Test Summary

Test Results

Expand All Collapse All
All times are UTC
2022-11-23 05:48:55 INFO
TEST-RUNNER
Test instance YoM9pkSc6f1VU9p created
baseUrl
https://www.certification.openid.net/test/a/isv_op_oidc_core_test
variant
{
  "client_auth_type": "client_secret_basic",
  "response_type": "code token",
  "server_metadata": "discovery",
  "response_mode": "default",
  "client_registration": "static_client"
}
alias
isv_op_oidc_core_test
description
isv_op_oidc_core_test_static_client
planId
tFf7jwdaGAzXZ
config
{
  "server": {
    "discoveryUrl": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/.well-known/openid-configuration",
    "login_hint": "isvdev@ibm.com"
  },
  "client": {
    "client_id": "1dc791c1-a17e-4278-98b8-e9d107eb9b1c",
    "client_secret": "P7coVadr6f"
  },
  "client_secret_post": {
    "client_id": "90f139b9-4239-4749-9c9a-811fd04f8338",
    "client_secret": "qojhizMq6p"
  },
  "client2": {
    "client_id": "0123d59f-90a2-4fec-b777-31b8d4b25fed",
    "client_secret": "BEfL8THMYy"
  },
  "consent": {},
  "alias": "isv_op_oidc_core_test",
  "description": "isv_op_oidc_core_test_static_client"
}
testName
oidcc-scope-email
2022-11-23 05:48:55 SUCCESS
CreateRedirectUri
Created redirect URI
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
2022-11-23 05:48:55
GetDynamicServerConfiguration
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/.well-known/openid-configuration
request_method
GET
request_headers
{
  "accept": "text/plain, application/json, application/*+json, */*",
  "content-length": "0"
}
request_body

                                
2022-11-23 05:48:56 RESPONSE
GetDynamicServerConfiguration
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK2e73e4aa-4cdb-4c7f-ae37-8a4b31bf0af7",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c281637db44805603493",
  "vary": "Accept-Encoding",
  "date": "Wed, 23 Nov 2022 05:48:56 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:UiTwXw2xjn9f6oIL0DllruWo4rsMHI0ayAegV8y61U0\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:54725591; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003dA61910CC2C2276922B2AA011DD15364A~-1~YAAQ7fnerfbIKXyEAQAAEjoIowjPg6Af1ff6tut51X3ADonmqw4nOk7KxbDMr4Xz95hxG58+uQWr3P7BXdr+qXB7+lsDH4BxJDg7Vh7wbJKBsz2Lr/aY0taJhlP4odICosMAZfqCk3yHKvZAS8aOURSGyNi0nNrKnFzBFiabVxsyak68/13Y+yNK3LUfiGtTRd5dRWNl/a45sBkxiR2gnmDJBBngkUU6Ak3wOqjgkWLaPk1EG/OWWUoF96X3iKpDLJ/VuFp5Ba0f+2oFPSY4z8xymy9P+chhfOT4FPSjG74xPAxwhvVfracR51iDjdE4nnxPQX/tTOWmxF8dcE29bXR9ZKEVaoFD6TsVLgENUcDN0P8tRJclwUAryNARp+/m1/ySM98\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dThu, 23 Nov 2023 05:48:56 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d2EC3B35833FC728F7C4B30EB19B72D6D~YAAQ7fnerffIKXyEAQAAEjoIoxFwb1NagYjrQwm7ShznQxPZYLHdcSm23PqzE+ED6oL1u2Y7Je4zwrtIzstr+aHRMrSH5RrQmXFf8+MSIpFo9O64oPg2itAvxCRPHkTxl5GNooXYrpDMnQFRTZuGUAxvuhO6l9tAem7XBJCybBuMeapd/qk01rNmt5swf8GEJUkP12OeUctOJs8HVUhklGAY4Dty2jR3VRqNc2crx1jTuVh0S5/OBnZQLWUmLDvasiaQpfFJ6yRMbninQQIzP6CdGM1Fy4TfcFeXiWkiIYK1QskcX1DMJur/ose7~3556166~3228483; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dWed, 23 Nov 2022 09:48:55 GMT; Max-Age\u003d14399"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d142",
    "origin; dur\u003d91"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"issuer":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2","authorization_endpoint":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/authorize","token_endpoint":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/token","introspection_endpoint":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/introspect","userinfo_endpoint":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/userinfo","revocation_endpoint":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/revoke","pushed_authorization_request_endpoint":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/par","registration_endpoint":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register","jwks_uri":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/jwks","response_types_supported":["none","code","token","id_token","code token","code id_token","token id_token","code token id_token"],"response_modes_supported":["query","fragment","form_post","jwt","query.jwt","fragment.jwt","form_post.jwt"],"grant_types_supported":["authorization_code","implicit","password","refresh_token","client_credentials"],"token_endpoint_auth_methods_supported":["client_secret_basic","client_secret_post","private_key_jwt","tls_client_auth"],"authorization_signing_alg_values_supported":["RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512"],"authorization_encryption_alg_values_supported":["none","RSA-OAEP","RSA-OAEP-256"],"authorization_encryption_enc_values_supported":["none","A128GCM","A192GCM","A256GCM"],"id_token_signing_alg_values_supported":["RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512"],"id_token_encryption_alg_values_supported":["none","RSA-OAEP","RSA-OAEP-256"],"id_token_encryption_enc_values_supported":["none","A128GCM","A192GCM","A256GCM"],"userinfo_signing_alg_values_supported":["RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512"],"userinfo_encryption_alg_values_supported":["none","RSA-OAEP","RSA-OAEP-256"],"userinfo_encryption_enc_values_supported":["none","A128GCM","A192GCM","A256GCM"],"token_endpoint_auth_signing_alg_values_supported":["RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512"],"request_object_signing_alg_values_supported":["RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512"],"request_object_encryption_alg_values_supported":["none","RSA-OAEP","RSA-OAEP-256"],"request_object_encryption_enc_values_supported":["none","A128GCM","A192GCM","A256GCM"],"subject_types_supported":["public"],"scopes_supported":["openid","profile","email","phone","address"],"claims_supported":["realmName","email","given_name","tenantId","employee_id","department","job_title","preferred_username","groupIds","upn","uid","family_name","name","mobile_number","iss","acr"],"claim_types_supported":["normal"],"claims_parameter_supported":true,"request_parameter_supported":true,"request_uri_parameter_supported":true,"require_request_uri_registration":true,"tls_client_certificate_bound_access_tokens":true,"mtls_endpoint_aliases":{"introspection_endpoint":"https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/introspect","pushed_authorization_request_endpoint":"https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/par","revocation_endpoint":"https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/revoke","token_endpoint":"https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/token"},"dpop_signing_alg_values_supported":["RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512"]}
2022-11-23 05:48:56 SUCCESS
GetDynamicServerConfiguration
Successfully parsed server configuration
issuer
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2
authorization_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/authorize
token_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/token
introspection_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/introspect
userinfo_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/userinfo
revocation_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/revoke
pushed_authorization_request_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/par
registration_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register
jwks_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/jwks
response_types_supported
[
  "none",
  "code",
  "token",
  "id_token",
  "code token",
  "code id_token",
  "token id_token",
  "code token id_token"
]
response_modes_supported
[
  "query",
  "fragment",
  "form_post",
  "jwt",
  "query.jwt",
  "fragment.jwt",
  "form_post.jwt"
]
grant_types_supported
[
  "authorization_code",
  "implicit",
  "password",
  "refresh_token",
  "client_credentials"
]
token_endpoint_auth_methods_supported
[
  "client_secret_basic",
  "client_secret_post",
  "private_key_jwt",
  "tls_client_auth"
]
authorization_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "PS256",
  "PS384",
  "PS512",
  "ES256",
  "ES384",
  "ES512"
]
authorization_encryption_alg_values_supported
[
  "none",
  "RSA-OAEP",
  "RSA-OAEP-256"
]
authorization_encryption_enc_values_supported
[
  "none",
  "A128GCM",
  "A192GCM",
  "A256GCM"
]
id_token_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "PS256",
  "PS384",
  "PS512",
  "ES256",
  "ES384",
  "ES512"
]
id_token_encryption_alg_values_supported
[
  "none",
  "RSA-OAEP",
  "RSA-OAEP-256"
]
id_token_encryption_enc_values_supported
[
  "none",
  "A128GCM",
  "A192GCM",
  "A256GCM"
]
userinfo_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "PS256",
  "PS384",
  "PS512",
  "ES256",
  "ES384",
  "ES512"
]
userinfo_encryption_alg_values_supported
[
  "none",
  "RSA-OAEP",
  "RSA-OAEP-256"
]
userinfo_encryption_enc_values_supported
[
  "none",
  "A128GCM",
  "A192GCM",
  "A256GCM"
]
token_endpoint_auth_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "PS256",
  "PS384",
  "PS512",
  "ES256",
  "ES384",
  "ES512"
]
request_object_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "PS256",
  "PS384",
  "PS512",
  "ES256",
  "ES384",
  "ES512"
]
request_object_encryption_alg_values_supported
[
  "none",
  "RSA-OAEP",
  "RSA-OAEP-256"
]
request_object_encryption_enc_values_supported
[
  "none",
  "A128GCM",
  "A192GCM",
  "A256GCM"
]
subject_types_supported
[
  "public"
]
scopes_supported
[
  "openid",
  "profile",
  "email",
  "phone",
  "address"
]
claims_supported
[
  "realmName",
  "email",
  "given_name",
  "tenantId",
  "employee_id",
  "department",
  "job_title",
  "preferred_username",
  "groupIds",
  "upn",
  "uid",
  "family_name",
  "name",
  "mobile_number",
  "iss",
  "acr"
]
claim_types_supported
[
  "normal"
]
claims_parameter_supported
true
request_parameter_supported
true
request_uri_parameter_supported
true
require_request_uri_registration
true
tls_client_certificate_bound_access_tokens
true
mtls_endpoint_aliases
{
  "introspection_endpoint": "https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/introspect",
  "pushed_authorization_request_endpoint": "https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/par",
  "revocation_endpoint": "https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/revoke",
  "token_endpoint": "https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/token"
}
dpop_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "PS256",
  "PS384",
  "PS512",
  "ES256",
  "ES384",
  "ES512"
]
2022-11-23 05:48:56 SUCCESS
CheckServerConfiguration
Found required server configuration keys
required
[
  "authorization_endpoint",
  "token_endpoint",
  "issuer"
]
2022-11-23 05:48:56 SUCCESS
ExtractTLSTestValuesFromServerConfiguration
