Test Summary

Test Results

Expand All Collapse All
All times are UTC
2022-11-27 18:19:07 INFO
TEST-RUNNER
Test instance F1zgX5W8ptviAUR created
baseUrl
https://www.certification.openid.net/test/a/isv_op_oidc_core_test
variant
{
  "client_auth_type": "client_secret_basic",
  "response_type": "code id_token token",
  "server_metadata": "discovery",
  "response_mode": "default",
  "client_registration": "dynamic_client"
}
alias
isv_op_oidc_core_test
description
isv_op_oidc_core_test_dynamic_client
planId
rdCLwWmseshp4
config
{
  "server": {
    "discoveryUrl": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/.well-known/openid-configuration",
    "login_hint": "isvdev@ibm.com"
  },
  "client": {
    "client_name": "Ristretto Core Conformance Test Dynamic Client One"
  },
  "client2": {
    "client_name": "Ristretto Core Conformance Test Dynamic Client Two"
  },
  "consent": {},
  "alias": "isv_op_oidc_core_test",
  "description": "isv_op_oidc_core_test_dynamic_client"
}
testName
oidcc-scope-email
2022-11-27 18:19:07 SUCCESS
CreateRedirectUri
Created redirect URI
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
2022-11-27 18:19:07
GetDynamicServerConfiguration
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/.well-known/openid-configuration
request_method
GET
request_headers
{
  "accept": "text/plain, application/json, application/*+json, */*",
  "content-length": "0"
}
request_body

                                
2022-11-27 18:19:07 RESPONSE
GetDynamicServerConfiguration
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AKe9f15334-03b2-4e83-b333-6c4d5d75b698",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c2816383aa1b10e3d579",
  "vary": "Accept-Encoding",
  "date": "Sun, 27 Nov 2022 18:19:07 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:gRNJjv3h9/WD3kX6fDjbzQ+JpZcWhRhcwnG4yARh1Ok\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:61017047; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d3A3EFA1E67363CA4862C2A2B80D7A8B7~-1~YAAQ7fnerV73iHyEAQAA+npQuggQBkc/YiHQTWhnbt3elLV/sUeuVSweeARxIZSu53zNT+SMSfEqJZwDmHMPspZ1ozWta3R0aS+M7AHO/UFdXr7Flky7qQb814mVamgC/eV0M4NXcmP9cqhEu+ghccbBCx5uG+/EwFY/Z2Eawe03wW94VfFsoL+qdFmCO/Hb2oIXD93vG7yaDaSBe8cdgFjbkuqqUd3mWeud23xAIuGqZLSLavMG6xKwgWiUkhTTOALYFM6xDGl8Pm4op1TaujE8utIDWCfDOhcybiYVnIx4eNgSrFJqEJtuk7cTHfDqouV7eDewH4kDOMr4uRjPWExYAkosHxKm2N0Bbfi8xpOYVFDP2dWZMih5BCAfYHyigPwSJ1E\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 27 Nov 2023 18:19:07 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d9CC45305B70ACBDDCF13D7351557A60F~YAAQ7fnerV/3iHyEAQAA+npQuhHXwiMbYXSfQUBmbVE1MhN5qGTWxjaiPetO8wmtENlOKu6iq0yrWygJHfYLZ0Zh+IBcvnYaeKiUhpwG9KZSfvQgcsKWrF1kiaTnh9g8GteLBzzrnbnLjOBzxfzbbaE1bacCcLng5iAX67syoTx1Z5mPEKQ+9SFbl3U+fEmS0Yeuxs0hM3XCXmZVIj/lFbQB3wItr6TZ5nn6SGwRB0VxBT9mZgoth7O4zbZ4SPg2l2wCHfyY00Ky5fMmONv1EIaANDGEqDJ5a3/pTScaQPuD1rlOjiqu3O4OXSU/~4340018~3360307; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dSun, 27 Nov 2022 22:19:07 GMT; Max-Age\u003d14400; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d131",
    "origin; dur\u003d133"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"issuer":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2","authorization_endpoint":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/authorize","token_endpoint":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/token","introspection_endpoint":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/introspect","userinfo_endpoint":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/userinfo","revocation_endpoint":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/revoke","pushed_authorization_request_endpoint":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/par","registration_endpoint":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register","jwks_uri":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/jwks","response_types_supported":["none","code","token","id_token","code token","code id_token","token id_token","code token id_token"],"response_modes_supported":["query","fragment","form_post","jwt","query.jwt","fragment.jwt","form_post.jwt"],"grant_types_supported":["authorization_code","implicit","password","refresh_token","client_credentials"],"token_endpoint_auth_methods_supported":["client_secret_basic","client_secret_post","private_key_jwt","tls_client_auth"],"authorization_signing_alg_values_supported":["RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512"],"authorization_encryption_alg_values_supported":["none","RSA-OAEP","RSA-OAEP-256"],"authorization_encryption_enc_values_supported":["none","A128GCM","A192GCM","A256GCM"],"id_token_signing_alg_values_supported":["RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512"],"id_token_encryption_alg_values_supported":["none","RSA-OAEP","RSA-OAEP-256"],"id_token_encryption_enc_values_supported":["none","A128GCM","A192GCM","A256GCM"],"userinfo_signing_alg_values_supported":["RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512"],"userinfo_encryption_alg_values_supported":["none","RSA-OAEP","RSA-OAEP-256"],"userinfo_encryption_enc_values_supported":["none","A128GCM","A192GCM","A256GCM"],"token_endpoint_auth_signing_alg_values_supported":["RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512"],"request_object_signing_alg_values_supported":["RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512"],"request_object_encryption_alg_values_supported":["none","RSA-OAEP","RSA-OAEP-256"],"request_object_encryption_enc_values_supported":["none","A128GCM","A192GCM","A256GCM"],"subject_types_supported":["public"],"scopes_supported":["openid","profile","email","phone","address"],"claims_supported":["mobile_number","job_title","preferred_username","email","given_name","family_name","employee_id","groupIds","uid","realmName","name","tenantId","department","upn","iss","acr"],"claim_types_supported":["normal"],"claims_parameter_supported":true,"request_parameter_supported":true,"request_uri_parameter_supported":true,"require_request_uri_registration":true,"tls_client_certificate_bound_access_tokens":true,"mtls_endpoint_aliases":{"introspection_endpoint":"https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/introspect","pushed_authorization_request_endpoint":"https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/par","revocation_endpoint":"https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/revoke","token_endpoint":"https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/token"},"dpop_signing_alg_values_supported":["RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512"]}
2022-11-27 18:19:07 SUCCESS
GetDynamicServerConfiguration
Successfully parsed server configuration
issuer
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2
authorization_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/authorize
token_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/token
introspection_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/introspect
