfaCJFa16JYPLfcjxD3tyIbKc9h0gw-_yVoiGETl847cR1NSz0W4zM0lzupE2SJXONgJieTKODiErEeDGeSGQKiqNgr8riUHdIFPbhnVCyrQlFXAq7s7TRB27SFFyp5AC2psVMOEmM6rzcZQS-_wsBMZNHUCh9_o-wC_PMLlhZEB6TIAZJ7UDiFdgnV1ySNnK-ss93NdpBJoRQqlpSAwTzGiUPnHIc4pjrJDxtOTw7oMt9P6BbzXT9AaKBc3LCpF8kwU9saCVS79zgab0FYnYTv7tenUXL8d2gYQfO_oPw2e3nxXuPUy82CCewjqg
2022-11-27 17:13:43 SUCCESS
CheckForSubjectInIdToken
Found 'sub' in id_token
sub
6160017N67
2022-11-27 17:13:43
EnsureIdTokenUpdatedAtValid
id_token response does not contain 'updated_at'
2022-11-27 17:13:43 INFO
ValidateEncryptedIdTokenHasKid
Skipped evaluation due to missing required element: id_token jwe_header
path
jwe_header
mapped
object
id_token
Userinfo endpoint tests
2022-11-27 17:13:43
CallProtectedResource
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/userinfo
request_method
GET
request_headers
{
  "accept": "application/json",
  "authorization": "bearer Tn2Yof_IURlV_qMOcSlEpf-ZxPVHLRVHKhHUQYAneDM.SAfwpvaBSfK8CYavZXNoBlinAIyP9YwwEpUH6NuJbFH3nzCTimGmauik8V9MrNYwECipsQzOQHq19ddzZFSgfg.M18xNjY5NTY5MjIzXzE4",
  "content-length": "0"
}
request_body

                                
2022-11-27 17:13:43 RESPONSE
CallProtectedResource
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AKc66dffd6-3ed1-4165-9cb2-e9689ecf3f5d",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c28163839ac735144a31",
  "content-length": "890",
  "date": "Sun, 27 Nov 2022 17:13:43 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:eXD8l2upAa3qq+8JFmvq3adgAn57XipDD/kqqs53198\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:54725591; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003dC27DE9490374EDDA0CFBE29F46D9F2EF~-1~YAAQEmrcF6rEsX+EAQAAT5wUugjblgwcadHnpS3X4bbhOVOMc2bCuwTwpdbBq+9I8zqwKcQ5xazSaj2jzoB1L5YMUemUZqyOcHUaXqW8+bO4dpS8qwhvg2+i2irHZxQ3JHV2dP2EgQB0vtOX/xGHijjEapSLO13EnudP5baBxmm9TzMFz1OuEzuddgSg1V6PqVuvfYxuHHlTO5tDbIGmj3igGO+fmW8ggmqORsBYXivdJUQ+ZvmmCgygURz5ldDI3Fci43E8Tb1Hla1aC91V8Reiwzi3ESzbK1LpHFa8x10f+Qf8isi5DGQM4VkM3Nn3vKXYSUGkeG414nm45n/FKpTmpzdyAPJo/2iba37YiE4Ti73SGsEQnRtbHmRNAAQmq6m9RKA\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 27 Nov 2023 17:13:43 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003dE2EE3624C1B52B7FCAADB9B7C56CD91B~YAAQEmrcF6vEsX+EAQAAT5wUuhFMMWRGwjYep30wdShntFHzDd8kJE8H/VuAoR4zHeWyW6IV9okB+cWW6K5x4qUUuPiTH2px5yi3R+X0kcKHOzKkksK7Eolfn1XccPAsNJ7w5/MGn1yqff9pQEtiHD65GRwI7fOOvSxxVLXxFgSHpM0VYuykA7AI4W2kM/9ShAofgheaVviAyWkimX4ulwvyLvs9ZswlGcsPfbEe+UlTCHnJE61jfr+o3eL1lgBp9q8HbL06FjRKeatBaCwHKKjLnalVYJbMxh+yWDIctkmfWhg4VSJq1+L5+OjC~3487554~3617603; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dSun, 27 Nov 2022 21:13:43 GMT; Max-Age\u003d14400; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d168",