Extracted TLS information from authorization server configuration
registration_endpoint
{
  "testHost": "oidc-conformance.rel.verify.ibmcloudsecurity.com",
  "testPort": 443
}
authorization_endpoint
{
  "testHost": "oidc-conformance.rel.verify.ibmcloudsecurity.com",
  "testPort": 443
}
token_endpoint
{
  "testHost": "oidc-conformance.rel.verify.ibmcloudsecurity.com",
  "testPort": 443
}
userinfo_endpoint
{
  "testHost": "oidc-conformance.rel.verify.ibmcloudsecurity.com",
  "testPort": 443
}
2022-11-23 05:48:56
FetchServerKeys
Fetching server key
jwks_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/jwks
2022-11-23 05:48:56
FetchServerKeys
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/jwks
request_method
GET
request_headers
{
  "accept": "text/plain, application/json, application/*+json, */*",
  "content-length": "0"
}
request_body

                                
2022-11-23 05:48:56 RESPONSE
FetchServerKeys
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK765e3938-aa15-42a9-aa02-fc7b993e07da",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c281637db44809876659",
  "vary": "Accept-Encoding",
  "date": "Wed, 23 Nov 2022 05:48:56 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:Yv9wUn/7AVjsXS3g+o1nIwzQpWFsZbACQZHJXcv0m9Q\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:57871319; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003dE8B203CC1D1664ED1BC0C5ED9B20E27B~-1~YAAQ7fnerfnIKXyEAQAAdzsIowhAnzL1aH2ZrfKI/gQ+gUvMgjTjqQK838rO51oSsmgZe8fJ+CNrLSBA8zWN8HARu90wY6rL8ZoAUbSJXagA3mzeM5sqVFACXmt4qTZl0nLHkrM2aZH+NFpW90N0GgSHhAEvw4TCg+N5OttxGkmmCrrLBwzjBlAp2YL/OzwEsFWanqyBxAtZBqLsw95qneNX+Es7hz93VSgGLkfX0ZCDXuCTjIdLley9c6+keCAWa+LtgmWhLRlbea5YMHlhbVKastDbJsCK62F6AT9g24Z1Lst7T0tk1lAXA28ml3W1AkkLpls2wZxCopnGlS9b8cxQ1ltga4BKjeJ6CT8egMahEd/UTYSc7w3EZQQNl4xZUkdZwFk\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dThu, 23 Nov 2023 05:48:56 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d831EEA4D14BCC0E63CF5C85C67944400~YAAQ7fnerfrIKXyEAQAAdzsIoxG86PDegML6DmpIfkJKuRJuRYsSOEL6zIRQEt9kqpJRMil3yTpI2PQS3QWJl6UhnIRRz/dEjHEraoAW5cMuUovC0g0c+GDDRkydvuvDAcAnp7rkLTUqSWBz/J9Y06i1l2rcis2s/vFvW2kzDJGF5/eLd6m1pjbwSAEpW9p4gTAsRG0l8rveXXhwD3YdBMn75qqGN4qjF9Tm8ufiOdiyG1QSfj41Iz7YsWGVzJ1GdFV5ROSDJOdXBGeuOjushC+/HbgfZBhpnYhJ/yT7luZrh1Ajq+KEu7JyPOlW~4342839~3354937; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dWed, 23 Nov 2022 09:48:56 GMT; Max-Age\u003d14400"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d93",
    "origin; dur\u003d197"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"keys":[{"kid":"server","kty":"RSA","use":"sig","x5c":["MIIDYDCCAkigAwIBAgIEIFW8uDANBgkqhkiG9w0BAQsFADByMQkwBwYDVQQGEwAxCTAHBgNVBAgTADEJMAcGA1UEBxMAMQkwBwYDVQQKEwAxCTAHBgNVBAsTADE5MDcGA1UEAxMwb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tMB4XDTIyMTExNDA0NDI0MFoXDTMyMTExMTA0NDI0MFowcjEJMAcGA1UEBhMAMQkwBwYDVQQIEwAxCTAHBgNVBAcTADEJMAcGA1UEChMAMQkwBwYDVQQLEwAxOTA3BgNVBAMTMG9pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALBtmxl55OH/ceueSG0bRucWkdCLybhWwz+x9J6IOb8Q89d4lcd7xhdkN+9nYEjqQMDrUEFDj2ajikKlxrJk7tZSkbu5skFuxHUETDhjHBqnNQb1jwhAdYzBPFTyQ9Ii7lm0uYTthnBJKvpvjKPoz7H9Vuu15RNDujq7RF6sDGSIJUTaxbx7EM2Xv37iqfSAjaMCvfLelacNHUfCAoyGeJYXCIOnlg2/KdfoN4QHKw9Dwq12Br2vau/TcvbD8Na4b+Mm/NEf00wFjt+MtbMCDyUFMQbsAuAk2eFS3eABb1VOQ9ZZOOcsXwB4nRewWIVVhJyMEixDXxm73G9oJBUpI6sCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAhvvrczfcb1xsYJeEiVtctWlLfHXyKkfyJpIU1nTGdKpd18tPv4OeLMyuJsOFenhJD95UauFwz3AT1zdHShp04JHWTtkb7aezFN4C9fpb97BUR0BheoYzkC6pgZ7M4QkkKE/AKYZfWLahqcbZ6ICmUfXyDJ2mWpXLpLm+l6jh32NF74ho8h4b65cMpDk5mFEp9vf1WgnmaWGtFjVuhAgaS8IrYcDy3DzVrZX/0kCPa0EXng7Xx1IkhUaKz0ajx3ZCmC6HmNa6U+oDKboGq7w1ZfscjOr8nB9M0f5BUAQN1m0nGAR1Ac96BMjfwwS/05lpPLF3Dv5CzOGLuIi0Cws7xA=="],"x5t#S256":"PVCDmVgwC-YE7Q8Bfe_9jJ8izpYjwStjUEYZEe-58Y4","n":"sG2bGXnk4f9x655IbRtG5xaR0IvJuFbDP7H0nog5vxDz13iVx3vGF2Q372dgSOpAwOtQQUOPZqOKQqXGsmTu1lKRu7myQW7EdQRMOGMcGqc1BvWPCEB1jME8VPJD0iLuWbS5hO2GcEkq-m-Mo-jPsf1W67XlE0O6OrtEXqwMZIglRNrFvHsQzZe_fuKp9ICNowK98t6Vpw0dR8ICjIZ4lhcIg6eWDb8p1-g3hAcrD0PCrXYGva9q79Ny9sPw1rhv4yb80R_TTAWO34y1swIPJQUxBuwC4CTZ4VLd4AFvVU5D1lk45yxfAHidF7BYhVWEnIwSLENfGbvcb2gkFSkjqw","e":"AQAB"}]}
2022-11-23 05:48:56
FetchServerKeys
Found JWK set string
jwk_string
{"keys":[{"kid":"server","kty":"RSA","use":"sig","x5c":["MIIDYDCCAkigAwIBAgIEIFW8uDANBgkqhkiG9w0BAQsFADByMQkwBwYDVQQGEwAxCTAHBgNVBAgTADEJMAcGA1UEBxMAMQkwBwYDVQQKEwAxCTAHBgNVBAsTADE5MDcGA1UEAxMwb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tMB4XDTIyMTExNDA0NDI0MFoXDTMyMTExMTA0NDI0MFowcjEJMAcGA1UEBhMAMQkwBwYDVQQIEwAxCTAHBgNVBAcTADEJMAcGA1UEChMAMQkwBwYDVQQLEwAxOTA3BgNVBAMTMG9pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALBtmxl55OH/ceueSG0bRucWkdCLybhWwz+x9J6IOb8Q89d4lcd7xhdkN+9nYEjqQMDrUEFDj2ajikKlxrJk7tZSkbu5skFuxHUETDhjHBqnNQb1jwhAdYzBPFTyQ9Ii7lm0uYTthnBJKvpvjKPoz7H9Vuu15RNDujq7RF6sDGSIJUTaxbx7EM2Xv37iqfSAjaMCvfLelacNHUfCAoyGeJYXCIOnlg2/KdfoN4QHKw9Dwq12Br2vau/TcvbD8Na4b+Mm/NEf00wFjt+MtbMCDyUFMQbsAuAk2eFS3eABb1VOQ9ZZOOcsXwB4nRewWIVVhJyMEixDXxm73G9oJBUpI6sCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAhvvrczfcb1xsYJeEiVtctWlLfHXyKkfyJpIU1nTGdKpd18tPv4OeLMyuJsOFenhJD95UauFwz3AT1zdHShp04JHWTtkb7aezFN4C9fpb97BUR0BheoYzkC6pgZ7M4QkkKE/AKYZfWLahqcbZ6ICmUfXyDJ2mWpXLpLm+l6jh32NF74ho8h4b65cMpDk5mFEp9vf1WgnmaWGtFjVuhAgaS8IrYcDy3DzVrZX/0kCPa0EXng7Xx1IkhUaKz0ajx3ZCmC6HmNa6U+oDKboGq7w1ZfscjOr8nB9M0f5BUAQN1m0nGAR1Ac96BMjfwwS/05lpPLF3Dv5CzOGLuIi0Cws7xA=="],"x5t#S256":"PVCDmVgwC-YE7Q8Bfe_9jJ8izpYjwStjUEYZEe-58Y4","n":"sG2bGXnk4f9x655IbRtG5xaR0IvJuFbDP7H0nog5vxDz13iVx3vGF2Q372dgSOpAwOtQQUOPZqOKQqXGsmTu1lKRu7myQW7EdQRMOGMcGqc1BvWPCEB1jME8VPJD0iLuWbS5hO2GcEkq-m-Mo-jPsf1W67XlE0O6OrtEXqwMZIglRNrFvHsQzZe_fuKp9ICNowK98t6Vpw0dR8ICjIZ4lhcIg6eWDb8p1-g3hAcrD0PCrXYGva9q79Ny9sPw1rhv4yb80R_TTAWO34y1swIPJQUxBuwC4CTZ4VLd4AFvVU5D1lk45yxfAHidF7BYhVWEnIwSLENfGbvcb2gkFSkjqw","e":"AQAB"}]}
2022-11-23 05:48:56 SUCCESS
FetchServerKeys
Found server JWK set
server_jwks
{
  "keys": [
    {
      "kid": "server",
      "kty": "RSA",
      "use": "sig",
      "x5c": [
        "MIIDYDCCAkigAwIBAgIEIFW8uDANBgkqhkiG9w0BAQsFADByMQkwBwYDVQQGEwAxCTAHBgNVBAgTADEJMAcGA1UEBxMAMQkwBwYDVQQKEwAxCTAHBgNVBAsTADE5MDcGA1UEAxMwb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tMB4XDTIyMTExNDA0NDI0MFoXDTMyMTExMTA0NDI0MFowcjEJMAcGA1UEBhMAMQkwBwYDVQQIEwAxCTAHBgNVBAcTADEJMAcGA1UEChMAMQkwBwYDVQQLEwAxOTA3BgNVBAMTMG9pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALBtmxl55OH/ceueSG0bRucWkdCLybhWwz+x9J6IOb8Q89d4lcd7xhdkN+9nYEjqQMDrUEFDj2ajikKlxrJk7tZSkbu5skFuxHUETDhjHBqnNQb1jwhAdYzBPFTyQ9Ii7lm0uYTthnBJKvpvjKPoz7H9Vuu15RNDujq7RF6sDGSIJUTaxbx7EM2Xv37iqfSAjaMCvfLelacNHUfCAoyGeJYXCIOnlg2/KdfoN4QHKw9Dwq12Br2vau/TcvbD8Na4b+Mm/NEf00wFjt+MtbMCDyUFMQbsAuAk2eFS3eABb1VOQ9ZZOOcsXwB4nRewWIVVhJyMEixDXxm73G9oJBUpI6sCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAhvvrczfcb1xsYJeEiVtctWlLfHXyKkfyJpIU1nTGdKpd18tPv4OeLMyuJsOFenhJD95UauFwz3AT1zdHShp04JHWTtkb7aezFN4C9fpb97BUR0BheoYzkC6pgZ7M4QkkKE/AKYZfWLahqcbZ6ICmUfXyDJ2mWpXLpLm+l6jh32NF74ho8h4b65cMpDk5mFEp9vf1WgnmaWGtFjVuhAgaS8IrYcDy3DzVrZX/0kCPa0EXng7Xx1IkhUaKz0ajx3ZCmC6HmNa6U+oDKboGq7w1ZfscjOr8nB9M0f5BUAQN1m0nGAR1Ac96BMjfwwS/05lpPLF3Dv5CzOGLuIi0Cws7xA\u003d\u003d"
      ],
      "x5t#S256": "PVCDmVgwC-YE7Q8Bfe_9jJ8izpYjwStjUEYZEe-58Y4",
      "n": "sG2bGXnk4f9x655IbRtG5xaR0IvJuFbDP7H0nog5vxDz13iVx3vGF2Q372dgSOpAwOtQQUOPZqOKQqXGsmTu1lKRu7myQW7EdQRMOGMcGqc1BvWPCEB1jME8VPJD0iLuWbS5hO2GcEkq-m-Mo-jPsf1W67XlE0O6OrtEXqwMZIglRNrFvHsQzZe_fuKp9ICNowK98t6Vpw0dR8ICjIZ4lhcIg6eWDb8p1-g3hAcrD0PCrXYGva9q79Ny9sPw1rhv4yb80R_TTAWO34y1swIPJQUxBuwC4CTZ4VLd4AFvVU5D1lk45yxfAHidF7BYhVWEnIwSLENfGbvcb2gkFSkjqw",
      "e": "AQAB"
    }
  ]
}
2022-11-23 05:48:56 SUCCESS
CheckServerKeysIsValid
Server JWKs is valid
server_jwks
{
  "keys": [
    {
      "kid": "server",
      "kty": "RSA",
      "use": "sig",
      "x5c": [
        "MIIDYDCCAkigAwIBAgIEIFW8uDANBgkqhkiG9w0BAQsFADByMQkwBwYDVQQGEwAxCTAHBgNVBAgTADEJMAcGA1UEBxMAMQkwBwYDVQQKEwAxCTAHBgNVBAsTADE5MDcGA1UEAxMwb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tMB4XDTIyMTExNDA0NDI0MFoXDTMyMTExMTA0NDI0MFowcjEJMAcGA1UEBhMAMQkwBwYDVQQIEwAxCTAHBgNVBAcTADEJMAcGA1UEChMAMQkwBwYDVQQLEwAxOTA3BgNVBAMTMG9pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALBtmxl55OH/ceueSG0bRucWkdCLybhWwz+x9J6IOb8Q89d4lcd7xhdkN+9nYEjqQMDrUEFDj2ajikKlxrJk7tZSkbu5skFuxHUETDhjHBqnNQb1jwhAdYzBPFTyQ9Ii7lm0uYTthnBJKvpvjKPoz7H9Vuu15RNDujq7RF6sDGSIJUTaxbx7EM2Xv37iqfSAjaMCvfLelacNHUfCAoyGeJYXCIOnlg2/KdfoN4QHKw9Dwq12Br2vau/TcvbD8Na4b+Mm/NEf00wFjt+MtbMCDyUFMQbsAuAk2eFS3eABb1VOQ9ZZOOcsXwB4nRewWIVVhJyMEixDXxm73G9oJBUpI6sCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAhvvrczfcb1xsYJeEiVtctWlLfHXyKkfyJpIU1nTGdKpd18tPv4OeLMyuJsOFenhJD95UauFwz3AT1zdHShp04JHWTtkb7aezFN4C9fpb97BUR0BheoYzkC6pgZ7M4QkkKE/AKYZfWLahqcbZ6ICmUfXyDJ2mWpXLpLm+l6jh32NF74ho8h4b65cMpDk5mFEp9vf1WgnmaWGtFjVuhAgaS8IrYcDy3DzVrZX/0kCPa0EXng7Xx1IkhUaKz0ajx3ZCmC6HmNa6U+oDKboGq7w1ZfscjOr8nB9M0f5BUAQN1m0nGAR1Ac96BMjfwwS/05lpPLF3Dv5CzOGLuIi0Cws7xA\u003d\u003d"
      ],
      "x5t#S256": "PVCDmVgwC-YE7Q8Bfe_9jJ8izpYjwStjUEYZEe-58Y4",
      "n": "sG2bGXnk4f9x655IbRtG5xaR0IvJuFbDP7H0nog5vxDz13iVx3vGF2Q372dgSOpAwOtQQUOPZqOKQqXGsmTu1lKRu7myQW7EdQRMOGMcGqc1BvWPCEB1jME8VPJD0iLuWbS5hO2GcEkq-m-Mo-jPsf1W67XlE0O6OrtEXqwMZIglRNrFvHsQzZe_fuKp9ICNowK98t6Vpw0dR8ICjIZ4lhcIg6eWDb8p1-g3hAcrD0PCrXYGva9q79Ny9sPw1rhv4yb80R_TTAWO34y1swIPJQUxBuwC4CTZ4VLd4AFvVU5D1lk45yxfAHidF7BYhVWEnIwSLENfGbvcb2gkFSkjqw",
      "e": "AQAB"
    }
  ]
}
2022-11-23 05:48:56 SUCCESS
ValidateServerJWKs
Valid server JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2022-11-23 05:48:56 SUCCESS
CheckForKeyIdInServerJWKs
All keys contain kids
2022-11-23 05:48:56 SUCCESS
CheckDistinctKeyIdValueInServerJWKs
Distinct 'kid' value in all keys of server_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2022-11-23 05:48:56 SUCCESS
EnsureServerJwksDoesNotContainPrivateOrSymmetricKeys
Jwks does not contain any private or symmetric keys
2022-11-23 05:48:56 SUCCESS
GetStaticClientConfiguration
Found a static client object
client_id
1dc791c1-a17e-4278-98b8-e9d107eb9b1c
client_secret
P7coVadr6f
2022-11-23 05:48:56 INFO
ValidateClientJWKsPrivatePart
Skipped evaluation due to missing required element: client jwks
path
jwks
mapped
object
client
2022-11-23 05:48:56 INFO
ExtractJWKsFromStaticClientConfiguration
Skipped evaluation due to missing required element: client jwks
path
jwks
mapped
object
client
2022-11-23 05:48:56 INFO
CheckDistinctKeyIdValueInClientJWKs
Skipped evaluation due to missing required element: client jwks
path
jwks
mapped
object
client
2022-11-23 05:48:56
SetScopeInClientConfigurationToOpenId
Set scope in client configuration to "openid"
scope
openid
2022-11-23 05:48:56 SUCCESS
EnsureServerConfigurationSupportsClientSecretBasic
Contents of 'token_endpoint_auth_methods_supported' in discovery document matches expectations.