userinfo_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/userinfo
revocation_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/revoke
pushed_authorization_request_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/par
registration_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register
jwks_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/jwks
response_types_supported
[
  "none",
  "code",
  "token",
  "id_token",
  "code token",
  "code id_token",
  "token id_token",
  "code token id_token"
]
response_modes_supported
[
  "query",
  "fragment",
  "form_post",
  "jwt",
  "query.jwt",
  "fragment.jwt",
  "form_post.jwt"
]
grant_types_supported
[
  "authorization_code",
  "implicit",
  "password",
  "refresh_token",
  "client_credentials"
]
token_endpoint_auth_methods_supported
[
  "client_secret_basic",
  "client_secret_post",
  "private_key_jwt",
  "tls_client_auth"
]
authorization_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "PS256",
  "PS384",
  "PS512",
  "ES256",
  "ES384",
  "ES512"
]
authorization_encryption_alg_values_supported
[
  "none",
  "RSA-OAEP",
  "RSA-OAEP-256"
]
authorization_encryption_enc_values_supported
[
  "none",
  "A128GCM",
  "A192GCM",
  "A256GCM"
]
id_token_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "PS256",
  "PS384",
  "PS512",
  "ES256",
  "ES384",
  "ES512"
]
id_token_encryption_alg_values_supported
[
  "none",
  "RSA-OAEP",
  "RSA-OAEP-256"
]
id_token_encryption_enc_values_supported
[
  "none",
  "A128GCM",
  "A192GCM",
  "A256GCM"
]
userinfo_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "PS256",
  "PS384",
  "PS512",
  "ES256",
  "ES384",
  "ES512"
]
userinfo_encryption_alg_values_supported
[
  "none",
  "RSA-OAEP",
  "RSA-OAEP-256"
]
userinfo_encryption_enc_values_supported
[
  "none",
  "A128GCM",
  "A192GCM",
  "A256GCM"
]
token_endpoint_auth_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "PS256",
  "PS384",
  "PS512",
  "ES256",
  "ES384",
  "ES512"
]
request_object_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "PS256",
  "PS384",
  "PS512",
  "ES256",
  "ES384",
  "ES512"
]
request_object_encryption_alg_values_supported
[
  "none",
  "RSA-OAEP",
  "RSA-OAEP-256"
]
request_object_encryption_enc_values_supported
[
  "none",
  "A128GCM",
  "A192GCM",
  "A256GCM"
]
subject_types_supported
[
  "public"
]
scopes_supported
[
  "openid",
  "profile",
  "email",
  "phone",
  "address"
]
claims_supported
[
  "mobile_number",
  "job_title",
  "preferred_username",
  "email",
  "given_name",
  "family_name",
  "employee_id",
  "groupIds",
  "uid",
  "realmName",
  "name",
  "tenantId",
  "department",
  "upn",
  "iss",
  "acr"
]
claim_types_supported
[
  "normal"
]
claims_parameter_supported
true
request_parameter_supported
true
request_uri_parameter_supported
true
require_request_uri_registration
true
tls_client_certificate_bound_access_tokens
true
mtls_endpoint_aliases
{
  "introspection_endpoint": "https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/introspect",
  "pushed_authorization_request_endpoint": "https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/par",
  "revocation_endpoint": "https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/revoke",
  "token_endpoint": "https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/token"
}
dpop_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "PS256",
  "PS384",
  "PS512",
  "ES256",
  "ES384",
  "ES512"
]
2022-11-27 18:19:07 SUCCESS
CheckServerConfiguration
Found required server configuration keys
required
[
  "authorization_endpoint",
  "token_endpoint",
  "issuer"
]
2022-11-27 18:19:07 SUCCESS
ExtractTLSTestValuesFromServerConfiguration
Extracted TLS information from authorization server configuration
registration_endpoint
{
  "testHost": "oidc-conformance.rel.verify.ibmcloudsecurity.com",
  "testPort": 443
}
authorization_endpoint
{
  "testHost": "oidc-conformance.rel.verify.ibmcloudsecurity.com",
  "testPort": 443
}
token_endpoint
{
  "testHost": "oidc-conformance.rel.verify.ibmcloudsecurity.com",
  "testPort": 443
}
userinfo_endpoint
{
  "testHost": "oidc-conformance.rel.verify.ibmcloudsecurity.com",
  "testPort": 443
}
2022-11-27 18:19:07
FetchServerKeys
Fetching server key
jwks_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/jwks
2022-11-27 18:19:07
FetchServerKeys
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/jwks
request_method
GET
request_headers
{
  "accept": "text/plain, application/json, application/*+json, */*",
  "content-length": "0"
}
request_body

                                
2022-11-27 18:19:07 RESPONSE
FetchServerKeys
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AKb0549397-54af-4b6a-a498-aafb63ad2ef5",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c2816383aa1b2064ccf5",
  "vary": "Accept-Encoding",
  "date": "Sun, 27 Nov 2022 18:19:07 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:bpmwMlUqdIIsPaOHtLpBukAPnsUN8rHkdXB7tnNMcCQ\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:57871319; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d9DD0E84A0311035E59F9FD3AEB532A6C~-1~YAAQ7fnerWD3iHyEAQAAB3xQugjhb0gOoiq7pDoNukb8MFqarj3a5RXOwke0aZt/GLnMMUAuCzC4ZTudHWIBCdORgHkBSmBpV/fOEfK/EWEimeSa7H7yYhiZaB6oickdjqgxQOb0357JIFOVTllroM6QjoRM+Yy7P0mpjJx460bVfHB7478F9717IaqCcP2USEMVP1gGaOJ8FQmlkFV4NfqwViwQJk9sBEwHNQzvhNPKpuv0wQCw1TQdMCILlCvcE90qULCC56noC1hGBfPUMM0x69kDj7XOZjf3XbjvBMfhhiBTnsa1iFcz5ggiuDDjDyD70bIsCUai0ERxV1P4EMqze0Qo6LfQnL1mzvnCzrAHdqgUM3FxQHUOyJxCyXbI6W/5zuE\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 27 Nov 2023 18:19:07 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003dA49AAC7A9C24EA9149088538B004D7B3~YAAQ7fnerWH3iHyEAQAAB3xQuhFqAh0Jr16OzXQ0h5TMGwyX/+weobDBYQ2ov/Xe/7ErGCAVvgssbaV/Ua2GIH3yP6VSDYLY9knLiWEdWfp17izk4ArRhc+tcm9kpv0dKMz/y3LVrniu4u+CjNFnXpvT93uFIi5gcfG4n4b8HzbAqPZmQ0hSfC88OtnAnheAN2YXELexFN47sOGtnvSo9GX88rISClTcVZjScjKiSJGjSyrtnxRUrnN1Y6+3vrSnPBbjWfdJyS2uThbwXAoCys1UpMYyDe4+2xAKS2FyRK2WADBPvCcE1leQhWBT~4340018~3360307; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dSun, 27 Nov 2022 22:19:07 GMT; Max-Age\u003d14400; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d91",