    "origin; dur\u003d238"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"acr":"1","address":{"address":{"country":"US","locality":"Los Angeles","postal_code":"90210","region":"CA","street_address":"1234 Hollywood Blvd."},"phone_number":"+1 (310) 123-4567"},"amr":["password"],"aud":["5a8959e0-7c78-423a-b7f0-99918e3435dc"],"auth_time":1669568408,"birthdate":"2022-11-23","email":"test@ibm.com","email_verified":true,"family_name":"Dev","gender":"Male","given_name":"ISV","iss":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2","locale":"en-US","middle_name":"MiddleName","name":"ISV Dev","nickname":"nickname","phone_number":"123456789","phone_number_verified":true,"picture":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com","preferred_username":"isvdev@ibm.com","profile":"End-User","rat":1669569218,"realmName":"cloudIdentityRealm","sub":"6160017N67","updated_at":1669172854,"website":"www.ibm.com","zoneinfo":"America/Los_Angeles"}
2022-11-27 17:13:43 SUCCESS
CallProtectedResource
Got a response from the resource endpoint
status
200
endpoint_name
resource
headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AKc66dffd6-3ed1-4165-9cb2-e9689ecf3f5d",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c28163839ac735144a31",
  "content-length": "890",
  "date": "Sun, 27 Nov 2022 17:13:43 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:eXD8l2upAa3qq+8JFmvq3adgAn57XipDD/kqqs53198\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:54725591; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003dC27DE9490374EDDA0CFBE29F46D9F2EF~-1~YAAQEmrcF6rEsX+EAQAAT5wUugjblgwcadHnpS3X4bbhOVOMc2bCuwTwpdbBq+9I8zqwKcQ5xazSaj2jzoB1L5YMUemUZqyOcHUaXqW8+bO4dpS8qwhvg2+i2irHZxQ3JHV2dP2EgQB0vtOX/xGHijjEapSLO13EnudP5baBxmm9TzMFz1OuEzuddgSg1V6PqVuvfYxuHHlTO5tDbIGmj3igGO+fmW8ggmqORsBYXivdJUQ+ZvmmCgygURz5ldDI3Fci43E8Tb1Hla1aC91V8Reiwzi3ESzbK1LpHFa8x10f+Qf8isi5DGQM4VkM3Nn3vKXYSUGkeG414nm45n/FKpTmpzdyAPJo/2iba37YiE4Ti73SGsEQnRtbHmRNAAQmq6m9RKA\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 27 Nov 2023 17:13:43 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003dE2EE3624C1B52B7FCAADB9B7C56CD91B~YAAQEmrcF6vEsX+EAQAAT5wUuhFMMWRGwjYep30wdShntFHzDd8kJE8H/VuAoR4zHeWyW6IV9okB+cWW6K5x4qUUuPiTH2px5yi3R+X0kcKHOzKkksK7Eolfn1XccPAsNJ7w5/MGn1yqff9pQEtiHD65GRwI7fOOvSxxVLXxFgSHpM0VYuykA7AI4W2kM/9ShAofgheaVviAyWkimX4ulwvyLvs9ZswlGcsPfbEe+UlTCHnJE61jfr+o3eL1lgBp9q8HbL06FjRKeatBaCwHKKjLnalVYJbMxh+yWDIctkmfWhg4VSJq1+L5+OjC~3487554~3617603; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dSun, 27 Nov 2022 21:13:43 GMT; Max-Age\u003d14400; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d168",
    "origin; dur\u003d238"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
body
{"acr":"1","address":{"address":{"country":"US","locality":"Los Angeles","postal_code":"90210","region":"CA","street_address":"1234 Hollywood Blvd."},"phone_number":"+1 (310) 123-4567"},"amr":["password"],"aud":["5a8959e0-7c78-423a-b7f0-99918e3435dc"],"auth_time":1669568408,"birthdate":"2022-11-23","email":"test@ibm.com","email_verified":true,"family_name":"Dev","gender":"Male","given_name":"ISV","iss":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2","locale":"en-US","middle_name":"MiddleName","name":"ISV Dev","nickname":"nickname","phone_number":"123456789","phone_number_verified":true,"picture":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com","preferred_username":"isvdev@ibm.com","profile":"End-User","rat":1669569218,"realmName":"cloudIdentityRealm","sub":"6160017N67","updated_at":1669172854,"website":"www.ibm.com","zoneinfo":"America/Los_Angeles"}