actual
[
  "client_secret_basic",
  "client_secret_post",
  "private_key_jwt",
  "tls_client_auth"
]
expected
[
  "client_secret_basic"
]
minimum_matches_required
1
2022-11-23 05:48:56
SetScopeInClientConfigurationToOpenIdEmail
Set scope in client configuration to "openid email"
scope
openid email
2022-11-23 05:48:56 SUCCESS
OIDCCCheckScopesSupportedContainScopeTest
'scopes_supported' in discovery document contain expected scopes
actual
[
  "openid",
  "profile",
  "email",
  "phone",
  "address"
]
expected
openid email
2022-11-23 05:48:56 SUCCESS
SetProtectedResourceUrlToUserInfoEndpoint
userinfo_endpoint will be used to test access token. The user info is not a mandatory to implement feature in the OpenID Connect specification, but is mandatory for certification.
protected_resource_url
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/userinfo
2022-11-23 05:48:56
oidcc-scope-email
Setup Done
Make request to authorization endpoint
2022-11-23 05:48:56 SUCCESS
CreateAuthorizationEndpointRequestFromClientInformation
Created authorization endpoint request
client_id
1dc791c1-a17e-4278-98b8-e9d107eb9b1c
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
scope
openid email
2022-11-23 05:48:56
CreateRandomStateValue
Created state value
requested_state_length
10
state
w1StDb8bau
2022-11-23 05:48:56 SUCCESS
AddStateToAuthorizationEndpointRequest
Added state parameter to request
client_id
1dc791c1-a17e-4278-98b8-e9d107eb9b1c
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
scope
openid email
state
w1StDb8bau
2022-11-23 05:48:56
CreateRandomNonceValue
Created nonce value
requested_nonce_length
10
nonce
WR6dunQeSE
2022-11-23 05:48:56 SUCCESS
AddNonceToAuthorizationEndpointRequest
Added nonce parameter to request
client_id
1dc791c1-a17e-4278-98b8-e9d107eb9b1c
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
scope
openid email
state
w1StDb8bau
nonce
WR6dunQeSE
2022-11-23 05:48:56 SUCCESS
SetAuthorizationEndpointRequestResponseTypeFromEnvironment
Added response_type parameter to request
client_id
1dc791c1-a17e-4278-98b8-e9d107eb9b1c
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
scope
openid email
state
w1StDb8bau
nonce
WR6dunQeSE
response_type
code token
2022-11-23 05:48:56 SUCCESS
BuildPlainRedirectToAuthorizationEndpoint
Sending to authorization endpoint
auth_request
{
  "client_id": "1dc791c1-a17e-4278-98b8-e9d107eb9b1c",
  "redirect_uri": "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback",
  "scope": "openid email",
  "state": "w1StDb8bau",
  "nonce": "WR6dunQeSE",
  "response_type": "code token"
}
redirect_to_authorization_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/authorize?client_id=1dc791c1-a17e-4278-98b8-e9d107eb9b1c&redirect_uri=https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback&scope=openid%20email&state=w1StDb8bau&nonce=WR6dunQeSE&response_type=code%20token
2022-11-23 05:48:56 REDIRECT
oidcc-scope-email
Redirecting to authorization endpoint
redirect_to
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/authorize?client_id=1dc791c1-a17e-4278-98b8-e9d107eb9b1c&redirect_uri=https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback&scope=openid%20email&state=w1StDb8bau&nonce=WR6dunQeSE&response_type=code%20token
2022-11-23 05:49:02 INCOMING
oidcc-scope-email
Incoming HTTP request to /test/a/isv_op_oidc_core_test/callback
incoming_headers
{
  "host": "www.certification.openid.net",
  "upgrade-insecure-requests": "1",
  "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,image/avif,image/webp,image/apng,*/*;q\u003d0.8,application/signed-exchange;v\u003db3;q\u003d0.9",
  "sec-fetch-site": "cross-site",
  "sec-fetch-mode": "navigate",
  "sec-fetch-user": "?1",
  "sec-fetch-dest": "document",
  "sec-ch-ua": "\"Google Chrome\";v\u003d\"107\", \"Chromium\";v\u003d\"107\", \"Not\u003dA?Brand\";v\u003d\"24\"",
  "sec-ch-ua-mobile": "?0",
  "sec-ch-ua-platform": "\"Windows\"",
  "referer": "https://www.certification.openid.net/",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-US,en;q\u003d0.9,zh-CN;q\u003d0.8,zh;q\u003d0.7",
  "cookie": "__utmz\u003d201319536.1668662898.14.3.utmcsr\u003dcertification.openid.net|utmccn\u003d(referral)|utmcmd\u003dreferral|utmcct\u003d/; __utmc\u003d201319536; __utma\u003d201319536.1094656506.1667372526.1669008266.1669169819.16; JSESSIONID\u003d4D796BBE98421D9BA4ADC06BB0F0AD31",
  "connection": "close"
}
incoming_path
/test/a/isv_op_oidc_core_test/callback
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cert
incoming_query_string_params
{}
incoming_body
incoming_tls_chain
[
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL"
]
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_body_json
2022-11-23 05:49:02 SUCCESS
CreateRandomImplicitSubmitUrl
Created random implicit submission URL
implicit_submit
{
  "path": "implicit/XSzcZ40SUhKDAgfUWHbd",
  "fullUrl": "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/implicit/XSzcZ40SUhKDAgfUWHbd"
}
2022-11-23 05:49:02 OUTGOING
oidcc-scope-email
Response to HTTP request to test instance YoM9pkSc6f1VU9p
outgoing
ModelAndView [view="implicitCallback"; model={implicitSubmitUrl=https://www.certification.openid.net/test/a/isv_op_oidc_core_test/implicit/XSzcZ40SUhKDAgfUWHbd, returnUrl=/log-detail.html?log=YoM9pkSc6f1VU9p}]
outgoing_path
callback
2022-11-23 05:49:02 INCOMING
oidcc-scope-email
Incoming HTTP request to /test/a/isv_op_oidc_core_test/implicit/XSzcZ40SUhKDAgfUWHbd
incoming_headers
{
  "host": "www.certification.openid.net",
  "sec-ch-ua": "\"Google Chrome\";v\u003d\"107\", \"Chromium\";v\u003d\"107\", \"Not\u003dA?Brand\";v\u003d\"24\"",
  "accept": "*/*",
  "content-type": "text/plain",
  "x-requested-with": "XMLHttpRequest",
  "sec-ch-ua-mobile": "?0",
  "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36",
  "sec-ch-ua-platform": "\"Windows\"",
  "origin": "https://www.certification.openid.net",
  "sec-fetch-site": "same-origin",
  "sec-fetch-mode": "cors",
  "sec-fetch-dest": "empty",
  "referer": "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-US,en;q\u003d0.9,zh-CN;q\u003d0.8,zh;q\u003d0.7",
  "cookie": "__utmz\u003d201319536.1668662898.14.3.utmcsr\u003dcertification.openid.net|utmccn\u003d(referral)|utmcmd\u003dreferral|utmcct\u003d/; __utmc\u003d201319536; __utma\u003d201319536.1094656506.1667372526.1669008266.1669169819.16; JSESSIONID\u003d4D796BBE98421D9BA4ADC06BB0F0AD31",
  "connection": "close",
  "content-length": "447"
}
incoming_path
/test/a/isv_op_oidc_core_test/implicit/XSzcZ40SUhKDAgfUWHbd
incoming_body_form_params
incoming_method
POST
incoming_tls_version
TLSv1.2
incoming_tls_cert
incoming_query_string_params
{}
incoming_body
#access_token=o2hngGY6BhdvxItojzQjGKMXeEgvYF5MRl6FvE3xq64.rUnq9FPEEcgCnFPv3x-UoEyz0mEVDPVLJwSWxNmjWPTfub9OOGgXomzVHO9VG9y8PXZvoOMWjyF47864v8djVg.M18xNjY5MTgyNTQxXzE4&code=K4c9kRPU2KdXWCcmkWEDfbH6cqE6fFiJTIQ83lAcQ3s.5S2DN41lXSUKEuNMzL0bLvZpPL8tAhFqH8H51oJna3cY5cNO8yn5wS50SrKQdvSIYQ83s99FYJt7xpw430Y2dA&expires_in=3600&iss=https%3A%2F%2Foidc-conformance.rel.verify.ibmcloudsecurity.com%2Foauth2&scope=openid+email&state=w1StDb8bau&token_type=bearer
incoming_tls_chain
[
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL"
]
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_body_json
2022-11-23 05:49:02 OUTGOING
oidcc-scope-email
Response to HTTP request to test instance YoM9pkSc6f1VU9p
outgoing_status_code
204
outgoing_headers
{}
outgoing_body

                                
outgoing_path
implicit/XSzcZ40SUhKDAgfUWHbd
2022-11-23 05:49:02
ExtractImplicitHashToCallbackResponse
Extracted response from URL fragment
parameters
[
  {
    "name": "access_token",
    "value": "o2hngGY6BhdvxItojzQjGKMXeEgvYF5MRl6FvE3xq64.rUnq9FPEEcgCnFPv3x-UoEyz0mEVDPVLJwSWxNmjWPTfub9OOGgXomzVHO9VG9y8PXZvoOMWjyF47864v8djVg.M18xNjY5MTgyNTQxXzE4"
  },
  {
    "name": "code",
    "value": "K4c9kRPU2KdXWCcmkWEDfbH6cqE6fFiJTIQ83lAcQ3s.5S2DN41lXSUKEuNMzL0bLvZpPL8tAhFqH8H51oJna3cY5cNO8yn5wS50SrKQdvSIYQ83s99FYJt7xpw430Y2dA"
  },
  {
    "name": "expires_in",
    "value": "3600"
  },
  {
    "name": "iss",
    "value": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2"
  },
  {
    "name": "scope",
    "value": "openid email"
  },
  {
    "name": "state",
    "value": "w1StDb8bau"
  },
  {
    "name": "token_type",
    "value": "bearer"
  }
]
2022-11-23 05:49:02 SUCCESS
ExtractImplicitHashToCallbackResponse
Extracted the hash values
access_token
o2hngGY6BhdvxItojzQjGKMXeEgvYF5MRl6FvE3xq64.rUnq9FPEEcgCnFPv3x-UoEyz0mEVDPVLJwSWxNmjWPTfub9OOGgXomzVHO9VG9y8PXZvoOMWjyF47864v8djVg.M18xNjY5MTgyNTQxXzE4
code
K4c9kRPU2KdXWCcmkWEDfbH6cqE6fFiJTIQ83lAcQ3s.5S2DN41lXSUKEuNMzL0bLvZpPL8tAhFqH8H51oJna3cY5cNO8yn5wS50SrKQdvSIYQ83s99FYJt7xpw430Y2dA
expires_in
3600
iss
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2
scope
openid email