    "origin; dur\u003d111"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"keys":[{"kid":"server","kty":"RSA","use":"sig","x5c":["MIIDYDCCAkigAwIBAgIEIFW8uDANBgkqhkiG9w0BAQsFADByMQkwBwYDVQQGEwAxCTAHBgNVBAgTADEJMAcGA1UEBxMAMQkwBwYDVQQKEwAxCTAHBgNVBAsTADE5MDcGA1UEAxMwb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tMB4XDTIyMTExNDA0NDI0MFoXDTMyMTExMTA0NDI0MFowcjEJMAcGA1UEBhMAMQkwBwYDVQQIEwAxCTAHBgNVBAcTADEJMAcGA1UEChMAMQkwBwYDVQQLEwAxOTA3BgNVBAMTMG9pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALBtmxl55OH/ceueSG0bRucWkdCLybhWwz+x9J6IOb8Q89d4lcd7xhdkN+9nYEjqQMDrUEFDj2ajikKlxrJk7tZSkbu5skFuxHUETDhjHBqnNQb1jwhAdYzBPFTyQ9Ii7lm0uYTthnBJKvpvjKPoz7H9Vuu15RNDujq7RF6sDGSIJUTaxbx7EM2Xv37iqfSAjaMCvfLelacNHUfCAoyGeJYXCIOnlg2/KdfoN4QHKw9Dwq12Br2vau/TcvbD8Na4b+Mm/NEf00wFjt+MtbMCDyUFMQbsAuAk2eFS3eABb1VOQ9ZZOOcsXwB4nRewWIVVhJyMEixDXxm73G9oJBUpI6sCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAhvvrczfcb1xsYJeEiVtctWlLfHXyKkfyJpIU1nTGdKpd18tPv4OeLMyuJsOFenhJD95UauFwz3AT1zdHShp04JHWTtkb7aezFN4C9fpb97BUR0BheoYzkC6pgZ7M4QkkKE/AKYZfWLahqcbZ6ICmUfXyDJ2mWpXLpLm+l6jh32NF74ho8h4b65cMpDk5mFEp9vf1WgnmaWGtFjVuhAgaS8IrYcDy3DzVrZX/0kCPa0EXng7Xx1IkhUaKz0ajx3ZCmC6HmNa6U+oDKboGq7w1ZfscjOr8nB9M0f5BUAQN1m0nGAR1Ac96BMjfwwS/05lpPLF3Dv5CzOGLuIi0Cws7xA=="],"x5t#S256":"PVCDmVgwC-YE7Q8Bfe_9jJ8izpYjwStjUEYZEe-58Y4","n":"sG2bGXnk4f9x655IbRtG5xaR0IvJuFbDP7H0nog5vxDz13iVx3vGF2Q372dgSOpAwOtQQUOPZqOKQqXGsmTu1lKRu7myQW7EdQRMOGMcGqc1BvWPCEB1jME8VPJD0iLuWbS5hO2GcEkq-m-Mo-jPsf1W67XlE0O6OrtEXqwMZIglRNrFvHsQzZe_fuKp9ICNowK98t6Vpw0dR8ICjIZ4lhcIg6eWDb8p1-g3hAcrD0PCrXYGva9q79Ny9sPw1rhv4yb80R_TTAWO34y1swIPJQUxBuwC4CTZ4VLd4AFvVU5D1lk45yxfAHidF7BYhVWEnIwSLENfGbvcb2gkFSkjqw","e":"AQAB"}]}
2022-11-27 18:19:07
FetchServerKeys
Found JWK set string
jwk_string
{"keys":[{"kid":"server","kty":"RSA","use":"sig","x5c":["MIIDYDCCAkigAwIBAgIEIFW8uDANBgkqhkiG9w0BAQsFADByMQkwBwYDVQQGEwAxCTAHBgNVBAgTADEJMAcGA1UEBxMAMQkwBwYDVQQKEwAxCTAHBgNVBAsTADE5MDcGA1UEAxMwb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tMB4XDTIyMTExNDA0NDI0MFoXDTMyMTExMTA0NDI0MFowcjEJMAcGA1UEBhMAMQkwBwYDVQQIEwAxCTAHBgNVBAcTADEJMAcGA1UEChMAMQkwBwYDVQQLEwAxOTA3BgNVBAMTMG9pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALBtmxl55OH/ceueSG0bRucWkdCLybhWwz+x9J6IOb8Q89d4lcd7xhdkN+9nYEjqQMDrUEFDj2ajikKlxrJk7tZSkbu5skFuxHUETDhjHBqnNQb1jwhAdYzBPFTyQ9Ii7lm0uYTthnBJKvpvjKPoz7H9Vuu15RNDujq7RF6sDGSIJUTaxbx7EM2Xv37iqfSAjaMCvfLelacNHUfCAoyGeJYXCIOnlg2/KdfoN4QHKw9Dwq12Br2vau/TcvbD8Na4b+Mm/NEf00wFjt+MtbMCDyUFMQbsAuAk2eFS3eABb1VOQ9ZZOOcsXwB4nRewWIVVhJyMEixDXxm73G9oJBUpI6sCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAhvvrczfcb1xsYJeEiVtctWlLfHXyKkfyJpIU1nTGdKpd18tPv4OeLMyuJsOFenhJD95UauFwz3AT1zdHShp04JHWTtkb7aezFN4C9fpb97BUR0BheoYzkC6pgZ7M4QkkKE/AKYZfWLahqcbZ6ICmUfXyDJ2mWpXLpLm+l6jh32NF74ho8h4b65cMpDk5mFEp9vf1WgnmaWGtFjVuhAgaS8IrYcDy3DzVrZX/0kCPa0EXng7Xx1IkhUaKz0ajx3ZCmC6HmNa6U+oDKboGq7w1ZfscjOr8nB9M0f5BUAQN1m0nGAR1Ac96BMjfwwS/05lpPLF3Dv5CzOGLuIi0Cws7xA=="],"x5t#S256":"PVCDmVgwC-YE7Q8Bfe_9jJ8izpYjwStjUEYZEe-58Y4","n":"sG2bGXnk4f9x655IbRtG5xaR0IvJuFbDP7H0nog5vxDz13iVx3vGF2Q372dgSOpAwOtQQUOPZqOKQqXGsmTu1lKRu7myQW7EdQRMOGMcGqc1BvWPCEB1jME8VPJD0iLuWbS5hO2GcEkq-m-Mo-jPsf1W67XlE0O6OrtEXqwMZIglRNrFvHsQzZe_fuKp9ICNowK98t6Vpw0dR8ICjIZ4lhcIg6eWDb8p1-g3hAcrD0PCrXYGva9q79Ny9sPw1rhv4yb80R_TTAWO34y1swIPJQUxBuwC4CTZ4VLd4AFvVU5D1lk45yxfAHidF7BYhVWEnIwSLENfGbvcb2gkFSkjqw","e":"AQAB"}]}
2022-11-27 18:19:07 SUCCESS
FetchServerKeys
Found server JWK set
server_jwks
{
  "keys": [
    {
      "kid": "server",
      "kty": "RSA",
      "use": "sig",
      "x5c": [
        "MIIDYDCCAkigAwIBAgIEIFW8uDANBgkqhkiG9w0BAQsFADByMQkwBwYDVQQGEwAxCTAHBgNVBAgTADEJMAcGA1UEBxMAMQkwBwYDVQQKEwAxCTAHBgNVBAsTADE5MDcGA1UEAxMwb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tMB4XDTIyMTExNDA0NDI0MFoXDTMyMTExMTA0NDI0MFowcjEJMAcGA1UEBhMAMQkwBwYDVQQIEwAxCTAHBgNVBAcTADEJMAcGA1UEChMAMQkwBwYDVQQLEwAxOTA3BgNVBAMTMG9pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALBtmxl55OH/ceueSG0bRucWkdCLybhWwz+x9J6IOb8Q89d4lcd7xhdkN+9nYEjqQMDrUEFDj2ajikKlxrJk7tZSkbu5skFuxHUETDhjHBqnNQb1jwhAdYzBPFTyQ9Ii7lm0uYTthnBJKvpvjKPoz7H9Vuu15RNDujq7RF6sDGSIJUTaxbx7EM2Xv37iqfSAjaMCvfLelacNHUfCAoyGeJYXCIOnlg2/KdfoN4QHKw9Dwq12Br2vau/TcvbD8Na4b+Mm/NEf00wFjt+MtbMCDyUFMQbsAuAk2eFS3eABb1VOQ9ZZOOcsXwB4nRewWIVVhJyMEixDXxm73G9oJBUpI6sCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAhvvrczfcb1xsYJeEiVtctWlLfHXyKkfyJpIU1nTGdKpd18tPv4OeLMyuJsOFenhJD95UauFwz3AT1zdHShp04JHWTtkb7aezFN4C9fpb97BUR0BheoYzkC6pgZ7M4QkkKE/AKYZfWLahqcbZ6ICmUfXyDJ2mWpXLpLm+l6jh32NF74ho8h4b65cMpDk5mFEp9vf1WgnmaWGtFjVuhAgaS8IrYcDy3DzVrZX/0kCPa0EXng7Xx1IkhUaKz0ajx3ZCmC6HmNa6U+oDKboGq7w1ZfscjOr8nB9M0f5BUAQN1m0nGAR1Ac96BMjfwwS/05lpPLF3Dv5CzOGLuIi0Cws7xA\u003d\u003d"
      ],
      "x5t#S256": "PVCDmVgwC-YE7Q8Bfe_9jJ8izpYjwStjUEYZEe-58Y4",
      "n": "sG2bGXnk4f9x655IbRtG5xaR0IvJuFbDP7H0nog5vxDz13iVx3vGF2Q372dgSOpAwOtQQUOPZqOKQqXGsmTu1lKRu7myQW7EdQRMOGMcGqc1BvWPCEB1jME8VPJD0iLuWbS5hO2GcEkq-m-Mo-jPsf1W67XlE0O6OrtEXqwMZIglRNrFvHsQzZe_fuKp9ICNowK98t6Vpw0dR8ICjIZ4lhcIg6eWDb8p1-g3hAcrD0PCrXYGva9q79Ny9sPw1rhv4yb80R_TTAWO34y1swIPJQUxBuwC4CTZ4VLd4AFvVU5D1lk45yxfAHidF7BYhVWEnIwSLENfGbvcb2gkFSkjqw",
      "e": "AQAB"
    }
  ]
}
2022-11-27 18:19:07 SUCCESS
CheckServerKeysIsValid
Server JWKs is valid
server_jwks
{
  "keys": [
    {
      "kid": "server",
      "kty": "RSA",
      "use": "sig",
      "x5c": [
        "MIIDYDCCAkigAwIBAgIEIFW8uDANBgkqhkiG9w0BAQsFADByMQkwBwYDVQQGEwAxCTAHBgNVBAgTADEJMAcGA1UEBxMAMQkwBwYDVQQKEwAxCTAHBgNVBAsTADE5MDcGA1UEAxMwb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tMB4XDTIyMTExNDA0NDI0MFoXDTMyMTExMTA0NDI0MFowcjEJMAcGA1UEBhMAMQkwBwYDVQQIEwAxCTAHBgNVBAcTADEJMAcGA1UEChMAMQkwBwYDVQQLEwAxOTA3BgNVBAMTMG9pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALBtmxl55OH/ceueSG0bRucWkdCLybhWwz+x9J6IOb8Q89d4lcd7xhdkN+9nYEjqQMDrUEFDj2ajikKlxrJk7tZSkbu5skFuxHUETDhjHBqnNQb1jwhAdYzBPFTyQ9Ii7lm0uYTthnBJKvpvjKPoz7H9Vuu15RNDujq7RF6sDGSIJUTaxbx7EM2Xv37iqfSAjaMCvfLelacNHUfCAoyGeJYXCIOnlg2/KdfoN4QHKw9Dwq12Br2vau/TcvbD8Na4b+Mm/NEf00wFjt+MtbMCDyUFMQbsAuAk2eFS3eABb1VOQ9ZZOOcsXwB4nRewWIVVhJyMEixDXxm73G9oJBUpI6sCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAhvvrczfcb1xsYJeEiVtctWlLfHXyKkfyJpIU1nTGdKpd18tPv4OeLMyuJsOFenhJD95UauFwz3AT1zdHShp04JHWTtkb7aezFN4C9fpb97BUR0BheoYzkC6pgZ7M4QkkKE/AKYZfWLahqcbZ6ICmUfXyDJ2mWpXLpLm+l6jh32NF74ho8h4b65cMpDk5mFEp9vf1WgnmaWGtFjVuhAgaS8IrYcDy3DzVrZX/0kCPa0EXng7Xx1IkhUaKz0ajx3ZCmC6HmNa6U+oDKboGq7w1ZfscjOr8nB9M0f5BUAQN1m0nGAR1Ac96BMjfwwS/05lpPLF3Dv5CzOGLuIi0Cws7xA\u003d\u003d"
      ],
      "x5t#S256": "PVCDmVgwC-YE7Q8Bfe_9jJ8izpYjwStjUEYZEe-58Y4",
      "n": "sG2bGXnk4f9x655IbRtG5xaR0IvJuFbDP7H0nog5vxDz13iVx3vGF2Q372dgSOpAwOtQQUOPZqOKQqXGsmTu1lKRu7myQW7EdQRMOGMcGqc1BvWPCEB1jME8VPJD0iLuWbS5hO2GcEkq-m-Mo-jPsf1W67XlE0O6OrtEXqwMZIglRNrFvHsQzZe_fuKp9ICNowK98t6Vpw0dR8ICjIZ4lhcIg6eWDb8p1-g3hAcrD0PCrXYGva9q79Ny9sPw1rhv4yb80R_TTAWO34y1swIPJQUxBuwC4CTZ4VLd4AFvVU5D1lk45yxfAHidF7BYhVWEnIwSLENfGbvcb2gkFSkjqw",
      "e": "AQAB"
    }
  ]
}
2022-11-27 18:19:07 SUCCESS
ValidateServerJWKs
Valid server JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2022-11-27 18:19:07 SUCCESS
CheckForKeyIdInServerJWKs
All keys contain kids
2022-11-27 18:19:07 SUCCESS
CheckDistinctKeyIdValueInServerJWKs
Distinct 'kid' value in all keys of server_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2022-11-27 18:19:07 SUCCESS
EnsureServerJwksDoesNotContainPrivateOrSymmetricKeys
Jwks does not contain any private or symmetric keys
2022-11-27 18:19:07
StoreOriginalClientConfiguration
Created original_client_config object from the client configuration.
client_name
Ristretto Core Conformance Test Dynamic Client One
2022-11-27 18:19:07
ExtractClientNameFromStoredConfig
Extracted client_name from stored client configuration.