2022-11-27 17:13:43 SUCCESS
EnsureHttpStatusCodeIs200
resource endpoint returned the expected http status
expected_status
200
http_status
200
2022-11-27 17:13:43
CallUserInfoEndpoint
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/userinfo
request_method
GET
request_headers
{
  "accept": "application/json",
  "authorization": "bearer Tn2Yof_IURlV_qMOcSlEpf-ZxPVHLRVHKhHUQYAneDM.SAfwpvaBSfK8CYavZXNoBlinAIyP9YwwEpUH6NuJbFH3nzCTimGmauik8V9MrNYwECipsQzOQHq19ddzZFSgfg.M18xNjY5NTY5MjIzXzE4",
  "content-length": "0"
}
request_body

                                
2022-11-27 17:13:44 RESPONSE
CallUserInfoEndpoint
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK5d7d35ef-79e8-42d6-94bc-3f1b1d3bf291",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c28163839ac720451185",
  "content-length": "890",
  "date": "Sun, 27 Nov 2022 17:13:44 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:BL26IdLL09RoeJB7NGyPyZsatp66HN3JUEpw/t25zxY\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:57871319; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d6B741F0FE1E25A4706FBD64041F7F35D~-1~YAAQEmrcF8nEsX+EAQAAi50UughgvutZZTEHf8at7TqgJjmZn55i42jxFtgpIqyPDIQnMYNMVVGF+7/M7Y8WmF5GERBZICYx0W8qC+jjbi7VBrUUeCMBvpaB2YJIE/kdg378JM2BDazFbsliTj34Pxk4oQzrS8yZn8sOzZeE/++sclLieJJ0k8zUWBBzJx6JPdQZ7l33eZrBwO9TyTtvb0NRhS7uszuYlDfzhH9tMfn8ddpizSMjPcytC8C5nHFztUcfII5/aNMvlzNPmvXCIt/ogzcfmINMyhhwwqxMNhpEWBoM/TdXU+7SDk0Kd1bgbyPFf1yaNrKqrgk3PIkirBenc/9DRFezvvAHxUAXahD071FvjonTa92CeS2MGAosreCobxE\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 27 Nov 2023 17:13:44 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d5FAF9791F6C37FAC8C99EBA889E65C06~YAAQEmrcF8rEsX+EAQAAjJ0UuhFtOqgjk2wfaH2r6tPYsfS/5ubCAFCQc0CXbkUONGqf8MWhLtk/bizPqFrIwKmeUDLjCEN3pjcPBXQk0dwzhURNZ0il7e7YLb09+tyNKbOxMy1qL15Evdxs/1spht7G+xdjDqKmuf8wJiSx2JUrFODuB0V8pyXBhLBzBzJK1E1F+pvriKeIp1+B+Te+xwYLmYlxsuL2zSipISImEaBPC+yKAvx6fzF90kvH6eIxkIl6OSnacMjnaNUOTbSgA3H7PK9qtMqnBh6IDXtHwoLJQk2qehkwpBaZTXeL~3487554~3617603; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dSun, 27 Nov 2022 21:13:43 GMT; Max-Age\u003d14399; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d88",
    "origin; dur\u003d123"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"acr":"1","address":{"address":{"country":"US","locality":"Los Angeles","postal_code":"90210","region":"CA","street_address":"1234 Hollywood Blvd."},"phone_number":"+1 (310) 123-4567"},"amr":["password"],"aud":["5a8959e0-7c78-423a-b7f0-99918e3435dc"],"auth_time":1669568408,"birthdate":"2022-11-23","email":"test@ibm.com","email_verified":true,"family_name":"Dev","gender":"Male","given_name":"ISV","iss":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2","locale":"en-US","middle_name":"MiddleName","name":"ISV Dev","nickname":"nickname","phone_number":"123456789","phone_number_verified":true,"picture":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com","preferred_username":"isvdev@ibm.com","profile":"End-User","rat":1669569218,"realmName":"cloudIdentityRealm","sub":"6160017N67","updated_at":1669172854,"website":"www.ibm.com","zoneinfo":"America/Los_Angeles"}