state
w1StDb8bau
token_type
bearer
2022-11-23 05:49:02 REDIRECT-IN
oidcc-scope-email
Authorization endpoint response captured
url_query
{}
headers
{
  "host": "www.certification.openid.net",
  "upgrade-insecure-requests": "1",
  "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,image/avif,image/webp,image/apng,*/*;q\u003d0.8,application/signed-exchange;v\u003db3;q\u003d0.9",
  "sec-fetch-site": "cross-site",
  "sec-fetch-mode": "navigate",
  "sec-fetch-user": "?1",
  "sec-fetch-dest": "document",
  "sec-ch-ua": "\"Google Chrome\";v\u003d\"107\", \"Chromium\";v\u003d\"107\", \"Not\u003dA?Brand\";v\u003d\"24\"",
  "sec-ch-ua-mobile": "?0",
  "sec-ch-ua-platform": "\"Windows\"",
  "referer": "https://www.certification.openid.net/",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-US,en;q\u003d0.9,zh-CN;q\u003d0.8,zh;q\u003d0.7",
  "cookie": "__utmz\u003d201319536.1668662898.14.3.utmcsr\u003dcertification.openid.net|utmccn\u003d(referral)|utmcmd\u003dreferral|utmcct\u003d/; __utmc\u003d201319536; __utma\u003d201319536.1094656506.1667372526.1669008266.1669169819.16; JSESSIONID\u003d4D796BBE98421D9BA4ADC06BB0F0AD31",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "x-forwarded-proto": "https",
  "x-forwarded-port": "443",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
http_method
GET
url_fragment
{
  "access_token": "o2hngGY6BhdvxItojzQjGKMXeEgvYF5MRl6FvE3xq64.rUnq9FPEEcgCnFPv3x-UoEyz0mEVDPVLJwSWxNmjWPTfub9OOGgXomzVHO9VG9y8PXZvoOMWjyF47864v8djVg.M18xNjY5MTgyNTQxXzE4",
  "code": "K4c9kRPU2KdXWCcmkWEDfbH6cqE6fFiJTIQ83lAcQ3s.5S2DN41lXSUKEuNMzL0bLvZpPL8tAhFqH8H51oJna3cY5cNO8yn5wS50SrKQdvSIYQ83s99FYJt7xpw430Y2dA",
  "expires_in": "3600",
  "iss": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "scope": "openid email",
  "state": "w1StDb8bau",
  "token_type": "bearer"
}
post_body
Verify authorization endpoint response
2022-11-23 05:49:02 SUCCESS
RejectAuthCodeInUrlQuery
Authorization code is not present in URL query returned from authorization endpoint
2022-11-23 05:49:02 SUCCESS
RejectErrorInUrlQuery
'error' is not present in URL query returned from authorization endpoint
2022-11-23 05:49:02 SUCCESS
CheckMatchingCallbackParameters
Callback parameters successfully verified
2022-11-23 05:49:02 SUCCESS
ValidateIssInAuthorizationResponse
'iss' parameter in authorization response matches server's issuer value.
2022-11-23 05:49:02 SUCCESS
CheckIfAuthorizationEndpointError
No error from authorization endpoint
2022-11-23 05:49:02 SUCCESS
CheckStateInAuthorizationResponse
State in response correctly returned
state
w1StDb8bau
2022-11-23 05:49:02 SUCCESS
ExtractAuthorizationCodeFromAuthorizationResponse
Found authorization code
code
K4c9kRPU2KdXWCcmkWEDfbH6cqE6fFiJTIQ83lAcQ3s.5S2DN41lXSUKEuNMzL0bLvZpPL8tAhFqH8H51oJna3cY5cNO8yn5wS50SrKQdvSIYQ83s99FYJt7xpw430Y2dA
2022-11-23 05:49:02 SUCCESS
ExtractAccessTokenFromAuthorizationResponse
Extracted the access token
value
o2hngGY6BhdvxItojzQjGKMXeEgvYF5MRl6FvE3xq64.rUnq9FPEEcgCnFPv3x-UoEyz0mEVDPVLJwSWxNmjWPTfub9OOGgXomzVHO9VG9y8PXZvoOMWjyF47864v8djVg.M18xNjY5MTgyNTQxXzE4
type
bearer
Userinfo endpoint tests
2022-11-23 05:49:02
CallProtectedResource
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/userinfo
request_method
GET
request_headers
{
  "accept": "application/json",
  "authorization": "bearer o2hngGY6BhdvxItojzQjGKMXeEgvYF5MRl6FvE3xq64.rUnq9FPEEcgCnFPv3x-UoEyz0mEVDPVLJwSWxNmjWPTfub9OOGgXomzVHO9VG9y8PXZvoOMWjyF47864v8djVg.M18xNjY5MTgyNTQxXzE4",
  "content-length": "0"
}
request_body

                                
2022-11-23 05:49:02 RESPONSE
CallProtectedResource
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK6e8d0576-abd7-4d0f-b84b-4b23b86f8a84",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c281637db44e21e722b1",
  "content-length": "828",
  "date": "Wed, 23 Nov 2022 05:49:02 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:LjHYfhWkFfSDOo7K1JoxNxMrftNRr0ROOCmsrS6a5D8\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:57871319; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d275E436B8FBE68A090C42A239255A248~-1~YAAQ7fnerQnJKXyEAQAAB1QIowhGo90bn4yqyptKOPM2KURSdiYNkwA6y5igmxL0xVRogyy7y1SXtv/ygJw8INfydz0LDkUf25GNWpFT1LxsfjQyvdMVZoKbismDcl24ZTZomvd80u2p+pkJ2nRnIIFfAVXGHDwImPagXTuceF69eenQdCOIAiBDm6BnjHaQe52kJ2yTzQGdM0xfO5J429SOEeatBANKUkqWjnkLwSHXILAM0/k1wd0WskDmvBH5RdIMt7JEKw/bzt4jR4Qp032SH/7cLuR6TUhAq8MfzZthLhgzWekoGCD0w8mlM/SvVxvbcPCAb7pUTTIwOEcdU8AzhMOcgHkUwN2CPwQ8ooZRXEZUv8Cu1d6Uzp4nDXybVw4zlBs\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dThu, 23 Nov 2023 05:49:02 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003dAAA0DBF848DCE6F8C000F755FB8127D7~YAAQ7fnerQrJKXyEAQAAB1QIoxFSF1+ErjkR9ZQ5YoiBeqYy+INo04cmAL9yi51zW09A4PuQ1yUF8jx40QAtIK9KQPcYUZi5WWf4zLL/FSxgWSuWuLx/QLa9kB2gMDS3mVHcNvZkruILejKXRWOKfe/omY5jpNy1SfMtINEt37pawYG25E4K2bccpxc2t8zqAom/yXOik7QXrFFk0GmALcPfNG797prI6VO8DOgizlopFCTUT3hNUp7DHA+wQl1m9YM4+MVtYmch4Ucg0jPCuWF5ljHFzGxn/rtgfZlNCGTBgSyiGd7uese9acvi~4339760~3420229; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dWed, 23 Nov 2022 09:49:02 GMT; Max-Age\u003d14400"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d90",
    "origin; dur\u003d109"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"acr":"1","address":{"address":{"country":"US","locality":"Los Angeles","postal_code":"90210","region":"CA","street_address":"1234 Hollywood Blvd."},"phone_number":"+1 (310) 123-4567"},"amr":["password"],"aud":["1dc791c1-a17e-4278-98b8-e9d107eb9b1c"],"auth_time":1669181676,"birthdate":"2022-11-23","email_verified":true,"gender":"Male","iss":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2","locale":"en-US","middle_name":"MiddleName","name":"ISV Dev","nickname":"nickname","phone_number":"123456789","phone_number_verified":true,"picture":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com","preferred_username":"isvdev@ibm.com","profile":"End-User","rat":1669182541,"realmName":"cloudIdentityRealm","sub":"6160017N67","updated_at":1669172854,"website":"www.ibm.com","zoneinfo":"America/Los_Angeles"}
2022-11-23 05:49:02 SUCCESS
CallProtectedResource
Got a response from the resource endpoint
status
200
endpoint_name
resource
headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK6e8d0576-abd7-4d0f-b84b-4b23b86f8a84",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c281637db44e21e722b1",
  "content-length": "828",
  "date": "Wed, 23 Nov 2022 05:49:02 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:LjHYfhWkFfSDOo7K1JoxNxMrftNRr0ROOCmsrS6a5D8\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:57871319; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d275E436B8FBE68A090C42A239255A248~-1~YAAQ7fnerQnJKXyEAQAAB1QIowhGo90bn4yqyptKOPM2KURSdiYNkwA6y5igmxL0xVRogyy7y1SXtv/ygJw8INfydz0LDkUf25GNWpFT1LxsfjQyvdMVZoKbismDcl24ZTZomvd80u2p+pkJ2nRnIIFfAVXGHDwImPagXTuceF69eenQdCOIAiBDm6BnjHaQe52kJ2yTzQGdM0xfO5J429SOEeatBANKUkqWjnkLwSHXILAM0/k1wd0WskDmvBH5RdIMt7JEKw/bzt4jR4Qp032SH/7cLuR6TUhAq8MfzZthLhgzWekoGCD0w8mlM/SvVxvbcPCAb7pUTTIwOEcdU8AzhMOcgHkUwN2CPwQ8ooZRXEZUv8Cu1d6Uzp4nDXybVw4zlBs\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dThu, 23 Nov 2023 05:49:02 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003dAAA0DBF848DCE6F8C000F755FB8127D7~YAAQ7fnerQrJKXyEAQAAB1QIoxFSF1+ErjkR9ZQ5YoiBeqYy+INo04cmAL9yi51zW09A4PuQ1yUF8jx40QAtIK9KQPcYUZi5WWf4zLL/FSxgWSuWuLx/QLa9kB2gMDS3mVHcNvZkruILejKXRWOKfe/omY5jpNy1SfMtINEt37pawYG25E4K2bccpxc2t8zqAom/yXOik7QXrFFk0GmALcPfNG797prI6VO8DOgizlopFCTUT3hNUp7DHA+wQl1m9YM4+MVtYmch4Ucg0jPCuWF5ljHFzGxn/rtgfZlNCGTBgSyiGd7uese9acvi~4339760~3420229; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dWed, 23 Nov 2022 09:49:02 GMT; Max-Age\u003d14400"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d90",
    "origin; dur\u003d109"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
body
{"acr":"1","address":{"address":{"country":"US","locality":"Los Angeles","postal_code":"90210","region":"CA","street_address":"1234 Hollywood Blvd."},"phone_number":"+1 (310) 123-4567"},"amr":["password"],"aud":["1dc791c1-a17e-4278-98b8-e9d107eb9b1c"],"auth_time":1669181676,"birthdate":"2022-11-23","email_verified":true,"gender":"Male","iss":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2","locale":"en-US","middle_name":"MiddleName","name":"ISV Dev","nickname":"nickname","phone_number":"123456789","phone_number_verified":true,"picture":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com","preferred_username":"isvdev@ibm.com","profile":"End-User","rat":1669182541,"realmName":"cloudIdentityRealm","sub":"6160017N67","updated_at":1669172854,"website":"www.ibm.com","zoneinfo":"America/Los_Angeles"}
2022-11-23 05:49:02 SUCCESS
EnsureHttpStatusCodeIs200
resource endpoint returned the expected http status
expected_status
200
http_status
200