client_name
Ristretto Core Conformance Test Dynamic Client One
2022-11-27 18:19:07 SUCCESS
GenerateRS256ClientJWKs
Generated client JWKs
client_jwks
{
  "keys": [
    {
      "p": "9RN9TYFT8MN4NCooyNjI9UWFkohwidyOz5NHPT4-gSXtgYYUO0qrVFO4VeT5tlGPgQItdQ-5YjIgBysnCTfD53K8h8vZ435FPXJDYqWv2-hh3Kt7kIaMQ4oOhS5aJxDHEt6cykhp57sAj18P41eZ3fTHi-W4mKBMKb4Egk2h77k",
      "kty": "RSA",
      "q": "oL5z8SYg7hIeDI5685ciSeGj-PM8PPZxIQxqMqsq8dC-lkY7Gln4ra0Bb0mJQ94wanvH3FnAM9pAqAv92GiMl0hEc97UMeu221aFeGpdaPBvhCd_EO8U9L_WZAdSjHJ15a5BQqASdLGRR-X53T-dHU6HNkOveOaR2kGoHS2Ppvk",
      "d": "RNOKN4rRJ2K5QLwwaO9lR-_qabSI8V3691B5xgU-8TD5XB32dArSLP2vMOmexpvKNJGAyBTiAN0eiOCuYlLHTdMopYvt5IyrQI8onDTXERbxFzuSenwrOK4e_XO5U0v3sk5HRIPVst4KVoQUfxNxwlx29aCSfBz2eVU0_rMxQmT-EHd2mNt9y8qB95uIzITyp2c17r5e3e49MhjoCJKyTNRGmyNL8REBrix8KO_ai2leeuu3dcM8xL4lE-KaNk2LPygpPsZsquEhKncRTGF0Jl4DDCa5dcpO9QsN0kJBHMwDr-Nk0-KpN2i4F58PS7Hy8g8VyrfQ15X-8c19zFSgAQ",
      "e": "AQAB",
      "use": "sig",
      "qi": "ZhSknTU91eZDXXMtnw6__LtH0JQtfBKxFgD663zZazjexJ65kTMezAPBIXqMACOcff0-qTgXf9zxOG_do4ZLhzB-amtmThGn6dqbNrXNHQp3hc29_IqNHNJ6NtJ5Lj2Vc9vM84LFlys_H4oZNmBtHIXROlGlFi_WHce54H2OhIc",
      "dp": "GrFOunxViimgE_5rhsSlzqEN1VHq__j3zP_7iF4ZLLPW1H6oAXU2h-6-awyPbh4gBSsZjGB0Do_rERzQGZ7rRXAnvJqlVrPQEss5L6tgJhF_Zyt-P9WHvWtx_Wt5Ajw_knyQky-j6Uti2jq-XkKSTax1d3VDz8vVv84ka5TNCHE",
      "alg": "RS256",
      "dq": "a_5IatVQ_mFRquH2nL0HHlfoEBNqfxKbArcSiiQRYBD8Wn2oq5WSyywWcKwY-m3GXWP37ISn6q5RDhWwX7ot6l11D9u--CMC4O2KElJzm1MduM3IQpo9nAlegimhPhaQOtUNpzNf8uJxVrqdWhWo-s2NbdmfhDxz9QxzY9b-UhE",
      "n": "meKBxg19pMjy5RP-FqLHeFwbnMbeyz1QHblxGtI1k2w_1bks35eHwPoZADd5J6NcXrRyzwBeGAb7TSDm35dH1KIDSj2njM7zQndqlGElgGbdv404XggnlpRUOS0xztvDnjxPiQpKQmh_5moEf8o1Snb_mVu9LSFrg3Sqp3pFOBiBmxLX8xKxV-UvaYask8_Zz6H5ydN2lRIQNSBWfgwPL74mL5xAlK8SNI1sftN_LP02Jkq3_hwfnsdWf9_5UdlzqZD8kNNamH-OQ_c2M7WEosIW2g0gCBur_G1R_Vxhni64y0CbXV9FLQF8uPF_kRPBckcAbkbFpNS10EWh8Usg8Q"
    }
  ]
}
public_client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "alg": "RS256",
      "n": "meKBxg19pMjy5RP-FqLHeFwbnMbeyz1QHblxGtI1k2w_1bks35eHwPoZADd5J6NcXrRyzwBeGAb7TSDm35dH1KIDSj2njM7zQndqlGElgGbdv404XggnlpRUOS0xztvDnjxPiQpKQmh_5moEf8o1Snb_mVu9LSFrg3Sqp3pFOBiBmxLX8xKxV-UvaYask8_Zz6H5ydN2lRIQNSBWfgwPL74mL5xAlK8SNI1sftN_LP02Jkq3_hwfnsdWf9_5UdlzqZD8kNNamH-OQ_c2M7WEosIW2g0gCBur_G1R_Vxhni64y0CbXV9FLQF8uPF_kRPBckcAbkbFpNS10EWh8Usg8Q"
    }
  ]
}
2022-11-27 18:19:07 SUCCESS
CheckDistinctKeyIdValueInClientJWKs
Distinct 'kid' value in all keys of client_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2022-11-27 18:19:07
CreateEmptyDynamicRegistrationRequest
Created empty dynamic registration request
2022-11-27 18:19:07
AddClientNameToDynamicRegistrationRequest
Added client_name to registration request
client_name
Ristretto Core Conformance Test Dynamic Client One F1zgX5W8ptviAUR
2022-11-27 18:19:07
AddAuthorizationCodeGrantTypeToDynamicRegistrationRequest
Added 'authorization_code' to 'grant_types'
grant_types
[
  "authorization_code"
]
2022-11-27 18:19:07
AddImplicitGrantTypeToDynamicRegistrationRequest
Added 'implicit' to 'grant_types'
grant_types
[
  "authorization_code",
  "implicit"
]
2022-11-27 18:19:07
AddPublicJwksToDynamicRegistrationRequest
Added client public JWKS to dynamic registration request
dynamic_registration_request
{
  "client_name": "Ristretto Core Conformance Test Dynamic Client One F1zgX5W8ptviAUR",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "meKBxg19pMjy5RP-FqLHeFwbnMbeyz1QHblxGtI1k2w_1bks35eHwPoZADd5J6NcXrRyzwBeGAb7TSDm35dH1KIDSj2njM7zQndqlGElgGbdv404XggnlpRUOS0xztvDnjxPiQpKQmh_5moEf8o1Snb_mVu9LSFrg3Sqp3pFOBiBmxLX8xKxV-UvaYask8_Zz6H5ydN2lRIQNSBWfgwPL74mL5xAlK8SNI1sftN_LP02Jkq3_hwfnsdWf9_5UdlzqZD8kNNamH-OQ_c2M7WEosIW2g0gCBur_G1R_Vxhni64y0CbXV9FLQF8uPF_kRPBckcAbkbFpNS10EWh8Usg8Q"
      }
    ]
  }
}
2022-11-27 18:19:07
AddTokenEndpointAuthMethodToDynamicRegistrationRequestFromEnvironment
Added token endpoint auth method to dynamic registration request
dynamic_registration_request
{
  "client_name": "Ristretto Core Conformance Test Dynamic Client One F1zgX5W8ptviAUR",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "meKBxg19pMjy5RP-FqLHeFwbnMbeyz1QHblxGtI1k2w_1bks35eHwPoZADd5J6NcXrRyzwBeGAb7TSDm35dH1KIDSj2njM7zQndqlGElgGbdv404XggnlpRUOS0xztvDnjxPiQpKQmh_5moEf8o1Snb_mVu9LSFrg3Sqp3pFOBiBmxLX8xKxV-UvaYask8_Zz6H5ydN2lRIQNSBWfgwPL74mL5xAlK8SNI1sftN_LP02Jkq3_hwfnsdWf9_5UdlzqZD8kNNamH-OQ_c2M7WEosIW2g0gCBur_G1R_Vxhni64y0CbXV9FLQF8uPF_kRPBckcAbkbFpNS10EWh8Usg8Q"
      }
    ]
  },
  "token_endpoint_auth_method": "client_secret_basic"
}
2022-11-27 18:19:07
AddResponseTypesArrayToDynamicRegistrationRequestFromEnvironment
Added response_types array to dynamic registration request
dynamic_registration_request
{
  "client_name": "Ristretto Core Conformance Test Dynamic Client One F1zgX5W8ptviAUR",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "meKBxg19pMjy5RP-FqLHeFwbnMbeyz1QHblxGtI1k2w_1bks35eHwPoZADd5J6NcXrRyzwBeGAb7TSDm35dH1KIDSj2njM7zQndqlGElgGbdv404XggnlpRUOS0xztvDnjxPiQpKQmh_5moEf8o1Snb_mVu9LSFrg3Sqp3pFOBiBmxLX8xKxV-UvaYask8_Zz6H5ydN2lRIQNSBWfgwPL74mL5xAlK8SNI1sftN_LP02Jkq3_hwfnsdWf9_5UdlzqZD8kNNamH-OQ_c2M7WEosIW2g0gCBur_G1R_Vxhni64y0CbXV9FLQF8uPF_kRPBckcAbkbFpNS10EWh8Usg8Q"
      }
    ]
  },
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code id_token token"
  ]
}
2022-11-27 18:19:07
AddRedirectUriToDynamicRegistrationRequest
Added redirect_uris array to dynamic registration request
dynamic_registration_request
{
  "client_name": "Ristretto Core Conformance Test Dynamic Client One F1zgX5W8ptviAUR",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "meKBxg19pMjy5RP-FqLHeFwbnMbeyz1QHblxGtI1k2w_1bks35eHwPoZADd5J6NcXrRyzwBeGAb7TSDm35dH1KIDSj2njM7zQndqlGElgGbdv404XggnlpRUOS0xztvDnjxPiQpKQmh_5moEf8o1Snb_mVu9LSFrg3Sqp3pFOBiBmxLX8xKxV-UvaYask8_Zz6H5ydN2lRIQNSBWfgwPL74mL5xAlK8SNI1sftN_LP02Jkq3_hwfnsdWf9_5UdlzqZD8kNNamH-OQ_c2M7WEosIW2g0gCBur_G1R_Vxhni64y0CbXV9FLQF8uPF_kRPBckcAbkbFpNS10EWh8Usg8Q"
      }
    ]
  },
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code id_token token"
  ],
  "redirect_uris": [
    "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"
  ]
}
2022-11-27 18:19:07
AddContactsToDynamicRegistrationRequest
Added contacts array to dynamic registration request
dynamic_registration_request
{
  "client_name": "Ristretto Core Conformance Test Dynamic Client One F1zgX5W8ptviAUR",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "meKBxg19pMjy5RP-FqLHeFwbnMbeyz1QHblxGtI1k2w_1bks35eHwPoZADd5J6NcXrRyzwBeGAb7TSDm35dH1KIDSj2njM7zQndqlGElgGbdv404XggnlpRUOS0xztvDnjxPiQpKQmh_5moEf8o1Snb_mVu9LSFrg3Sqp3pFOBiBmxLX8xKxV-UvaYask8_Zz6H5ydN2lRIQNSBWfgwPL74mL5xAlK8SNI1sftN_LP02Jkq3_hwfnsdWf9_5UdlzqZD8kNNamH-OQ_c2M7WEosIW2g0gCBur_G1R_Vxhni64y0CbXV9FLQF8uPF_kRPBckcAbkbFpNS10EWh8Usg8Q"
      }
    ]
  },
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code id_token token"
  ],
  "redirect_uris": [
    "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"
  ],
  "contacts": [
    "certification@oidf.org"
  ]
}
2022-11-27 18:19:07
CallDynamicRegistrationEndpoint
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register
request_method
POST
request_headers
{
  "accept": "application/json",
  "accept-charset": "utf-8",
  "content-type": "application/json",
  "content-length": "775"
}
request_body
{"client_name":"Ristretto Core Conformance Test Dynamic Client One F1zgX5W8ptviAUR","grant_types":["authorization_code","implicit"],"jwks":{"keys":[{"kty":"RSA","e":"AQAB","use":"sig","alg":"RS256","n":"meKBxg19pMjy5RP-FqLHeFwbnMbeyz1QHblxGtI1k2w_1bks35eHwPoZADd5J6NcXrRyzwBeGAb7TSDm35dH1KIDSj2njM7zQndqlGElgGbdv404XggnlpRUOS0xztvDnjxPiQpKQmh_5moEf8o1Snb_mVu9LSFrg3Sqp3pFOBiBmxLX8xKxV-UvaYask8_Zz6H5ydN2lRIQNSBWfgwPL74mL5xAlK8SNI1sftN_LP02Jkq3_hwfnsdWf9_5UdlzqZD8kNNamH-OQ_c2M7WEosIW2g0gCBur_G1R_Vxhni64y0CbXV9FLQF8uPF_kRPBckcAbkbFpNS10EWh8Usg8Q"}]},"token_endpoint_auth_method":"client_secret_basic","response_types":["code id_token token"],"redirect_uris":["https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"],"contacts":["certification@oidf.org"]}
2022-11-27 18:19:11 RESPONSE
CallDynamicRegistrationEndpoint
HTTP response
response_status_code
201 CREATED
response_status_text
Created