2022-11-27 17:13:44 SUCCESS
CallUserInfoEndpoint
Got a response from the userinfo endpoint
headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK5d7d35ef-79e8-42d6-94bc-3f1b1d3bf291",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c28163839ac720451185",
  "content-length": "890",
  "date": "Sun, 27 Nov 2022 17:13:44 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:BL26IdLL09RoeJB7NGyPyZsatp66HN3JUEpw/t25zxY\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:57871319; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d6B741F0FE1E25A4706FBD64041F7F35D~-1~YAAQEmrcF8nEsX+EAQAAi50UughgvutZZTEHf8at7TqgJjmZn55i42jxFtgpIqyPDIQnMYNMVVGF+7/M7Y8WmF5GERBZICYx0W8qC+jjbi7VBrUUeCMBvpaB2YJIE/kdg378JM2BDazFbsliTj34Pxk4oQzrS8yZn8sOzZeE/++sclLieJJ0k8zUWBBzJx6JPdQZ7l33eZrBwO9TyTtvb0NRhS7uszuYlDfzhH9tMfn8ddpizSMjPcytC8C5nHFztUcfII5/aNMvlzNPmvXCIt/ogzcfmINMyhhwwqxMNhpEWBoM/TdXU+7SDk0Kd1bgbyPFf1yaNrKqrgk3PIkirBenc/9DRFezvvAHxUAXahD071FvjonTa92CeS2MGAosreCobxE\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 27 Nov 2023 17:13:44 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d5FAF9791F6C37FAC8C99EBA889E65C06~YAAQEmrcF8rEsX+EAQAAjJ0UuhFtOqgjk2wfaH2r6tPYsfS/5ubCAFCQc0CXbkUONGqf8MWhLtk/bizPqFrIwKmeUDLjCEN3pjcPBXQk0dwzhURNZ0il7e7YLb09+tyNKbOxMy1qL15Evdxs/1spht7G+xdjDqKmuf8wJiSx2JUrFODuB0V8pyXBhLBzBzJK1E1F+pvriKeIp1+B+Te+xwYLmYlxsuL2zSipISImEaBPC+yKAvx6fzF90kvH6eIxkIl6OSnacMjnaNUOTbSgA3H7PK9qtMqnBh6IDXtHwoLJQk2qehkwpBaZTXeL~3487554~3617603; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dSun, 27 Nov 2022 21:13:43 GMT; Max-Age\u003d14399; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d88",
    "origin; dur\u003d123"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
status_code
{
  "code": 200
}
body
{"acr":"1","address":{"address":{"country":"US","locality":"Los Angeles","postal_code":"90210","region":"CA","street_address":"1234 Hollywood Blvd."},"phone_number":"+1 (310) 123-4567"},"amr":["password"],"aud":["5a8959e0-7c78-423a-b7f0-99918e3435dc"],"auth_time":1669568408,"birthdate":"2022-11-23","email":"test@ibm.com","email_verified":true,"family_name":"Dev","gender":"Male","given_name":"ISV","iss":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2","locale":"en-US","middle_name":"MiddleName","name":"ISV Dev","nickname":"nickname","phone_number":"123456789","phone_number_verified":true,"picture":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com","preferred_username":"isvdev@ibm.com","profile":"End-User","rat":1669569218,"realmName":"cloudIdentityRealm","sub":"6160017N67","updated_at":1669172854,"website":"www.ibm.com","zoneinfo":"America/Los_Angeles"}
2022-11-27 17:13:44 SUCCESS
EnsureHttpStatusCodeIs200
resource endpoint returned the expected http status
expected_status
200
http_status
200
2022-11-27 17:13:44 SUCCESS
ExtractUserInfoFromUserInfoEndpointResponse
Extracted user info
userinfo
{
  "acr": "1",
  "address": {
    "address": {
      "country": "US",
      "locality": "Los Angeles",
      "postal_code": "90210",
      "region": "CA",
      "street_address": "1234 Hollywood Blvd."