2022-11-23 05:49:02 SUCCESS
CreateTokenEndpointRequestForAuthorizationCodeGrant
Created token endpoint request
grant_type
authorization_code
code
K4c9kRPU2KdXWCcmkWEDfbH6cqE6fFiJTIQ83lAcQ3s.5S2DN41lXSUKEuNMzL0bLvZpPL8tAhFqH8H51oJna3cY5cNO8yn5wS50SrKQdvSIYQ83s99FYJt7xpw430Y2dA
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
2022-11-23 05:49:02 SUCCESS
AddBasicAuthClientSecretAuthenticationParameters
Added basic authorization header
Authorization
Basic MWRjNzkxYzEtYTE3ZS00Mjc4LTk4YjgtZTlkMTA3ZWI5YjFjOlA3Y29WYWRyNmY=
2022-11-23 05:49:02
CallTokenEndpoint
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/token
request_method
POST
request_headers
{
  "accept": "application/json",
  "authorization": "Basic MWRjNzkxYzEtYTE3ZS00Mjc4LTk4YjgtZTlkMTA3ZWI5YjFjOlA3Y29WYWRyNmY\u003d",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "267"
}
request_body
grant_type=authorization_code&code=K4c9kRPU2KdXWCcmkWEDfbH6cqE6fFiJTIQ83lAcQ3s.5S2DN41lXSUKEuNMzL0bLvZpPL8tAhFqH8H51oJna3cY5cNO8yn5wS50SrKQdvSIYQ83s99FYJt7xpw430Y2dA&redirect_uri=https%3A%2F%2Fwww.certification.openid.net%2Ftest%2Fa%2Fisv_op_oidc_core_test%2Fcallback
2022-11-23 05:49:03 RESPONSE
CallTokenEndpoint
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK5277b019-4171-49d9-83f2-0f00f23e214a",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c281637db44f05602603",
  "content-length": "2176",
  "date": "Wed, 23 Nov 2022 05:49:03 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:KLFCIPThfiSEvtdrTDPhs+38Hd0HNV37G6W+Danrnv8\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:61017047; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d9F36A3A236BB773AB2BDE96B89498087~-1~YAAQ7fnerQvJKXyEAQAARlUIowhYvx12J+hWF5FLB5TJ5h+ZIJt4as6bcP4sn06pyUE0o2eI5U+wdLipQJ0FuLG0pi1vhSaqYcSfv7MYIiQ2ao4nQI2QKObxhuidz2F5s/v+p7feTHaCgVrj/DzOB3pw7syBareamolUQvTamtH9ynzmZxGNWXc/CNV5ovADQ5bzK9bXP9L7DKaBu1yWo3c4TIUbttFqwTrR75MNnol8wqAwSESSmdZ+twYaUX+taYtiqElxhU7QSMB6Nz6p7KcZavmugDjL/ql04T6NZCKzfQGK0qAQE3EhozZ5FeyuBMTXNTsIPziaNqnBD/ozRLIt4BQm+KlEyao/UJd73TCi4yX0SV/9JjfxAO5A7PywFast6iw\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dThu, 23 Nov 2023 05:49:03 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003dE6955AE6EA48DFBD52C2371C02EB227B~YAAQ7fnerQzJKXyEAQAARlUIoxGEQSTDvOKSedMn/olysIyk4IisVmXpHzUa5WglHD7zrr+ilPVkj3uFf2hkXSGObD6iztLGr5lqsjDQOXDZes4sO6/iQfNUBMy3L/4mKnwZC45mXSMhHJCYoGDZezRk28giYU7w+yZDHVKLv3uWyvJ3VNqmwHaOGNt5ST/ZVb89BAo6OY3AE0AAeLhmFEH9db1XPGpyUmloD9W21fbBTwhDjug4WImvcJevY9MJReS0prZls+M2TqxwnBQ2UgRnw8f0DE32kdNuQAw6oF55pUIi5hLTgGukAxHs~4339760~3420229; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dWed, 23 Nov 2022 09:49:02 GMT; Max-Age\u003d14399"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d94",
    "origin; dur\u003d160"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"access_token":"JTsJ23P4Qz3nFrKb8f4huWe1rVlnPDna7LbLwkaZI6g.5ielMN73x1ul5FaUv6SWoNa4wNJv0qH-9ye3DeJPLaKcQniac1J7iI44L_VTuSbThPDAKYxeqxSrtyS5QTZnBA.M18xNjY5MTgyNTQzXzE4","expires_in":3599,"id_token":"eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiIxIiwiYWRkcmVzcyI6eyJhZGRyZXNzIjp7ImNvdW50cnkiOiJVUyIsImxvY2FsaXR5IjoiTG9zIEFuZ2VsZXMiLCJwb3N0YWxfY29kZSI6IjkwMjEwIiwicmVnaW9uIjoiQ0EiLCJzdHJlZXRfYWRkcmVzcyI6IjEyMzQgSG9sbHl3b29kIEJsdmQuIn0sInBob25lX251bWJlciI6IisxICgzMTApIDEyMy00NTY3In0sImFtciI6WyJwYXNzd29yZCJdLCJhdF9oYXNoIjoiTVQ2cllyTFQxUjZWYk5DR1Q5czBqZyIsImF1ZCI6WyIxZGM3OTFjMS1hMTdlLTQyNzgtOThiOC1lOWQxMDdlYjliMWMiXSwiYXV0aF90aW1lIjoxNjY5MTgxNjc2LCJiaXJ0aGRhdGUiOiIyMDIyLTExLTIzIiwiZW1haWxfdmVyaWZpZWQiOnRydWUsImV4cCI6MTY2OTE4OTc0MywiZ2VuZGVyIjoiTWFsZSIsImlhdCI6MTY2OTE4MjU0MywiaXNzIjoiaHR0cHM6Ly9vaWRjLWNvbmZvcm1hbmNlLnJlbC52ZXJpZnkuaWJtY2xvdWRzZWN1cml0eS5jb20vb2F1dGgyIiwianRpIjoiZjIzNTI2NzAtYzQwYi00Y2UwLWI5NTAtNTMxZDQ1OGFkYzMyIiwibG9jYWxlIjoiZW4tVVMiLCJtaWRkbGVfbmFtZSI6Ik1pZGRsZU5hbWUiLCJuYW1lIjoiSVNWIERldiIsIm5pY2tuYW1lIjoibmlja25hbWUiLCJub25jZSI6IldSNmR1blFlU0UiLCJwaG9uZV9udW1iZXIiOiIxMjM0NTY3ODkiLCJwaG9uZV9udW1iZXJfdmVyaWZpZWQiOnRydWUsInBpY3R1cmUiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbSIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicHJvZmlsZSI6IkVuZC1Vc2VyIiwicmF0IjoxNjY5MTgyNTQxLCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoiVjh2Z1ZVbFZGMEFSbU9EWFZQZUdzdyIsInNfaGFzaCI6Im9oak13c29IVmZaZWFPaWVnZVZOT0EiLCJzdWIiOiI2MTYwMDE3TjY3IiwidXBkYXRlZF9hdCI6MTY2OTE3Mjg1NCwid2Vic2l0ZSI6Ind3dy5pYm0uY29tIiwiem9uZWluZm8iOiJBbWVyaWNhL0xvc19BbmdlbGVzIn0.LoJA_sBvnroiBGN6brzg_OD5BRRcBoo0Zt65vlsAL8o3T6G4ufO5RUslnCjkIlzEIxttuOk8qmf1Ia8oUl6ZL8PHybN43iQIK1PV4ALlp-Zn6cnApMvSkiaLU44AyXP2L9zQbOjJ4iImH5AQw-Yl-xdfAo0LbIRmg1YZHT8wkMu-Mh32zKTMn99YIUflXqqX8jn1hgTAcfdAKsxGkCdh_1U10RVxNDxIn88-m1ASTyzFyIIa82dw4armX5JnWwWjo7AmQjxn1yv9IggiNdJ9yMre_7QhFIwtcgRXufSNgHzrWi4W2mYomGLvMiLUMfDb9-PqX6OOUejb91Zz2z_CTg","refresh_token":"e25uRb46FZP_CvdzXmOosudhYdzaC3_C3qbnl4tNbLk.Id37spzO1gp13kclkhXBQux8RP-rmAy81s__0SXxCOD1BIX2Df0wENdidoc7Hon550tLpsL7x1yGai2DsAQu5g.M18xNjY5MTgyNTQzXzE4","scope":"openid email","token_type":"bearer"}
2022-11-23 05:49:03 SUCCESS
CallTokenEndpoint
Parsed token endpoint response
access_token
JTsJ23P4Qz3nFrKb8f4huWe1rVlnPDna7LbLwkaZI6g.5ielMN73x1ul5FaUv6SWoNa4wNJv0qH-9ye3DeJPLaKcQniac1J7iI44L_VTuSbThPDAKYxeqxSrtyS5QTZnBA.M18xNjY5MTgyNTQzXzE4
expires_in
3599
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiIxIiwiYWRkcmVzcyI6eyJhZGRyZXNzIjp7ImNvdW50cnkiOiJVUyIsImxvY2FsaXR5IjoiTG9zIEFuZ2VsZXMiLCJwb3N0YWxfY29kZSI6IjkwMjEwIiwicmVnaW9uIjoiQ0EiLCJzdHJlZXRfYWRkcmVzcyI6IjEyMzQgSG9sbHl3b29kIEJsdmQuIn0sInBob25lX251bWJlciI6IisxICgzMTApIDEyMy00NTY3In0sImFtciI6WyJwYXNzd29yZCJdLCJhdF9oYXNoIjoiTVQ2cllyTFQxUjZWYk5DR1Q5czBqZyIsImF1ZCI6WyIxZGM3OTFjMS1hMTdlLTQyNzgtOThiOC1lOWQxMDdlYjliMWMiXSwiYXV0aF90aW1lIjoxNjY5MTgxNjc2LCJiaXJ0aGRhdGUiOiIyMDIyLTExLTIzIiwiZW1haWxfdmVyaWZpZWQiOnRydWUsImV4cCI6MTY2OTE4OTc0MywiZ2VuZGVyIjoiTWFsZSIsImlhdCI6MTY2OTE4MjU0MywiaXNzIjoiaHR0cHM6Ly9vaWRjLWNvbmZvcm1hbmNlLnJlbC52ZXJpZnkuaWJtY2xvdWRzZWN1cml0eS5jb20vb2F1dGgyIiwianRpIjoiZjIzNTI2NzAtYzQwYi00Y2UwLWI5NTAtNTMxZDQ1OGFkYzMyIiwibG9jYWxlIjoiZW4tVVMiLCJtaWRkbGVfbmFtZSI6Ik1pZGRsZU5hbWUiLCJuYW1lIjoiSVNWIERldiIsIm5pY2tuYW1lIjoibmlja25hbWUiLCJub25jZSI6IldSNmR1blFlU0UiLCJwaG9uZV9udW1iZXIiOiIxMjM0NTY3ODkiLCJwaG9uZV9udW1iZXJfdmVyaWZpZWQiOnRydWUsInBpY3R1cmUiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbSIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicHJvZmlsZSI6IkVuZC1Vc2VyIiwicmF0IjoxNjY5MTgyNTQxLCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoiVjh2Z1ZVbFZGMEFSbU9EWFZQZUdzdyIsInNfaGFzaCI6Im9oak13c29IVmZaZWFPaWVnZVZOT0EiLCJzdWIiOiI2MTYwMDE3TjY3IiwidXBkYXRlZF9hdCI6MTY2OTE3Mjg1NCwid2Vic2l0ZSI6Ind3dy5pYm0uY29tIiwiem9uZWluZm8iOiJBbWVyaWNhL0xvc19BbmdlbGVzIn0.LoJA_sBvnroiBGN6brzg_OD5BRRcBoo0Zt65vlsAL8o3T6G4ufO5RUslnCjkIlzEIxttuOk8qmf1Ia8oUl6ZL8PHybN43iQIK1PV4ALlp-Zn6cnApMvSkiaLU44AyXP2L9zQbOjJ4iImH5AQw-Yl-xdfAo0LbIRmg1YZHT8wkMu-Mh32zKTMn99YIUflXqqX8jn1hgTAcfdAKsxGkCdh_1U10RVxNDxIn88-m1ASTyzFyIIa82dw4armX5JnWwWjo7AmQjxn1yv9IggiNdJ9yMre_7QhFIwtcgRXufSNgHzrWi4W2mYomGLvMiLUMfDb9-PqX6OOUejb91Zz2z_CTg
refresh_token
e25uRb46FZP_CvdzXmOosudhYdzaC3_C3qbnl4tNbLk.Id37spzO1gp13kclkhXBQux8RP-rmAy81s__0SXxCOD1BIX2Df0wENdidoc7Hon550tLpsL7x1yGai2DsAQu5g.M18xNjY5MTgyNTQzXzE4
scope
openid email
token_type
bearer
2022-11-23 05:49:03 SUCCESS
CheckIfTokenEndpointResponseError
No error from token endpoint
2022-11-23 05:49:03 SUCCESS
CheckForAccessTokenValue
Found an access token
access_token
JTsJ23P4Qz3nFrKb8f4huWe1rVlnPDna7LbLwkaZI6g.5ielMN73x1ul5FaUv6SWoNa4wNJv0qH-9ye3DeJPLaKcQniac1J7iI44L_VTuSbThPDAKYxeqxSrtyS5QTZnBA.M18xNjY5MTgyNTQzXzE4
2022-11-23 05:49:03 SUCCESS
ExtractAccessTokenFromTokenResponse
Extracted the access token
value
JTsJ23P4Qz3nFrKb8f4huWe1rVlnPDna7LbLwkaZI6g.5ielMN73x1ul5FaUv6SWoNa4wNJv0qH-9ye3DeJPLaKcQniac1J7iI44L_VTuSbThPDAKYxeqxSrtyS5QTZnBA.M18xNjY5MTgyNTQzXzE4
type
bearer
2022-11-23 05:49:03 SUCCESS
ExtractExpiresInFromTokenEndpointResponse
Extracted 'expires_in'
expires_in
3599
2022-11-23 05:49:03 SUCCESS
ValidateExpiresIn
expires_in passed all validation checks
expires_in
3599
2022-11-23 05:49:03 SUCCESS
CheckForRefreshTokenValue
Found a refresh token
refresh_token
e25uRb46FZP_CvdzXmOosudhYdzaC3_C3qbnl4tNbLk.Id37spzO1gp13kclkhXBQux8RP-rmAy81s__0SXxCOD1BIX2Df0wENdidoc7Hon550tLpsL7x1yGai2DsAQu5g.M18xNjY5MTgyNTQzXzE4
2022-11-23 05:49:03 SUCCESS
ExtractIdTokenFromTokenResponse
Found and parsed the id_token from token_endpoint_response
value