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AKc386ed5e-0747-431d-8e5a-9a262c21b234",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c2816383aa1b2064e385",
  "content-length": "1443",
  "date": "Sun, 27 Nov 2022 18:19:11 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:L0ZcK5CkUEen/8mWd/+/ij3wgM56oVx31Kon9dldjcw\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:61017047; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d4466398FC19986DD0D9F25B9A7A3D656~-1~YAAQ7fnerYH3iHyEAQAAvItQugj8/hP2g0SK3dMmdgga15jMUcSwIhvubtHZMJE+GtkBWmfEbWTKZYoYLP1Odnce3Odl8y8iStmqDl5UgZWbyzqk5vgNOXrWDtTQaRFzSq44htOrkWU6fzG4QnZzmJD9JY68wdghY+ePo8HeLmGsKMDi40iJUOS7dEU8yqe60qY8uxJC6hKnCbdZ5WSf74ISQ1n1GsOO5acjOxUFBu+YITyRj7ToBJdFlVNYfurwFiQLagVFghIBDAoTsr5TI0F+ymYR5xgnb0IDbL0veH/43Nmq+59Y8GKT12FFe9HyNGJBl/uke/q5GZz3KX+AAWEO4NUQHPQCdktowOUVfc1hVdMsT/MAR7duE90gPZABibbmjPs\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 27 Nov 2023 18:19:11 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d60EB5087353376D4FFB562064CE4EE52~YAAQ7fnerYL3iHyEAQAAvItQuhHbiNq1BSngnbTdAteqYzxumiUz9e6dujBYC6iw3zQNXsxVzwFqHzW+ybbjUdKwFN/f67Ab5/p3JsT2cUbW1rFg24du5PQWIZpTUwYW4M0iBGr3ZIdo/osk6VyNKYgpRqxecv4YCVdq2NfZK2IoIQsa81LsxNdLTivug4f7nhP8SN1SC5+4vylHOemDRJKKSkNEe+YFLr/ezpVn9zXGOhe6vEm4mYb020UNP9oQBxvAdmloDbt47fO6ZVbUV4YKm+uywDpurA4+eit2jTEDvn7A0ezhHteeWP14~4340018~3360307; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dSun, 27 Nov 2022 22:19:07 GMT; Max-Age\u003d14396; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d128",
    "origin; dur\u003d3759"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"all_users_entitled":true,"client_id":"cd5c5035-d536-4917-b2cd-a61daf7307f3","client_id_issued_at":"2022-11-27T18:19:08Z","client_name":"Ristretto Core Conformance Test Dynamic Client One F1zgX5W8ptviAUR","client_secret":"cpaFTtcsBD","client_secret_expires_at":0,"consent_action":"always_prompt","enforce_pkce":false,"grant_types":["authorization_code","implicit"],"id_token_map":[],"id_token_signed_response_alg":"RS256","initiate_login_uri":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com","jwks":{"keys":[{"use":"sig","kty":"RSA","alg":"RS256","n":"meKBxg19pMjy5RP-FqLHeFwbnMbeyz1QHblxGtI1k2w_1bks35eHwPoZADd5J6NcXrRyzwBeGAb7TSDm35dH1KIDSj2njM7zQndqlGElgGbdv404XggnlpRUOS0xztvDnjxPiQpKQmh_5moEf8o1Snb_mVu9LSFrg3Sqp3pFOBiBmxLX8xKxV-UvaYask8_Zz6H5ydN2lRIQNSBWfgwPL74mL5xAlK8SNI1sftN_LP02Jkq3_hwfnsdWf9_5UdlzqZD8kNNamH-OQ_c2M7WEosIW2g0gCBur_G1R_Vxhni64y0CbXV9FLQF8uPF_kRPBckcAbkbFpNS10EWh8Usg8Q","e":"AQAB"}]},"redirect_uris":["https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"],"registration_access_token":"KE90S_dbJbLBsSihpxE546m9xUy-dhD62Gjx7i0gGzc.1WOhTX86CSIJx4jq21kMUzgfTuOoWc5TxNi2FeNt7n2zC9xaPNYC8Nre5LHiLA0TQRrDz31L2CojArj3rtfnjQ.M18xNjY5NTczMTUxXzE4","registration_client_uri":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register/cd5c5035-d536-4917-b2cd-a61daf7307f3","response_types":["code token id_token"],"token_endpoint_auth_method":"client_secret_basic","token_map":[]}
2022-11-27 18:19:11
CallDynamicRegistrationEndpoint
Parsed registration endpoint response
status
201
endpoint_name
dynamic registration
headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AKc386ed5e-0747-431d-8e5a-9a262c21b234",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c2816383aa1b2064e385",
  "content-length": "1443",
  "date": "Sun, 27 Nov 2022 18:19:11 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:L0ZcK5CkUEen/8mWd/+/ij3wgM56oVx31Kon9dldjcw\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:61017047; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d4466398FC19986DD0D9F25B9A7A3D656~-1~YAAQ7fnerYH3iHyEAQAAvItQugj8/hP2g0SK3dMmdgga15jMUcSwIhvubtHZMJE+GtkBWmfEbWTKZYoYLP1Odnce3Odl8y8iStmqDl5UgZWbyzqk5vgNOXrWDtTQaRFzSq44htOrkWU6fzG4QnZzmJD9JY68wdghY+ePo8HeLmGsKMDi40iJUOS7dEU8yqe60qY8uxJC6hKnCbdZ5WSf74ISQ1n1GsOO5acjOxUFBu+YITyRj7ToBJdFlVNYfurwFiQLagVFghIBDAoTsr5TI0F+ymYR5xgnb0IDbL0veH/43Nmq+59Y8GKT12FFe9HyNGJBl/uke/q5GZz3KX+AAWEO4NUQHPQCdktowOUVfc1hVdMsT/MAR7duE90gPZABibbmjPs\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 27 Nov 2023 18:19:11 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d60EB5087353376D4FFB562064CE4EE52~YAAQ7fnerYL3iHyEAQAAvItQuhHbiNq1BSngnbTdAteqYzxumiUz9e6dujBYC6iw3zQNXsxVzwFqHzW+ybbjUdKwFN/f67Ab5/p3JsT2cUbW1rFg24du5PQWIZpTUwYW4M0iBGr3ZIdo/osk6VyNKYgpRqxecv4YCVdq2NfZK2IoIQsa81LsxNdLTivug4f7nhP8SN1SC5+4vylHOemDRJKKSkNEe+YFLr/ezpVn9zXGOhe6vEm4mYb020UNP9oQBxvAdmloDbt47fO6ZVbUV4YKm+uywDpurA4+eit2jTEDvn7A0ezhHteeWP14~4340018~3360307; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dSun, 27 Nov 2022 22:19:07 GMT; Max-Age\u003d14396; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d128",
    "origin; dur\u003d3759"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
body
{"all_users_entitled":true,"client_id":"cd5c5035-d536-4917-b2cd-a61daf7307f3","client_id_issued_at":"2022-11-27T18:19:08Z","client_name":"Ristretto Core Conformance Test Dynamic Client One F1zgX5W8ptviAUR","client_secret":"cpaFTtcsBD","client_secret_expires_at":0,"consent_action":"always_prompt","enforce_pkce":false,"grant_types":["authorization_code","implicit"],"id_token_map":[],"id_token_signed_response_alg":"RS256","initiate_login_uri":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com","jwks":{"keys":[{"use":"sig","kty":"RSA","alg":"RS256","n":"meKBxg19pMjy5RP-FqLHeFwbnMbeyz1QHblxGtI1k2w_1bks35eHwPoZADd5J6NcXrRyzwBeGAb7TSDm35dH1KIDSj2njM7zQndqlGElgGbdv404XggnlpRUOS0xztvDnjxPiQpKQmh_5moEf8o1Snb_mVu9LSFrg3Sqp3pFOBiBmxLX8xKxV-UvaYask8_Zz6H5ydN2lRIQNSBWfgwPL74mL5xAlK8SNI1sftN_LP02Jkq3_hwfnsdWf9_5UdlzqZD8kNNamH-OQ_c2M7WEosIW2g0gCBur_G1R_Vxhni64y0CbXV9FLQF8uPF_kRPBckcAbkbFpNS10EWh8Usg8Q","e":"AQAB"}]},"redirect_uris":["https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"],"registration_access_token":"KE90S_dbJbLBsSihpxE546m9xUy-dhD62Gjx7i0gGzc.1WOhTX86CSIJx4jq21kMUzgfTuOoWc5TxNi2FeNt7n2zC9xaPNYC8Nre5LHiLA0TQRrDz31L2CojArj3rtfnjQ.M18xNjY5NTczMTUxXzE4","registration_client_uri":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register/cd5c5035-d536-4917-b2cd-a61daf7307f3","response_types":["code token id_token"],"token_endpoint_auth_method":"client_secret_basic","token_map":[]}
body_json
{
  "all_users_entitled": true,
  "client_id": "cd5c5035-d536-4917-b2cd-a61daf7307f3",
  "client_id_issued_at": "2022-11-27T18:19:08Z",
  "client_name": "Ristretto Core Conformance Test Dynamic Client One F1zgX5W8ptviAUR",
  "client_secret": "cpaFTtcsBD",
  "client_secret_expires_at": 0,
  "consent_action": "always_prompt",
  "enforce_pkce": false,
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "id_token_map": [],
  "id_token_signed_response_alg": "RS256",
  "initiate_login_uri": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com",
  "jwks": {
    "keys": [
      {
        "use": "sig",
        "kty": "RSA",
        "alg": "RS256",
        "n": "meKBxg19pMjy5RP-FqLHeFwbnMbeyz1QHblxGtI1k2w_1bks35eHwPoZADd5J6NcXrRyzwBeGAb7TSDm35dH1KIDSj2njM7zQndqlGElgGbdv404XggnlpRUOS0xztvDnjxPiQpKQmh_5moEf8o1Snb_mVu9LSFrg3Sqp3pFOBiBmxLX8xKxV-UvaYask8_Zz6H5ydN2lRIQNSBWfgwPL74mL5xAlK8SNI1sftN_LP02Jkq3_hwfnsdWf9_5UdlzqZD8kNNamH-OQ_c2M7WEosIW2g0gCBur_G1R_Vxhni64y0CbXV9FLQF8uPF_kRPBckcAbkbFpNS10EWh8Usg8Q",
        "e": "AQAB"
      }
    ]
  },
  "redirect_uris": [
    "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"
  ],
  "registration_access_token": "KE90S_dbJbLBsSihpxE546m9xUy-dhD62Gjx7i0gGzc.1WOhTX86CSIJx4jq21kMUzgfTuOoWc5TxNi2FeNt7n2zC9xaPNYC8Nre5LHiLA0TQRrDz31L2CojArj3rtfnjQ.M18xNjY5NTczMTUxXzE4",
  "registration_client_uri": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register/cd5c5035-d536-4917-b2cd-a61daf7307f3",
  "response_types": [
    "code token id_token"
  ],
  "token_endpoint_auth_method": "client_secret_basic",
  "token_map": []
}
2022-11-27 18:19:11 SUCCESS
EnsureContentTypeJson
endpoint_response Content-Type: header is application/json
2022-11-27 18:19:11 SUCCESS
EnsureHttpStatusCodeIs201
dynamic registration endpoint returned the expected http status
expected_status
201
http_status
201
2022-11-27 18:19:11 SUCCESS
CheckNoErrorFromDynamicRegistrationEndpoint
Dynamic registration endpoint did not return an error.