    },
    "phone_number": "+1 (310) 123-4567"
  },
  "amr": [
    "password"
  ],
  "aud": [
    "5a8959e0-7c78-423a-b7f0-99918e3435dc"
  ],
  "auth_time": 1669568408,
  "birthdate": "2022-11-23",
  "email": "test@ibm.com",
  "email_verified": true,
  "family_name": "Dev",
  "gender": "Male",
  "given_name": "ISV",
  "iss": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "locale": "en-US",
  "middle_name": "MiddleName",
  "name": "ISV Dev",
  "nickname": "nickname",
  "phone_number": "123456789",
  "phone_number_verified": true,
  "picture": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com",
  "preferred_username": "isvdev@ibm.com",
  "profile": "End-User",
  "rat": 1669569218,
  "realmName": "cloudIdentityRealm",
  "sub": "6160017N67",
  "updated_at": 1669172854,
  "website": "www.ibm.com",
  "zoneinfo": "America/Los_Angeles"
}
2022-11-27 17:13:44
ValidateUserInfoStandardClaims
Skipping unknown claim: acr
2022-11-27 17:13:44
ValidateUserInfoStandardClaims
Skipping unknown claim: address.address
2022-11-27 17:13:44
ValidateUserInfoStandardClaims
Skipping unknown claim: address.phone_number
2022-11-27 17:13:44
ValidateUserInfoStandardClaims
address is a valid object or contains invalid claims
2022-11-27 17:13:44
ValidateUserInfoStandardClaims
Skipping unknown claim: amr
2022-11-27 17:13:44
ValidateUserInfoStandardClaims
Skipping unknown claim: aud
2022-11-27 17:13:44
ValidateUserInfoStandardClaims
Skipping unknown claim: auth_time
2022-11-27 17:13:44
ValidateUserInfoStandardClaims
birthdate is a valid birthdate in the format stated in OpenID Connect Standard - YYYY-MM-DD, 0000-MM-DD or YYYY
2022-11-27 17:13:44
ValidateUserInfoStandardClaims
email is a string with content
2022-11-27 17:13:44
ValidateUserInfoStandardClaims
email_verified is a boolean
2022-11-27 17:13:44
ValidateUserInfoStandardClaims
family_name is a string with content
2022-11-27 17:13:44
ValidateUserInfoStandardClaims
gender is a string with content
2022-11-27 17:13:44
ValidateUserInfoStandardClaims
given_name is a string with content
2022-11-27 17:13:44
ValidateUserInfoStandardClaims
Skipping unknown claim: iss
2022-11-27 17:13:44
ValidateUserInfoStandardClaims
locale is a string with content
2022-11-27 17:13:44
ValidateUserInfoStandardClaims
middle_name is a string with content
2022-11-27 17:13:44
ValidateUserInfoStandardClaims
name is a string with content
2022-11-27 17:13:44
ValidateUserInfoStandardClaims
nickname is a string with content
2022-11-27 17:13:44
ValidateUserInfoStandardClaims
phone_number is a string with content
2022-11-27 17:13:44
ValidateUserInfoStandardClaims
phone_number_verified is a boolean
2022-11-27 17:13:44
ValidateUserInfoStandardClaims
picture is a string with content
2022-11-27 17:13:44
ValidateUserInfoStandardClaims
preferred_username is a string with content
2022-11-27 17:13:44
ValidateUserInfoStandardClaims
profile is a string with content
2022-11-27 17:13:44
ValidateUserInfoStandardClaims
Skipping unknown claim: rat
2022-11-27 17:13:44
ValidateUserInfoStandardClaims
Skipping unknown claim: realmName
2022-11-27 17:13:44
ValidateUserInfoStandardClaims
sub is a string with content
2022-11-27 17:13:44
ValidateUserInfoStandardClaims
updated_at is a number
2022-11-27 17:13:44
ValidateUserInfoStandardClaims
website is a string with content
2022-11-27 17:13:44
ValidateUserInfoStandardClaims
zoneinfo is a string with content
2022-11-27 17:13:44 SUCCESS
ValidateUserInfoStandardClaims
Userinfo is valid
2022-11-27 17:13:44 SUCCESS
EnsureUserInfoContainsSub
Found sub in userinfo
sub
6160017N67
2022-11-27 17:13:44 SUCCESS
EnsureUserInfoUpdatedAtValid
'updated_at' in userinfo response seems to be a valid time
updated_at
"Nov 23, 2022, 3:07:34 AM"
now
"Nov 27, 2022, 5:13:44 PM"
2022-11-27 17:13:44