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiIxIiwiYWRkcmVzcyI6eyJhZGRyZXNzIjp7ImNvdW50cnkiOiJVUyIsImxvY2FsaXR5IjoiTG9zIEFuZ2VsZXMiLCJwb3N0YWxfY29kZSI6IjkwMjEwIiwicmVnaW9uIjoiQ0EiLCJzdHJlZXRfYWRkcmVzcyI6IjEyMzQgSG9sbHl3b29kIEJsdmQuIn0sInBob25lX251bWJlciI6IisxICgzMTApIDEyMy00NTY3In0sImFtciI6WyJwYXNzd29yZCJdLCJhdF9oYXNoIjoiTVQ2cllyTFQxUjZWYk5DR1Q5czBqZyIsImF1ZCI6WyIxZGM3OTFjMS1hMTdlLTQyNzgtOThiOC1lOWQxMDdlYjliMWMiXSwiYXV0aF90aW1lIjoxNjY5MTgxNjc2LCJiaXJ0aGRhdGUiOiIyMDIyLTExLTIzIiwiZW1haWxfdmVyaWZpZWQiOnRydWUsImV4cCI6MTY2OTE4OTc0MywiZ2VuZGVyIjoiTWFsZSIsImlhdCI6MTY2OTE4MjU0MywiaXNzIjoiaHR0cHM6Ly9vaWRjLWNvbmZvcm1hbmNlLnJlbC52ZXJpZnkuaWJtY2xvdWRzZWN1cml0eS5jb20vb2F1dGgyIiwianRpIjoiZjIzNTI2NzAtYzQwYi00Y2UwLWI5NTAtNTMxZDQ1OGFkYzMyIiwibG9jYWxlIjoiZW4tVVMiLCJtaWRkbGVfbmFtZSI6Ik1pZGRsZU5hbWUiLCJuYW1lIjoiSVNWIERldiIsIm5pY2tuYW1lIjoibmlja25hbWUiLCJub25jZSI6IldSNmR1blFlU0UiLCJwaG9uZV9udW1iZXIiOiIxMjM0NTY3ODkiLCJwaG9uZV9udW1iZXJfdmVyaWZpZWQiOnRydWUsInBpY3R1cmUiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbSIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicHJvZmlsZSI6IkVuZC1Vc2VyIiwicmF0IjoxNjY5MTgyNTQxLCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoiVjh2Z1ZVbFZGMEFSbU9EWFZQZUdzdyIsInNfaGFzaCI6Im9oak13c29IVmZaZWFPaWVnZVZOT0EiLCJzdWIiOiI2MTYwMDE3TjY3IiwidXBkYXRlZF9hdCI6MTY2OTE3Mjg1NCwid2Vic2l0ZSI6Ind3dy5pYm0uY29tIiwiem9uZWluZm8iOiJBbWVyaWNhL0xvc19BbmdlbGVzIn0.LoJA_sBvnroiBGN6brzg_OD5BRRcBoo0Zt65vlsAL8o3T6G4ufO5RUslnCjkIlzEIxttuOk8qmf1Ia8oUl6ZL8PHybN43iQIK1PV4ALlp-Zn6cnApMvSkiaLU44AyXP2L9zQbOjJ4iImH5AQw-Yl-xdfAo0LbIRmg1YZHT8wkMu-Mh32zKTMn99YIUflXqqX8jn1hgTAcfdAKsxGkCdh_1U10RVxNDxIn88-m1ASTyzFyIIa82dw4armX5JnWwWjo7AmQjxn1yv9IggiNdJ9yMre_7QhFIwtcgRXufSNgHzrWi4W2mYomGLvMiLUMfDb9-PqX6OOUejb91Zz2z_CTg
header
{
  "kid": "server",
  "alg": "RS256"
}
claims
{
  "at_hash": "MT6rYrLT1R6VbNCGT9s0jg",
  "sub": "6160017N67",
  "zoneinfo": "America/Los_Angeles",
  "birthdate": "2022-11-23",
  "gender": "Male",
  "realmName": "cloudIdentityRealm",
  "amr": [
    "password"
  ],
  "iss": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "preferred_username": "isvdev@ibm.com",
  "locale": "en-US",
  "rt_hash": "V8vgVUlVF0ARmODXVPeGsw",
  "acr": "1",
  "updated_at": 1669172854,
  "auth_time": 1669181676,
  "nickname": "nickname",
  "exp": 1669189743,
  "iat": 1669182543,
  "jti": "f2352670-c40b-4ce0-b950-531d458adc32",
  "website": "www.ibm.com",
  "address": {
    "address": {
      "country": "US",
      "street_address": "1234 Hollywood Blvd.",
      "locality": "Los Angeles",
      "postal_code": "90210",
      "region": "CA"
    },
    "phone_number": "+1 (310) 123-4567"
  },
  "email_verified": true,
  "rat": 1669182541,
  "profile": "End-User",
  "phone_number_verified": true,
  "middle_name": "MiddleName",
  "nonce": "WR6dunQeSE",
  "picture": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com",
  "aud": "1dc791c1-a17e-4278-98b8-e9d107eb9b1c",
  "s_hash": "ohjMwsoHVfZeaOiegeVNOA",
  "name": "ISV Dev",
  "phone_number": "123456789"
}
2022-11-23 05:49:03 SUCCESS
ValidateIdToken
ID token iss, aud, exp, iat, auth_time, acr & nbf claims passed validation checks
2022-11-23 05:49:03
ValidateIdTokenStandardClaims
sub is a string with content
2022-11-23 05:49:03
ValidateIdTokenStandardClaims
zoneinfo is a string with content
2022-11-23 05:49:03
ValidateIdTokenStandardClaims
birthdate is a valid birthdate in the format stated in OpenID Connect Standard - YYYY-MM-DD, 0000-MM-DD or YYYY
2022-11-23 05:49:03
ValidateIdTokenStandardClaims
gender is a string with content
2022-11-23 05:49:03
ValidateIdTokenStandardClaims
Skipping unknown claim: realmName
2022-11-23 05:49:03
ValidateIdTokenStandardClaims
preferred_username is a string with content
2022-11-23 05:49:03
ValidateIdTokenStandardClaims
locale is a string with content
2022-11-23 05:49:03
ValidateIdTokenStandardClaims
Skipping unknown claim: rt_hash
2022-11-23 05:49:03
ValidateIdTokenStandardClaims
updated_at is a number
2022-11-23 05:49:03
ValidateIdTokenStandardClaims
nickname is a string with content
2022-11-23 05:49:03
ValidateIdTokenStandardClaims
website is a string with content
2022-11-23 05:49:03
ValidateIdTokenStandardClaims
Skipping unknown claim: address.address
2022-11-23 05:49:03
ValidateIdTokenStandardClaims
Skipping unknown claim: address.phone_number
2022-11-23 05:49:03
ValidateIdTokenStandardClaims
address is a valid object or contains invalid claims
2022-11-23 05:49:03
ValidateIdTokenStandardClaims
email_verified is a boolean
2022-11-23 05:49:03
ValidateIdTokenStandardClaims
Skipping unknown claim: rat
2022-11-23 05:49:03
ValidateIdTokenStandardClaims
profile is a string with content
2022-11-23 05:49:03
ValidateIdTokenStandardClaims
phone_number_verified is a boolean
2022-11-23 05:49:03
ValidateIdTokenStandardClaims
middle_name is a string with content
2022-11-23 05:49:03
ValidateIdTokenStandardClaims
picture is a string with content
2022-11-23 05:49:03
ValidateIdTokenStandardClaims
name is a string with content
2022-11-23 05:49:03
ValidateIdTokenStandardClaims
phone_number is a string with content
2022-11-23 05:49:03 SUCCESS
ValidateIdTokenStandardClaims
id_token claims are valid
2022-11-23 05:49:03 SUCCESS
ValidateIdTokenNonce
Nonce values match
nonce
WR6dunQeSE
2022-11-23 05:49:03 SUCCESS
ValidateIdTokenACRClaimAgainstRequest
Nothing to check; the conformance suite did not request an acr claim in request object
2022-11-23 05:49:03 SUCCESS
ValidateIdTokenSignature
id_token signature validated
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiIxIiwiYWRkcmVzcyI6eyJhZGRyZXNzIjp7ImNvdW50cnkiOiJVUyIsImxvY2FsaXR5IjoiTG9zIEFuZ2VsZXMiLCJwb3N0YWxfY29kZSI6IjkwMjEwIiwicmVnaW9uIjoiQ0EiLCJzdHJlZXRfYWRkcmVzcyI6IjEyMzQgSG9sbHl3b29kIEJsdmQuIn0sInBob25lX251bWJlciI6IisxICgzMTApIDEyMy00NTY3In0sImFtciI6WyJwYXNzd29yZCJdLCJhdF9oYXNoIjoiTVQ2cllyTFQxUjZWYk5DR1Q5czBqZyIsImF1ZCI6WyIxZGM3OTFjMS1hMTdlLTQyNzgtOThiOC1lOWQxMDdlYjliMWMiXSwiYXV0aF90aW1lIjoxNjY5MTgxNjc2LCJiaXJ0aGRhdGUiOiIyMDIyLTExLTIzIiwiZW1haWxfdmVyaWZpZWQiOnRydWUsImV4cCI6MTY2OTE4OTc0MywiZ2VuZGVyIjoiTWFsZSIsImlhdCI6MTY2OTE4MjU0MywiaXNzIjoiaHR0cHM6Ly9vaWRjLWNvbmZvcm1hbmNlLnJlbC52ZXJpZnkuaWJtY2xvdWRzZWN1cml0eS5jb20vb2F1dGgyIiwianRpIjoiZjIzNTI2NzAtYzQwYi00Y2UwLWI5NTAtNTMxZDQ1OGFkYzMyIiwibG9jYWxlIjoiZW4tVVMiLCJtaWRkbGVfbmFtZSI6Ik1pZGRsZU5hbWUiLCJuYW1lIjoiSVNWIERldiIsIm5pY2tuYW1lIjoibmlja25hbWUiLCJub25jZSI6IldSNmR1blFlU0UiLCJwaG9uZV9udW1iZXIiOiIxMjM0NTY3ODkiLCJwaG9uZV9udW1iZXJfdmVyaWZpZWQiOnRydWUsInBpY3R1cmUiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbSIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicHJvZmlsZSI6IkVuZC1Vc2VyIiwicmF0IjoxNjY5MTgyNTQxLCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoiVjh2Z1ZVbFZGMEFSbU9EWFZQZUdzdyIsInNfaGFzaCI6Im9oak13c29IVmZaZWFPaWVnZVZOT0EiLCJzdWIiOiI2MTYwMDE3TjY3IiwidXBkYXRlZF9hdCI6MTY2OTE3Mjg1NCwid2Vic2l0ZSI6Ind3dy5pYm0uY29tIiwiem9uZWluZm8iOiJBbWVyaWNhL0xvc19BbmdlbGVzIn0.LoJA_sBvnroiBGN6brzg_OD5BRRcBoo0Zt65vlsAL8o3T6G4ufO5RUslnCjkIlzEIxttuOk8qmf1Ia8oUl6ZL8PHybN43iQIK1PV4ALlp-Zn6cnApMvSkiaLU44AyXP2L9zQbOjJ4iImH5AQw-Yl-xdfAo0LbIRmg1YZHT8wkMu-Mh32zKTMn99YIUflXqqX8jn1hgTAcfdAKsxGkCdh_1U10RVxNDxIn88-m1ASTyzFyIIa82dw4armX5JnWwWjo7AmQjxn1yv9IggiNdJ9yMre_7QhFIwtcgRXufSNgHzrWi4W2mYomGLvMiLUMfDb9-PqX6OOUejb91Zz2z_CTg
2022-11-23 05:49:03 SUCCESS
ValidateIdTokenSignatureUsingKid
id_token signature validated
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiIxIiwiYWRkcmVzcyI6eyJhZGRyZXNzIjp7ImNvdW50cnkiOiJVUyIsImxvY2FsaXR5IjoiTG9zIEFuZ2VsZXMiLCJwb3N0YWxfY29kZSI6IjkwMjEwIiwicmVnaW9uIjoiQ0EiLCJzdHJlZXRfYWRkcmVzcyI6IjEyMzQgSG9sbHl3b29kIEJsdmQuIn0sInBob25lX251bWJlciI6IisxICgzMTApIDEyMy00NTY3In0sImFtciI6WyJwYXNzd29yZCJdLCJhdF9oYXNoIjoiTVQ2cllyTFQxUjZWYk5DR1Q5czBqZyIsImF1ZCI6WyIxZGM3OTFjMS1hMTdlLTQyNzgtOThiOC1lOWQxMDdlYjliMWMiXSwiYXV0aF90aW1lIjoxNjY5MTgxNjc2LCJiaXJ0aGRhdGUiOiIyMDIyLTExLTIzIiwiZW1haWxfdmVyaWZpZWQiOnRydWUsImV4cCI6MTY2OTE4OTc0MywiZ2VuZGVyIjoiTWFsZSIsImlhdCI6MTY2OTE4MjU0MywiaXNzIjoiaHR0cHM6Ly9vaWRjLWNvbmZvcm1hbmNlLnJlbC52ZXJpZnkuaWJtY2xvdWRzZWN1cml0eS5jb20vb2F1dGgyIiwianRpIjoiZjIzNTI2NzAtYzQwYi00Y2UwLWI5NTAtNTMxZDQ1OGFkYzMyIiwibG9jYWxlIjoiZW4tVVMiLCJtaWRkbGVfbmFtZSI6Ik1pZGRsZU5hbWUiLCJuYW1lIjoiSVNWIERldiIsIm5pY2tuYW1lIjoibmlja25hbWUiLCJub25jZSI6IldSNmR1blFlU0UiLCJwaG9uZV9udW1iZXIiOiIxMjM0NTY3ODkiLCJwaG9uZV9udW1iZXJfdmVyaWZpZWQiOnRydWUsInBpY3R1cmUiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbSIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicHJvZmlsZSI6IkVuZC1Vc2VyIiwicmF0IjoxNjY5MTgyNTQxLCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoiVjh2Z1ZVbFZGMEFSbU9EWFZQZUdzdyIsInNfaGFzaCI6Im9oak13c29IVmZaZWFPaWVnZVZOT0EiLCJzdWIiOiI2MTYwMDE3TjY3IiwidXBkYXRlZF9hdCI6MTY2OTE3Mjg1NCwid2Vic2l0ZSI6Ind3dy5pYm0uY29tIiwiem9uZWluZm8iOiJBbWVyaWNhL0xvc19BbmdlbGVzIn0.LoJA_sBvnroiBGN6brzg_OD5BRRcBoo0Zt65vlsAL8o3T6G4ufO5RUslnCjkIlzEIxttuOk8qmf1Ia8oUl6ZL8PHybN43iQIK1PV4ALlp-Zn6cnApMvSkiaLU44AyXP2L9zQbOjJ4iImH5AQw-Yl-xdfAo0LbIRmg1YZHT8wkMu-Mh32zKTMn99YIUflXqqX8jn1hgTAcfdAKsxGkCdh_1U10RVxNDxIn88-m1ASTyzFyIIa82dw4armX5JnWwWjo7AmQjxn1yv9IggiNdJ9yMre_7QhFIwtcgRXufSNgHzrWi4W2mYomGLvMiLUMfDb9-PqX6OOUejb91Zz2z_CTg
2022-11-23 05:49:03 SUCCESS
CheckForSubjectInIdToken
Found 'sub' in id_token
sub
6160017N67
2022-11-23 05:49:03
EnsureIdTokenUpdatedAtValid