2022-11-27 18:19:11 SUCCESS
ExtractDynamicRegistrationResponse
Extracted client from dynamic registration response
client_id
cd5c5035-d536-4917-b2cd-a61daf7307f3
2022-11-27 18:19:11 SUCCESS
VerifyClientManagementCredentials
Verified dynamic registration management credentials
registration_client_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register/cd5c5035-d536-4917-b2cd-a61daf7307f3
registration_access_token
KE90S_dbJbLBsSihpxE546m9xUy-dhD62Gjx7i0gGzc.1WOhTX86CSIJx4jq21kMUzgfTuOoWc5TxNi2FeNt7n2zC9xaPNYC8Nre5LHiLA0TQRrDz31L2CojArj3rtfnjQ.M18xNjY5NTczMTUxXzE4
2022-11-27 18:19:11
SetScopeInClientConfigurationToOpenId
Set scope in client configuration to "openid"
scope
openid
2022-11-27 18:19:11 SUCCESS
EnsureServerConfigurationSupportsClientSecretBasic
Contents of 'token_endpoint_auth_methods_supported' in discovery document matches expectations.
actual
[
  "client_secret_basic",
  "client_secret_post",
  "private_key_jwt",
  "tls_client_auth"
]
expected
[
  "client_secret_basic"
]
minimum_matches_required
1
2022-11-27 18:19:11
SetScopeInClientConfigurationToOpenIdEmail
Set scope in client configuration to "openid email"
scope
openid email
2022-11-27 18:19:11 SUCCESS
OIDCCCheckScopesSupportedContainScopeTest
'scopes_supported' in discovery document contain expected scopes
actual
[
  "openid",
  "profile",
  "email",
  "phone",
  "address"
]
expected
openid email
2022-11-27 18:19:11 SUCCESS
SetProtectedResourceUrlToUserInfoEndpoint
userinfo_endpoint will be used to test access token. The user info is not a mandatory to implement feature in the OpenID Connect specification, but is mandatory for certification.
protected_resource_url
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/userinfo
2022-11-27 18:19:11
oidcc-scope-email
Setup Done
Make request to authorization endpoint
2022-11-27 18:19:11 SUCCESS
CreateAuthorizationEndpointRequestFromClientInformation
Created authorization endpoint request
client_id
cd5c5035-d536-4917-b2cd-a61daf7307f3
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
scope
openid email
2022-11-27 18:19:11
CreateRandomStateValue
Created state value
requested_state_length
10
state
HSazGiMlda
2022-11-27 18:19:11 SUCCESS
AddStateToAuthorizationEndpointRequest
Added state parameter to request
client_id
cd5c5035-d536-4917-b2cd-a61daf7307f3
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
scope
openid email
state
HSazGiMlda
2022-11-27 18:19:11
CreateRandomNonceValue
Created nonce value
requested_nonce_length
10
nonce
oRqiR0xxWQ
2022-11-27 18:19:11 SUCCESS
AddNonceToAuthorizationEndpointRequest
Added nonce parameter to request
client_id
cd5c5035-d536-4917-b2cd-a61daf7307f3
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
scope
openid email
state
HSazGiMlda
nonce
oRqiR0xxWQ
2022-11-27 18:19:11 SUCCESS
SetAuthorizationEndpointRequestResponseTypeFromEnvironment
Added response_type parameter to request
client_id
cd5c5035-d536-4917-b2cd-a61daf7307f3
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
scope
openid email
state
HSazGiMlda
nonce
oRqiR0xxWQ
response_type
code id_token token
2022-11-27 18:19:11 SUCCESS
BuildPlainRedirectToAuthorizationEndpoint
Sending to authorization endpoint
auth_request
{
  "client_id": "cd5c5035-d536-4917-b2cd-a61daf7307f3",
  "redirect_uri": "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback",
  "scope": "openid email",
  "state": "HSazGiMlda",
  "nonce": "oRqiR0xxWQ",
  "response_type": "code id_token token"
}
redirect_to_authorization_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/authorize?client_id=cd5c5035-d536-4917-b2cd-a61daf7307f3&redirect_uri=https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback&scope=openid%20email&state=HSazGiMlda&nonce=oRqiR0xxWQ&response_type=code%20id_token%20token
2022-11-27 18:19:11 REDIRECT
oidcc-scope-email
Redirecting to authorization endpoint
redirect_to
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/authorize?client_id=cd5c5035-d536-4917-b2cd-a61daf7307f3&redirect_uri=https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback&scope=openid%20email&state=HSazGiMlda&nonce=oRqiR0xxWQ&response_type=code%20id_token%20token
2022-11-27 18:20:13 INCOMING
oidcc-scope-email
Incoming HTTP request to /test/a/isv_op_oidc_core_test/callback
incoming_headers
{
  "host": "www.certification.openid.net",
  "cache-control": "max-age\u003d0",
  "upgrade-insecure-requests": "1",
  "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,image/avif,image/webp,image/apng,*/*;q\u003d0.8,application/signed-exchange;v\u003db3;q\u003d0.9",
  "sec-fetch-site": "cross-site",
  "sec-fetch-mode": "navigate",
  "sec-fetch-user": "?1",
  "sec-fetch-dest": "document",
  "sec-ch-ua": "\"Google Chrome\";v\u003d\"107\", \"Chromium\";v\u003d\"107\", \"Not\u003dA?Brand\";v\u003d\"24\"",
  "sec-ch-ua-mobile": "?0",
  "sec-ch-ua-platform": "\"Windows\"",
  "referer": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-US,en;q\u003d0.9,zh-CN;q\u003d0.8,zh;q\u003d0.7",
  "cookie": "__utmz\u003d201319536.1668662898.14.3.utmcsr\u003dcertification.openid.net|utmccn\u003d(referral)|utmcmd\u003dreferral|utmcct\u003d/; __utmc\u003d201319536; __utma\u003d201319536.1094656506.1667372526.1669169819.1669192421.17; JSESSIONID\u003dA99EA218D2554846F38BDDE459E8C220",
  "connection": "close"
}
incoming_path
/test/a/isv_op_oidc_core_test/callback
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cert
incoming_query_string_params
{}
incoming_body
incoming_tls_chain
[
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL"
]
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_body_json
2022-11-27 18:20:13 SUCCESS
CreateRandomImplicitSubmitUrl
Created random implicit submission URL
implicit_submit
{
  "path": "implicit/fnLbrzo1f7nnYg0oUBF7",
  "fullUrl": "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/implicit/fnLbrzo1f7nnYg0oUBF7"
}
2022-11-27 18:20:13 OUTGOING
oidcc-scope-email
Response to HTTP request to test instance F1zgX5W8ptviAUR
outgoing
ModelAndView [view="implicitCallback"; model={implicitSubmitUrl=https://www.certification.openid.net/test/a/isv_op_oidc_core_test/implicit/fnLbrzo1f7nnYg0oUBF7, returnUrl=/log-detail.html?log=F1zgX5W8ptviAUR}]
outgoing_path
callback
2022-11-27 18:20:14 INCOMING
oidcc-scope-email
Incoming HTTP request to /test/a/isv_op_oidc_core_test/implicit/fnLbrzo1f7nnYg0oUBF7
incoming_headers
{
  "host": "www.certification.openid.net",
  "sec-ch-ua": "\"Google Chrome\";v\u003d\"107\", \"Chromium\";v\u003d\"107\", \"Not\u003dA?Brand\";v\u003d\"24\"",