EnsureMemberValuesInClaimNameReferenceToMemberNamesInClaimSources
userinfo response does not contain '_claim_names' nor _claim_sources'
2022-11-27 17:13:44 SUCCESS
VerifyUserInfoAndIdTokenInTokenEndpointSameSub
userinfo response and id_token sub are the same
sub_user_info
6160017N67
sub_id_token
6160017N67
2022-11-27 17:13:44 SUCCESS
VerifyScopesReturnedInUserInfoClaims
'claims' in userinfo contains all scope items of scope in authorization request (corresponds to scope standard claims)
actual_scope_items
[
  "acr",
  "address",
  "amr",
  "aud",
  "auth_time",
  "birthdate",
  "email",
  "email_verified",
  "family_name",
  "gender",
  "given_name",
  "iss",
  "locale",
  "middle_name",
  "name",
  "nickname",
  "phone_number",
  "phone_number_verified",
  "picture",
  "preferred_username",
  "profile",
  "rat",
  "realmName",
  "sub",
  "updated_at",
  "website",
  "zoneinfo"
]
expected_scope_items
[
  "sub",
  "name",
  "given_name",
  "family_name",
  "middle_name",
  "nickname",
  "profile",
  "picture",
  "website",
  "gender",
  "birthdate",
  "zoneinfo",
  "locale",
  "updated_at",
  "preferred_username"
]
2022-11-27 17:13:44 FINISHED
oidcc-scope-profile
Test has run to completion
testmodule_result
PASSED
Unregister dynamically registered client
2022-11-27 17:13:44
UnregisterDynamicallyRegisteredClient
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register/5a8959e0-7c78-423a-b7f0-99918e3435dc
request_method
DELETE
request_headers
{
  "accept": "application/json",
  "authorization": "Bearer dKA1wb0rgf82u4Ue4Dqysp3PQffkXhLyFHXrKqrNvAQ.bPnSR5lunWyiz2SKo74a_KW4cNbYDkVVU1pGZk-_YravsGjyDxxbesw6n2e2orxqJllIU51VGjzL3GKDj6qoJw.M18xNjY5NTY5MTQwXzE4",
  "content-length": "0"
}
request_body

                                
2022-11-27 17:13:45 RESPONSE
UnregisterDynamicallyRegisteredClient
HTTP response
response_status_code
204 NO_CONTENT
response_status_text
No Content
response_headers
{
  "x-backside-transport": "OK OK",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK4e9e89ac-6103-4ef5-b48e-8ae2997838e3",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c28163839ac820451655",
  "date": "Sun, 27 Nov 2022 17:13:45 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:v4GdK23XduPABpruCny6MMlDppcxcDVxdP7mM6JKBrs\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:61017047; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003dDE7287EC4E0614E47B2B3515DB87F374~-1~YAAQEmrcFyTFsX+EAQAAO6QUughikO/Mv6S8eqn+I/XOEygLdem3aNdCxYy9XSXqDgre7yZWsyhBB8gKvw2wIfUbESZU36ej/Fe1Df/wYE6G8n/gFuIn836w+N3apIT0DV5ynQFbnarnIrUp6Gt5R7/HZxSBJGgClnLgIbsG6Ae5+jGEmBWTPJ8XpyLxsTDkETakgahve3OLhd2Dmg59bMVqq9dMNOCMzSlwjXh8sxMEYPilVy793a5yxC3M8XGyMMhR7PtXWAn+jKL9qou9RNfs2RbBt1W709LksLs/Tv7TNIS6AazhuCYPODKe8YzU5fWNu+wegJUbnsj79+jeKXhJPmt1cgAbiy8GJVs6oIbcy03lp7F+xYq5+lHkDpPK2cQr5Ps\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 27 Nov 2023 17:13:45 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d777EB03D09F272503DB62C2C36815EDC~YAAQEmrcFyXFsX+EAQAAO6QUuhFGOjUh3RE8eba45mDN1rZV5V41xitdMY2OzaH4Zij7LOsDLCS2wVWirLYPxl75Hd/0geIvDy7lo6xkeegOlhmBOk/uTFByGXRWK8FJpTpJGe89lHT/E+QzC4jmQQNh+SbZEmRbKAx7NpQTzo55PKki4Pxf3IEpqAqiwvlp911/eOSak6jl09xlFpaIrSiVVxPbalHkMZLxwa4Uo443XHI2ezJ/wuYl3hVEMG8bK9TooDxf2BmN0MZ0Vy8bI1aI53oVu1R7Dx4+BzwwkSvq6lscsok/tfwTloVe~3556403~4604984; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dSun, 27 Nov 2022 21:13:44 GMT; Max-Age\u003d14399; Secure"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body

                                
2022-11-27 17:13:45 SUCCESS
UnregisterDynamicallyRegisteredClient
Client successfully unregistered
2022-11-27 17:13:48
TEST-RUNNER
Alias has now been claimed by another test
alias
isv_op_oidc_core_test
new_test_id
VwhcleFWGTc5VAs
Test Results