id_token response does not contain 'updated_at'
2022-11-23 05:49:03 INFO
ValidateEncryptedIdTokenHasKid
Skipped evaluation due to missing required element: id_token jwe_header
path
jwe_header
mapped
object
id_token
2022-11-23 05:49:03 WARNING
EnsureIdTokenDoesNotContainName
Unexpectedly found name in id_token. The conformance suite did not request the 'name' claim is returned in the id_token and hence did not expect the server to include it. Technically this does not violate the specifications but it is likely a bug in the server and may result in user data being exposed in unintended ways.
name
ISV Dev
2022-11-23 05:49:03 SUCCESS
EnsureIdTokenDoesNotContainEmailForScopeEmail
email claim not found in id_token, which is expected as it was not requested to be returned there
Userinfo endpoint tests
2022-11-23 05:49:03
CallProtectedResource
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/userinfo
request_method
GET
request_headers
{
  "accept": "application/json",
  "authorization": "bearer JTsJ23P4Qz3nFrKb8f4huWe1rVlnPDna7LbLwkaZI6g.5ielMN73x1ul5FaUv6SWoNa4wNJv0qH-9ye3DeJPLaKcQniac1J7iI44L_VTuSbThPDAKYxeqxSrtyS5QTZnBA.M18xNjY5MTgyNTQzXzE4",
  "content-length": "0"
}
request_body

                                
2022-11-23 05:49:03 RESPONSE
CallProtectedResource
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AKace855d5-778b-4032-a347-3c2b5c243af1",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c281637db44f05603803",
  "content-length": "828",
  "date": "Wed, 23 Nov 2022 05:49:03 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:DR/YG3ENu/rcl68F1k4C9lVIiTA8ZYzXPBQggb57SDM\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:61017047; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003dB2E11540B76AE17407D467EE77143C9B~-1~YAAQ7fnerQ3JKXyEAQAAaVYIowiXiUXbybnUJxVbiN7lUG6KzHzjWj2t7jYhFuwdjkrVMvoa8NcKwHO13lS6pZQo0xo5nG4uF9l4dX+dEX3OIU2XS4T7p0CExEvEORCgc+JG8z2X89GcI6qk/ayHkaL3tnQ6r2eu30v2FTpyHBOMo8Q7jtKVocrwVvoz6D3tyP2z5aau0HVhAvgEmVhM/WU6GPcaxUbzOALgr+j+s4/aLIPvN8+Mx0khGcpv17TayraEDGWD80VXpz4VH+JDE6yB/ReujEVZDnEOBkeYmtPPaIFfdYEMlJT8z06bcUXWMTEHyRvjkdWgi4VoMruvt8z+AUXnL5ttsPEN8eMxFsyRu8adtJXrBkGzfOyCIti8RoZ3W88\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dThu, 23 Nov 2023 05:49:03 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003dAA44FA1CC4E5DB2455D24A45F7D5DBBB~YAAQ7fnerQ7JKXyEAQAAaVYIoxGMI7ZNI44us9sDQjXcmObJo40wa+nx9NBAaNPyyVrKDZu29ddRP4zmHzz5ppV/kXUABHND8yKqvEK6z1lTRSROyOIc2k7uHkVGc+Q5+KoemCtdg+EevUU9Grs8W0hc+rOCQlkczALEHTNNXvpNaqIqSW5YvacgyOdeqqwW2gvvb8put5yZP/A440214gVfZ9Xj7lMzMlotVq1ulP6693vLdgmuoLU2ziJquQZn//VWazQe6+vUxX8TtESu6L6EriL5IGAG8xVHflxCNEhQNOe9JuYnQIgcrVd4~3555633~4536116; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dWed, 23 Nov 2022 09:49:03 GMT; Max-Age\u003d14400"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d91",
    "origin; dur\u003d113"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"acr":"1","address":{"address":{"country":"US","locality":"Los Angeles","postal_code":"90210","region":"CA","street_address":"1234 Hollywood Blvd."},"phone_number":"+1 (310) 123-4567"},"amr":["password"],"aud":["1dc791c1-a17e-4278-98b8-e9d107eb9b1c"],"auth_time":1669181676,"birthdate":"2022-11-23","email_verified":true,"gender":"Male","iss":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2","locale":"en-US","middle_name":"MiddleName","name":"ISV Dev","nickname":"nickname","phone_number":"123456789","phone_number_verified":true,"picture":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com","preferred_username":"isvdev@ibm.com","profile":"End-User","rat":1669182541,"realmName":"cloudIdentityRealm","sub":"6160017N67","updated_at":1669172854,"website":"www.ibm.com","zoneinfo":"America/Los_Angeles"}
2022-11-23 05:49:03 SUCCESS
CallProtectedResource
Got a response from the resource endpoint
status
200
endpoint_name
resource
headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AKace855d5-778b-4032-a347-3c2b5c243af1",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c281637db44f05603803",
  "content-length": "828",
  "date": "Wed, 23 Nov 2022 05:49:03 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:DR/YG3ENu/rcl68F1k4C9lVIiTA8ZYzXPBQggb57SDM\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:61017047; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003dB2E11540B76AE17407D467EE77143C9B~-1~YAAQ7fnerQ3JKXyEAQAAaVYIowiXiUXbybnUJxVbiN7lUG6KzHzjWj2t7jYhFuwdjkrVMvoa8NcKwHO13lS6pZQo0xo5nG4uF9l4dX+dEX3OIU2XS4T7p0CExEvEORCgc+JG8z2X89GcI6qk/ayHkaL3tnQ6r2eu30v2FTpyHBOMo8Q7jtKVocrwVvoz6D3tyP2z5aau0HVhAvgEmVhM/WU6GPcaxUbzOALgr+j+s4/aLIPvN8+Mx0khGcpv17TayraEDGWD80VXpz4VH+JDE6yB/ReujEVZDnEOBkeYmtPPaIFfdYEMlJT8z06bcUXWMTEHyRvjkdWgi4VoMruvt8z+AUXnL5ttsPEN8eMxFsyRu8adtJXrBkGzfOyCIti8RoZ3W88\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dThu, 23 Nov 2023 05:49:03 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003dAA44FA1CC4E5DB2455D24A45F7D5DBBB~YAAQ7fnerQ7JKXyEAQAAaVYIoxGMI7ZNI44us9sDQjXcmObJo40wa+nx9NBAaNPyyVrKDZu29ddRP4zmHzz5ppV/kXUABHND8yKqvEK6z1lTRSROyOIc2k7uHkVGc+Q5+KoemCtdg+EevUU9Grs8W0hc+rOCQlkczALEHTNNXvpNaqIqSW5YvacgyOdeqqwW2gvvb8put5yZP/A440214gVfZ9Xj7lMzMlotVq1ulP6693vLdgmuoLU2ziJquQZn//VWazQe6+vUxX8TtESu6L6EriL5IGAG8xVHflxCNEhQNOe9JuYnQIgcrVd4~3555633~4536116; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dWed, 23 Nov 2022 09:49:03 GMT; Max-Age\u003d14400"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d91",
    "origin; dur\u003d113"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
body
{"acr":"1","address":{"address":{"country":"US","locality":"Los Angeles","postal_code":"90210","region":"CA","street_address":"1234 Hollywood Blvd."},"phone_number":"+1 (310) 123-4567"},"amr":["password"],"aud":["1dc791c1-a17e-4278-98b8-e9d107eb9b1c"],"auth_time":1669181676,"birthdate":"2022-11-23","email_verified":true,"gender":"Male","iss":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2","locale":"en-US","middle_name":"MiddleName","name":"ISV Dev","nickname":"nickname","phone_number":"123456789","phone_number_verified":true,"picture":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com","preferred_username":"isvdev@ibm.com","profile":"End-User","rat":1669182541,"realmName":"cloudIdentityRealm","sub":"6160017N67","updated_at":1669172854,"website":"www.ibm.com","zoneinfo":"America/Los_Angeles"}
2022-11-23 05:49:03 SUCCESS
EnsureHttpStatusCodeIs200
resource endpoint returned the expected http status
expected_status
200
http_status
200
2022-11-23 05:49:03
CallUserInfoEndpoint
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/userinfo
request_method
GET
request_headers
{
  "accept": "application/json",
  "authorization": "bearer JTsJ23P4Qz3nFrKb8f4huWe1rVlnPDna7LbLwkaZI6g.5ielMN73x1ul5FaUv6SWoNa4wNJv0qH-9ye3DeJPLaKcQniac1J7iI44L_VTuSbThPDAKYxeqxSrtyS5QTZnBA.M18xNjY5MTgyNTQzXzE4",
  "content-length": "0"
}
request_body

                                
2022-11-23 05:49:03 RESPONSE
CallUserInfoEndpoint
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK1777cf0d-7204-4332-a0f9-86f5053d0dd2",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c281637db44f05603823",
  "content-length": "828",
  "date": "Wed, 23 Nov 2022 05:49:03 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:b3OHkqoSyDYjq1QBwJLecpeGD+6biJodISGuZ8zeZWo\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:61017047; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d7966CCBFC40CD3C1BCC92314D89A5ADF~-1~YAAQ7fnerQ/JKXyEAQAAdlcIowhvLBsxGdvlXbpbHIFVxcebsMQejefvdSgErfilQoYOGIyPIPkl7TaKAb5JGaH2qBiPeEOHYmNNm2w8koWqG0wNAc2DeIv66IEuUWsWPKCeM3yx+Xf3iJmvUqCGXGwYm+t/WNzgG9/7yGJSi+RE4VdY7gRhAu/PY3L63VkfSX8lMepSsuEElXhukco7X93FiMI/ym5ccexGJ+Pauw4ljKlQI1zjV5QxSEzWT0y8hznjKCYyZ+1zVeZEzW6HjF5dalhgumcXvWto0D9PYHj0hcQwKPkBgVrzZwLmpU1iTZk0Lfmj+n3v/ol7EsBnuJHfHhjY99TpbDY1BttkoophjN0qvDjrLHNqVx5U/T7hjkD+5N0\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dThu, 23 Nov 2023 05:49:03 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d50D31B2506051AB74382FF5FC0AFD5ED~YAAQ7fnerRDJKXyEAQAAdlcIoxHyq0SJslyJCwkvfwxlwbL6ZXlbZnC6LMsH/19QiQAoYjbNJfZDLjdRLgAQNJc4uf/keUjb13+ZhcpFS/AB0ZLg4yaBa/iCqKpON2HD8VEHRQ7v3RbKwnWtmn9HMu8ZWzvYooACYgn5Wcpi8qdcxfbZlIyfxN7i0YeJBwOpvY8jRMN2jk1S+OVnQV8G/N4hGtv1Uk3d0O/bdrracsyfaSTpa67jZYCNMhBdsHBHU1KC1uKjz7T4dCNBTYkczRzkrQoXpwvwGniCJCQ66C7sZ8lAB/R5quEUGs26~3555633~4536116; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dWed, 23 Nov 2022 09:49:03 GMT; Max-Age\u003d14400"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d96",