  "accept": "*/*",
  "content-type": "text/plain",
  "x-requested-with": "XMLHttpRequest",
  "sec-ch-ua-mobile": "?0",
  "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36",
  "sec-ch-ua-platform": "\"Windows\"",
  "origin": "https://www.certification.openid.net",
  "sec-fetch-site": "same-origin",
  "sec-fetch-mode": "cors",
  "sec-fetch-dest": "empty",
  "referer": "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-US,en;q\u003d0.9,zh-CN;q\u003d0.8,zh;q\u003d0.7",
  "cookie": "__utmz\u003d201319536.1668662898.14.3.utmcsr\u003dcertification.openid.net|utmccn\u003d(referral)|utmcmd\u003dreferral|utmcct\u003d/; __utmc\u003d201319536; __utma\u003d201319536.1094656506.1667372526.1669169819.1669192421.17; JSESSIONID\u003dA99EA218D2554846F38BDDE459E8C220",
  "connection": "close",
  "content-length": "2215"
}
incoming_path
/test/a/isv_op_oidc_core_test/implicit/fnLbrzo1f7nnYg0oUBF7
incoming_body_form_params
incoming_method
POST
incoming_tls_version
TLSv1.2
incoming_tls_cert
incoming_query_string_params
{}
incoming_body
#access_token=14V1XI_l4GPVTuVLCgvYIL3NQ13cck3xS2ZQsEGGB_o.8aS4OUa0YxVtne1nJryKQ_7nW4OsFeNFV7D22kfR2-axZj-21fJVqOYO98QbX6o6PF1AqUNgcgRgo5HWxxdung.M18xNjY5NTczMjEzXzE4&code=ukEe0MWlQLHclTBQT0G-tV8z1ecPf3eTHbsd3nb3Yj0.3YmS3kYcELCF6FLbQRAYOeywKJuoVQ5zJKICaYCyyrd0PGvmkSV1KWK_RGwtIAho26_1MglF92gTQ4V-u9IJPg&expires_in=7199&id_token=eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiIxIiwiYWRkcmVzcyI6eyJhZGRyZXNzIjp7ImNvdW50cnkiOiJVUyIsImxvY2FsaXR5IjoiTG9zIEFuZ2VsZXMiLCJwb3N0YWxfY29kZSI6IjkwMjEwIiwicmVnaW9uIjoiQ0EiLCJzdHJlZXRfYWRkcmVzcyI6IjEyMzQgSG9sbHl3b29kIEJsdmQuIn0sInBob25lX251bWJlciI6IisxICgzMTApIDEyMy00NTY3In0sImFtciI6WyJwYXNzd29yZCJdLCJhdF9oYXNoIjoiZzhTY19rclhWazFRRTZiQkdhMUYyUSIsImF1ZCI6WyJjZDVjNTAzNS1kNTM2LTQ5MTctYjJjZC1hNjFkYWY3MzA3ZjMiXSwiYXV0aF90aW1lIjoxNjY5NTcxNTg4LCJiaXJ0aGRhdGUiOiIyMDIyLTExLTIzIiwiY19oYXNoIjoiY08zX2ttRzE1U29WZ2d5YjRtajg0USIsImVtYWlsX3ZlcmlmaWVkIjp0cnVlLCJleHAiOjE2Njk1ODA0MTMsImdlbmRlciI6Ik1hbGUiLCJpYXQiOjE2Njk1NzMyMTMsImlzcyI6Imh0dHBzOi8vb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tL29hdXRoMiIsImp0aSI6IjgzOTg1ZTQ5LWI4N2EtNGM2Zi1hNWJjLTgxMDM0MWE1ZTY3NyIsImxvY2FsZSI6ImVuLVVTIiwibWlkZGxlX25hbWUiOiJNaWRkbGVOYW1lIiwibmFtZSI6IklTViBEZXYiLCJuaWNrbmFtZSI6Im5pY2tuYW1lIiwibm9uY2UiOiJvUnFpUjB4eFdRIiwicGhvbmVfbnVtYmVyIjoiMTIzNDU2Nzg5IiwicGhvbmVfbnVtYmVyX3ZlcmlmaWVkIjp0cnVlLCJwaWN0dXJlIjoiaHR0cHM6Ly9vaWRjLWNvbmZvcm1hbmNlLnJlbC52ZXJpZnkuaWJtY2xvdWRzZWN1cml0eS5jb20iLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJpc3ZkZXZAaWJtLmNvbSIsInByb2ZpbGUiOiJFbmQtVXNlciIsInJhdCI6MTY2OTU3MzIwMywicmVhbG1OYW1lIjoiY2xvdWRJZGVudGl0eVJlYWxtIiwic19oYXNoIjoiQnp6RHhQRmJfcUdlbkEtTDdhZmstQSIsInN1YiI6IjYxNjAwMTdONjciLCJ1cGRhdGVkX2F0IjoxNjY5MTcyODU0LCJ3ZWJzaXRlIjoid3d3LmlibS5jb20iLCJ6b25laW5mbyI6IkFtZXJpY2EvTG9zX0FuZ2VsZXMifQ.mcDI48Ba0qKIQnAZXK39BzRUXbB2u-K3_U1FuucsJXpFGovc272KhOofPRQQAxqK3snv7kQGPwELa-aYGbKMcSo-c5qeOfhyTWVSFpf89WeQ_9EFSwiT-rYj5I_526gIlWzsBM3tjT3xluwlJOvuYt9CHYwHnpuNxtixnRxnyaHon-xA7QYEzGxA2NNMkpO2iw90DN8hm3hS2p2CGJApsh5iPWtm8SRu442r5K0tVaSJiIj2185xNcMQMX5yiW9CwZ-4IxzWo8TnYYSm1RmUk-DyapPCQje3_t3EHxNFrvzmU9_2MG1wb0qRK8ma3Szd44ObSrxMD2QIkWGlQpfxcA&iss=https%3A%2F%2Foidc-conformance.rel.verify.ibmcloudsecurity.com%2Foauth2&scope=openid+email&state=HSazGiMlda&token_type=bearer
incoming_tls_chain
[
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL"
]
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_body_json
2022-11-27 18:20:14 OUTGOING
oidcc-scope-email
Response to HTTP request to test instance F1zgX5W8ptviAUR
outgoing_status_code
204
outgoing_headers
{}
outgoing_body

                                
outgoing_path
implicit/fnLbrzo1f7nnYg0oUBF7
2022-11-27 18:20:14
ExtractImplicitHashToCallbackResponse
Extracted response from URL fragment
parameters
[
  {
    "name": "access_token",
    "value": "14V1XI_l4GPVTuVLCgvYIL3NQ13cck3xS2ZQsEGGB_o.8aS4OUa0YxVtne1nJryKQ_7nW4OsFeNFV7D22kfR2-axZj-21fJVqOYO98QbX6o6PF1AqUNgcgRgo5HWxxdung.M18xNjY5NTczMjEzXzE4"
  },
  {
    "name": "code",
    "value": "ukEe0MWlQLHclTBQT0G-tV8z1ecPf3eTHbsd3nb3Yj0.3YmS3kYcELCF6FLbQRAYOeywKJuoVQ5zJKICaYCyyrd0PGvmkSV1KWK_RGwtIAho26_1MglF92gTQ4V-u9IJPg"
  },
  {
    "name": "expires_in",
    "value": "7199"
  },
  {
    "name": "id_token",
    "value": "eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiIxIiwiYWRkcmVzcyI6eyJhZGRyZXNzIjp7ImNvdW50cnkiOiJVUyIsImxvY2FsaXR5IjoiTG9zIEFuZ2VsZXMiLCJwb3N0YWxfY29kZSI6IjkwMjEwIiwicmVnaW9uIjoiQ0EiLCJzdHJlZXRfYWRkcmVzcyI6IjEyMzQgSG9sbHl3b29kIEJsdmQuIn0sInBob25lX251bWJlciI6IisxICgzMTApIDEyMy00NTY3In0sImFtciI6WyJwYXNzd29yZCJdLCJhdF9oYXNoIjoiZzhTY19rclhWazFRRTZiQkdhMUYyUSIsImF1ZCI6WyJjZDVjNTAzNS1kNTM2LTQ5MTctYjJjZC1hNjFkYWY3MzA3ZjMiXSwiYXV0aF90aW1lIjoxNjY5NTcxNTg4LCJiaXJ0aGRhdGUiOiIyMDIyLTExLTIzIiwiY19oYXNoIjoiY08zX2ttRzE1U29WZ2d5YjRtajg0USIsImVtYWlsX3ZlcmlmaWVkIjp0cnVlLCJleHAiOjE2Njk1ODA0MTMsImdlbmRlciI6Ik1hbGUiLCJpYXQiOjE2Njk1NzMyMTMsImlzcyI6Imh0dHBzOi8vb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tL29hdXRoMiIsImp0aSI6IjgzOTg1ZTQ5LWI4N2EtNGM2Zi1hNWJjLTgxMDM0MWE1ZTY3NyIsImxvY2FsZSI6ImVuLVVTIiwibWlkZGxlX25hbWUiOiJNaWRkbGVOYW1lIiwibmFtZSI6IklTViBEZXYiLCJuaWNrbmFtZSI6Im5pY2tuYW1lIiwibm9uY2UiOiJvUnFpUjB4eFdRIiwicGhvbmVfbnVtYmVyIjoiMTIzNDU2Nzg5IiwicGhvbmVfbnVtYmVyX3ZlcmlmaWVkIjp0cnVlLCJwaWN0dXJlIjoiaHR0cHM6Ly9vaWRjLWNvbmZvcm1hbmNlLnJlbC52ZXJpZnkuaWJtY2xvdWRzZWN1cml0eS5jb20iLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJpc3ZkZXZAaWJtLmNvbSIsInByb2ZpbGUiOiJFbmQtVXNlciIsInJhdCI6MTY2OTU3MzIwMywicmVhbG1OYW1lIjoiY2xvdWRJZGVudGl0eVJlYWxtIiwic19oYXNoIjoiQnp6RHhQRmJfcUdlbkEtTDdhZmstQSIsInN1YiI6IjYxNjAwMTdONjciLCJ1cGRhdGVkX2F0IjoxNjY5MTcyODU0LCJ3ZWJzaXRlIjoid3d3LmlibS5jb20iLCJ6b25laW5mbyI6IkFtZXJpY2EvTG9zX0FuZ2VsZXMifQ.mcDI48Ba0qKIQnAZXK39BzRUXbB2u-K3_U1FuucsJXpFGovc272KhOofPRQQAxqK3snv7kQGPwELa-aYGbKMcSo-c5qeOfhyTWVSFpf89WeQ_9EFSwiT-rYj5I_526gIlWzsBM3tjT3xluwlJOvuYt9CHYwHnpuNxtixnRxnyaHon-xA7QYEzGxA2NNMkpO2iw90DN8hm3hS2p2CGJApsh5iPWtm8SRu442r5K0tVaSJiIj2185xNcMQMX5yiW9CwZ-4IxzWo8TnYYSm1RmUk-DyapPCQje3_t3EHxNFrvzmU9_2MG1wb0qRK8ma3Szd44ObSrxMD2QIkWGlQpfxcA"
  },
  {
    "name": "iss",
    "value": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2"
  },
  {
    "name": "scope",
    "value": "openid email"
  },
  {
    "name": "state",
    "value": "HSazGiMlda"
  },
  {
    "name": "token_type",
    "value": "bearer"
  }
]
2022-11-27 18:20:14 SUCCESS
ExtractImplicitHashToCallbackResponse
Extracted the hash values
access_token