    "origin; dur\u003d109"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"acr":"1","address":{"address":{"country":"US","locality":"Los Angeles","postal_code":"90210","region":"CA","street_address":"1234 Hollywood Blvd."},"phone_number":"+1 (310) 123-4567"},"amr":["password"],"aud":["1dc791c1-a17e-4278-98b8-e9d107eb9b1c"],"auth_time":1669181676,"birthdate":"2022-11-23","email_verified":true,"gender":"Male","iss":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2","locale":"en-US","middle_name":"MiddleName","name":"ISV Dev","nickname":"nickname","phone_number":"123456789","phone_number_verified":true,"picture":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com","preferred_username":"isvdev@ibm.com","profile":"End-User","rat":1669182541,"realmName":"cloudIdentityRealm","sub":"6160017N67","updated_at":1669172854,"website":"www.ibm.com","zoneinfo":"America/Los_Angeles"}
2022-11-23 05:49:03 SUCCESS
CallUserInfoEndpoint
Got a response from the userinfo endpoint
headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK1777cf0d-7204-4332-a0f9-86f5053d0dd2",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c281637db44f05603823",
  "content-length": "828",
  "date": "Wed, 23 Nov 2022 05:49:03 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:b3OHkqoSyDYjq1QBwJLecpeGD+6biJodISGuZ8zeZWo\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:61017047; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d7966CCBFC40CD3C1BCC92314D89A5ADF~-1~YAAQ7fnerQ/JKXyEAQAAdlcIowhvLBsxGdvlXbpbHIFVxcebsMQejefvdSgErfilQoYOGIyPIPkl7TaKAb5JGaH2qBiPeEOHYmNNm2w8koWqG0wNAc2DeIv66IEuUWsWPKCeM3yx+Xf3iJmvUqCGXGwYm+t/WNzgG9/7yGJSi+RE4VdY7gRhAu/PY3L63VkfSX8lMepSsuEElXhukco7X93FiMI/ym5ccexGJ+Pauw4ljKlQI1zjV5QxSEzWT0y8hznjKCYyZ+1zVeZEzW6HjF5dalhgumcXvWto0D9PYHj0hcQwKPkBgVrzZwLmpU1iTZk0Lfmj+n3v/ol7EsBnuJHfHhjY99TpbDY1BttkoophjN0qvDjrLHNqVx5U/T7hjkD+5N0\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dThu, 23 Nov 2023 05:49:03 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d50D31B2506051AB74382FF5FC0AFD5ED~YAAQ7fnerRDJKXyEAQAAdlcIoxHyq0SJslyJCwkvfwxlwbL6ZXlbZnC6LMsH/19QiQAoYjbNJfZDLjdRLgAQNJc4uf/keUjb13+ZhcpFS/AB0ZLg4yaBa/iCqKpON2HD8VEHRQ7v3RbKwnWtmn9HMu8ZWzvYooACYgn5Wcpi8qdcxfbZlIyfxN7i0YeJBwOpvY8jRMN2jk1S+OVnQV8G/N4hGtv1Uk3d0O/bdrracsyfaSTpa67jZYCNMhBdsHBHU1KC1uKjz7T4dCNBTYkczRzkrQoXpwvwGniCJCQ66C7sZ8lAB/R5quEUGs26~3555633~4536116; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dWed, 23 Nov 2022 09:49:03 GMT; Max-Age\u003d14400"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d96",
    "origin; dur\u003d109"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
status_code
{
  "code": 200
}
body
{"acr":"1","address":{"address":{"country":"US","locality":"Los Angeles","postal_code":"90210","region":"CA","street_address":"1234 Hollywood Blvd."},"phone_number":"+1 (310) 123-4567"},"amr":["password"],"aud":["1dc791c1-a17e-4278-98b8-e9d107eb9b1c"],"auth_time":1669181676,"birthdate":"2022-11-23","email_verified":true,"gender":"Male","iss":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2","locale":"en-US","middle_name":"MiddleName","name":"ISV Dev","nickname":"nickname","phone_number":"123456789","phone_number_verified":true,"picture":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com","preferred_username":"isvdev@ibm.com","profile":"End-User","rat":1669182541,"realmName":"cloudIdentityRealm","sub":"6160017N67","updated_at":1669172854,"website":"www.ibm.com","zoneinfo":"America/Los_Angeles"}
2022-11-23 05:49:03 SUCCESS
EnsureHttpStatusCodeIs200
resource endpoint returned the expected http status
expected_status
200
http_status
200
2022-11-23 05:49:03 SUCCESS
ExtractUserInfoFromUserInfoEndpointResponse
Extracted user info
userinfo
{
  "acr": "1",
  "address": {
    "address": {
      "country": "US",
      "locality": "Los Angeles",
      "postal_code": "90210",
      "region": "CA",
      "street_address": "1234 Hollywood Blvd."
    },
    "phone_number": "+1 (310) 123-4567"
  },
  "amr": [
    "password"
  ],
  "aud": [
    "1dc791c1-a17e-4278-98b8-e9d107eb9b1c"
  ],
  "auth_time": 1669181676,
  "birthdate": "2022-11-23",
  "email_verified": true,
  "gender": "Male",
  "iss": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "locale": "en-US",
  "middle_name": "MiddleName",
  "name": "ISV Dev",
  "nickname": "nickname",
  "phone_number": "123456789",
  "phone_number_verified": true,
  "picture": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com",
  "preferred_username": "isvdev@ibm.com",
  "profile": "End-User",
  "rat": 1669182541,
  "realmName": "cloudIdentityRealm",
  "sub": "6160017N67",
  "updated_at": 1669172854,
  "website": "www.ibm.com",
  "zoneinfo": "America/Los_Angeles"
}
2022-11-23 05:49:03
ValidateUserInfoStandardClaims
Skipping unknown claim: acr
2022-11-23 05:49:03
ValidateUserInfoStandardClaims
Skipping unknown claim: address.address
2022-11-23 05:49:03
ValidateUserInfoStandardClaims
Skipping unknown claim: address.phone_number
2022-11-23 05:49:03
ValidateUserInfoStandardClaims
address is a valid object or contains invalid claims
2022-11-23 05:49:03
ValidateUserInfoStandardClaims
Skipping unknown claim: amr
2022-11-23 05:49:03
ValidateUserInfoStandardClaims
Skipping unknown claim: aud
2022-11-23 05:49:03
ValidateUserInfoStandardClaims
Skipping unknown claim: auth_time
2022-11-23 05:49:03
ValidateUserInfoStandardClaims
birthdate is a valid birthdate in the format stated in OpenID Connect Standard - YYYY-MM-DD, 0000-MM-DD or YYYY
2022-11-23 05:49:03
ValidateUserInfoStandardClaims
email_verified is a boolean
2022-11-23 05:49:03
ValidateUserInfoStandardClaims
gender is a string with content
2022-11-23 05:49:03
ValidateUserInfoStandardClaims
Skipping unknown claim: iss
2022-11-23 05:49:03
ValidateUserInfoStandardClaims
locale is a string with content
2022-11-23 05:49:03
ValidateUserInfoStandardClaims
middle_name is a string with content
2022-11-23 05:49:03
ValidateUserInfoStandardClaims
name is a string with content
2022-11-23 05:49:03
ValidateUserInfoStandardClaims
nickname is a string with content
2022-11-23 05:49:03
ValidateUserInfoStandardClaims
phone_number is a string with content
2022-11-23 05:49:03
ValidateUserInfoStandardClaims
phone_number_verified is a boolean
2022-11-23 05:49:03
ValidateUserInfoStandardClaims
picture is a string with content
2022-11-23 05:49:03
ValidateUserInfoStandardClaims
preferred_username is a string with content
2022-11-23 05:49:03
ValidateUserInfoStandardClaims
profile is a string with content
2022-11-23 05:49:03
ValidateUserInfoStandardClaims
Skipping unknown claim: rat
2022-11-23 05:49:03
ValidateUserInfoStandardClaims
Skipping unknown claim: realmName
2022-11-23 05:49:03
ValidateUserInfoStandardClaims
sub is a string with content
2022-11-23 05:49:03
ValidateUserInfoStandardClaims
updated_at is a number
2022-11-23 05:49:03
ValidateUserInfoStandardClaims
website is a string with content
2022-11-23 05:49:03
ValidateUserInfoStandardClaims
zoneinfo is a string with content
2022-11-23 05:49:03 SUCCESS
ValidateUserInfoStandardClaims
Userinfo is valid
2022-11-23 05:49:03 SUCCESS
EnsureUserInfoContainsSub
Found sub in userinfo
sub
6160017N67
2022-11-23 05:49:03 SUCCESS
EnsureUserInfoUpdatedAtValid
'updated_at' in userinfo response seems to be a valid time
updated_at
"Nov 23, 2022, 3:07:34 AM"
now
"Nov 23, 2022, 5:49:03 AM"
2022-11-23 05:49:03
EnsureMemberValuesInClaimNameReferenceToMemberNamesInClaimSources
userinfo response does not contain '_claim_names' nor _claim_sources'
2022-11-23 05:49:03 SUCCESS
VerifyUserInfoAndIdTokenInTokenEndpointSameSub
userinfo response and id_token sub are the same
sub_user_info
6160017N67
sub_id_token
6160017N67
2022-11-23 05:49:03 WARNING
VerifyScopesReturnedInUserInfoClaims
'claims' in userinfo doesn't contain all scope items of scope in authorization request(corresponds to scope standard claims)
actual_scope_items
[
  "acr",
  "address",
  "amr",
  "aud",
  "auth_time",
  "birthdate",
  "email_verified",
  "gender",
  "iss",
  "locale",
  "middle_name",
  "name",
  "nickname",
  "phone_number",
  "phone_number_verified",
  "picture",
  "preferred_username",
  "profile",
  "rat",
  "realmName",
  "sub",
  "updated_at",
  "website",
  "zoneinfo"
]
missing_items
[
  "email"
]
expected_scope_items
[
  "sub",
  "email",
  "email_verified"
]
2022-11-23 05:49:03 WARNING
EnsureUserInfoDoesNotContainName
Unexpectedly found name in userinfo response. The conformance suite did not request the 'name' claim is returned and hence did not expect the server to include it. Technically this does not violate the specifications but it is likely a bug in the server and may result in user data being exposed in unintended ways.
name
ISV Dev
2022-11-23 05:49:03 FINISHED
oidcc-scope-email
Test has run to completion
testmodule_result
WARNING
Unregister dynamically registered client
2022-11-23 05:49:03
UnregisterDynamicallyRegisteredClient
Couldn't find registration_access_token.
2022-11-23 05:49:10
TEST-RUNNER
Alias has now been claimed by another test
alias
isv_op_oidc_core_test
new_test_id
uxGjEEdONedIiJd
Test Results