14V1XI_l4GPVTuVLCgvYIL3NQ13cck3xS2ZQsEGGB_o.8aS4OUa0YxVtne1nJryKQ_7nW4OsFeNFV7D22kfR2-axZj-21fJVqOYO98QbX6o6PF1AqUNgcgRgo5HWxxdung.M18xNjY5NTczMjEzXzE4
code
ukEe0MWlQLHclTBQT0G-tV8z1ecPf3eTHbsd3nb3Yj0.3YmS3kYcELCF6FLbQRAYOeywKJuoVQ5zJKICaYCyyrd0PGvmkSV1KWK_RGwtIAho26_1MglF92gTQ4V-u9IJPg
expires_in
7199
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiIxIiwiYWRkcmVzcyI6eyJhZGRyZXNzIjp7ImNvdW50cnkiOiJVUyIsImxvY2FsaXR5IjoiTG9zIEFuZ2VsZXMiLCJwb3N0YWxfY29kZSI6IjkwMjEwIiwicmVnaW9uIjoiQ0EiLCJzdHJlZXRfYWRkcmVzcyI6IjEyMzQgSG9sbHl3b29kIEJsdmQuIn0sInBob25lX251bWJlciI6IisxICgzMTApIDEyMy00NTY3In0sImFtciI6WyJwYXNzd29yZCJdLCJhdF9oYXNoIjoiZzhTY19rclhWazFRRTZiQkdhMUYyUSIsImF1ZCI6WyJjZDVjNTAzNS1kNTM2LTQ5MTctYjJjZC1hNjFkYWY3MzA3ZjMiXSwiYXV0aF90aW1lIjoxNjY5NTcxNTg4LCJiaXJ0aGRhdGUiOiIyMDIyLTExLTIzIiwiY19oYXNoIjoiY08zX2ttRzE1U29WZ2d5YjRtajg0USIsImVtYWlsX3ZlcmlmaWVkIjp0cnVlLCJleHAiOjE2Njk1ODA0MTMsImdlbmRlciI6Ik1hbGUiLCJpYXQiOjE2Njk1NzMyMTMsImlzcyI6Imh0dHBzOi8vb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tL29hdXRoMiIsImp0aSI6IjgzOTg1ZTQ5LWI4N2EtNGM2Zi1hNWJjLTgxMDM0MWE1ZTY3NyIsImxvY2FsZSI6ImVuLVVTIiwibWlkZGxlX25hbWUiOiJNaWRkbGVOYW1lIiwibmFtZSI6IklTViBEZXYiLCJuaWNrbmFtZSI6Im5pY2tuYW1lIiwibm9uY2UiOiJvUnFpUjB4eFdRIiwicGhvbmVfbnVtYmVyIjoiMTIzNDU2Nzg5IiwicGhvbmVfbnVtYmVyX3ZlcmlmaWVkIjp0cnVlLCJwaWN0dXJlIjoiaHR0cHM6Ly9vaWRjLWNvbmZvcm1hbmNlLnJlbC52ZXJpZnkuaWJtY2xvdWRzZWN1cml0eS5jb20iLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJpc3ZkZXZAaWJtLmNvbSIsInByb2ZpbGUiOiJFbmQtVXNlciIsInJhdCI6MTY2OTU3MzIwMywicmVhbG1OYW1lIjoiY2xvdWRJZGVudGl0eVJlYWxtIiwic19oYXNoIjoiQnp6RHhQRmJfcUdlbkEtTDdhZmstQSIsInN1YiI6IjYxNjAwMTdONjciLCJ1cGRhdGVkX2F0IjoxNjY5MTcyODU0LCJ3ZWJzaXRlIjoid3d3LmlibS5jb20iLCJ6b25laW5mbyI6IkFtZXJpY2EvTG9zX0FuZ2VsZXMifQ.mcDI48Ba0qKIQnAZXK39BzRUXbB2u-K3_U1FuucsJXpFGovc272KhOofPRQQAxqK3snv7kQGPwELa-aYGbKMcSo-c5qeOfhyTWVSFpf89WeQ_9EFSwiT-rYj5I_526gIlWzsBM3tjT3xluwlJOvuYt9CHYwHnpuNxtixnRxnyaHon-xA7QYEzGxA2NNMkpO2iw90DN8hm3hS2p2CGJApsh5iPWtm8SRu442r5K0tVaSJiIj2185xNcMQMX5yiW9CwZ-4IxzWo8TnYYSm1RmUk-DyapPCQje3_t3EHxNFrvzmU9_2MG1wb0qRK8ma3Szd44ObSrxMD2QIkWGlQpfxcA
iss
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2
scope
openid email
state
HSazGiMlda
token_type
bearer
2022-11-27 18:20:14 REDIRECT-IN
oidcc-scope-email
Authorization endpoint response captured
url_query
{}
headers
{
  "host": "www.certification.openid.net",
  "cache-control": "max-age\u003d0",
  "upgrade-insecure-requests": "1",
  "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,image/avif,image/webp,image/apng,*/*;q\u003d0.8,application/signed-exchange;v\u003db3;q\u003d0.9",
  "sec-fetch-site": "cross-site",
  "sec-fetch-mode": "navigate",
  "sec-fetch-user": "?1",
  "sec-fetch-dest": "document",
  "sec-ch-ua": "\"Google Chrome\";v\u003d\"107\", \"Chromium\";v\u003d\"107\", \"Not\u003dA?Brand\";v\u003d\"24\"",
  "sec-ch-ua-mobile": "?0",
  "sec-ch-ua-platform": "\"Windows\"",
  "referer": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-US,en;q\u003d0.9,zh-CN;q\u003d0.8,zh;q\u003d0.7",
  "cookie": "__utmz\u003d201319536.1668662898.14.3.utmcsr\u003dcertification.openid.net|utmccn\u003d(referral)|utmcmd\u003dreferral|utmcct\u003d/; __utmc\u003d201319536; __utma\u003d201319536.1094656506.1667372526.1669169819.1669192421.17; JSESSIONID\u003dA99EA218D2554846F38BDDE459E8C220",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "x-forwarded-proto": "https",
  "x-forwarded-port": "443",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
http_method
GET
url_fragment
{
  "access_token": "14V1XI_l4GPVTuVLCgvYIL3NQ13cck3xS2ZQsEGGB_o.8aS4OUa0YxVtne1nJryKQ_7nW4OsFeNFV7D22kfR2-axZj-21fJVqOYO98QbX6o6PF1AqUNgcgRgo5HWxxdung.M18xNjY5NTczMjEzXzE4",
  "code": "ukEe0MWlQLHclTBQT0G-tV8z1ecPf3eTHbsd3nb3Yj0.3YmS3kYcELCF6FLbQRAYOeywKJuoVQ5zJKICaYCyyrd0PGvmkSV1KWK_RGwtIAho26_1MglF92gTQ4V-u9IJPg",
  "expires_in": "7199",
  "id_token": "eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiIxIiwiYWRkcmVzcyI6eyJhZGRyZXNzIjp7ImNvdW50cnkiOiJVUyIsImxvY2FsaXR5IjoiTG9zIEFuZ2VsZXMiLCJwb3N0YWxfY29kZSI6IjkwMjEwIiwicmVnaW9uIjoiQ0EiLCJzdHJlZXRfYWRkcmVzcyI6IjEyMzQgSG9sbHl3b29kIEJsdmQuIn0sInBob25lX251bWJlciI6IisxICgzMTApIDEyMy00NTY3In0sImFtciI6WyJwYXNzd29yZCJdLCJhdF9oYXNoIjoiZzhTY19rclhWazFRRTZiQkdhMUYyUSIsImF1ZCI6WyJjZDVjNTAzNS1kNTM2LTQ5MTctYjJjZC1hNjFkYWY3MzA3ZjMiXSwiYXV0aF90aW1lIjoxNjY5NTcxNTg4LCJiaXJ0aGRhdGUiOiIyMDIyLTExLTIzIiwiY19oYXNoIjoiY08zX2ttRzE1U29WZ2d5YjRtajg0USIsImVtYWlsX3ZlcmlmaWVkIjp0cnVlLCJleHAiOjE2Njk1ODA0MTMsImdlbmRlciI6Ik1hbGUiLCJpYXQiOjE2Njk1NzMyMTMsImlzcyI6Imh0dHBzOi8vb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tL29hdXRoMiIsImp0aSI6IjgzOTg1ZTQ5LWI4N2EtNGM2Zi1hNWJjLTgxMDM0MWE1ZTY3NyIsImxvY2FsZSI6ImVuLVVTIiwibWlkZGxlX25hbWUiOiJNaWRkbGVOYW1lIiwibmFtZSI6IklTViBEZXYiLCJuaWNrbmFtZSI6Im5pY2tuYW1lIiwibm9uY2UiOiJvUnFpUjB4eFdRIiwicGhvbmVfbnVtYmVyIjoiMTIzNDU2Nzg5IiwicGhvbmVfbnVtYmVyX3ZlcmlmaWVkIjp0cnVlLCJwaWN0dXJlIjoiaHR0cHM6Ly9vaWRjLWNvbmZvcm1hbmNlLnJlbC52ZXJpZnkuaWJtY2xvdWRzZWN1cml0eS5jb20iLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJpc3ZkZXZAaWJtLmNvbSIsInByb2ZpbGUiOiJFbmQtVXNlciIsInJhdCI6MTY2OTU3MzIwMywicmVhbG1OYW1lIjoiY2xvdWRJZGVudGl0eVJlYWxtIiwic19oYXNoIjoiQnp6RHhQRmJfcUdlbkEtTDdhZmstQSIsInN1YiI6IjYxNjAwMTdONjciLCJ1cGRhdGVkX2F0IjoxNjY5MTcyODU0LCJ3ZWJzaXRlIjoid3d3LmlibS5jb20iLCJ6b25laW5mbyI6IkFtZXJpY2EvTG9zX0FuZ2VsZXMifQ.mcDI48Ba0qKIQnAZXK39BzRUXbB2u-K3_U1FuucsJXpFGovc272KhOofPRQQAxqK3snv7kQGPwELa-aYGbKMcSo-c5qeOfhyTWVSFpf89WeQ_9EFSwiT-rYj5I_526gIlWzsBM3tjT3xluwlJOvuYt9CHYwHnpuNxtixnRxnyaHon-xA7QYEzGxA2NNMkpO2iw90DN8hm3hS2p2CGJApsh5iPWtm8SRu442r5K0tVaSJiIj2185xNcMQMX5yiW9CwZ-4IxzWo8TnYYSm1RmUk-DyapPCQje3_t3EHxNFrvzmU9_2MG1wb0qRK8ma3Szd44ObSrxMD2QIkWGlQpfxcA",
  "iss": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "scope": "openid email",
  "state": "HSazGiMlda",
  "token_type": "bearer"
}
post_body
Verify authorization endpoint response
2022-11-27 18:20:14 SUCCESS
RejectAuthCodeInUrlQuery
Authorization code is not present in URL query returned from authorization endpoint
2022-11-27 18:20:14 SUCCESS
RejectErrorInUrlQuery
'error' is not present in URL query returned from authorization endpoint
2022-11-27 18:20:14 SUCCESS
CheckMatchingCallbackParameters
Callback parameters successfully verified
2022-11-27 18:20:14 SUCCESS
ValidateIssInAuthorizationResponse
'iss' parameter in authorization response matches server's issuer value.
2022-11-27 18:20:14 SUCCESS
CheckIfAuthorizationEndpointError
No error from authorization endpoint
2022-11-27 18:20:14 SUCCESS
CheckStateInAuthorizationResponse
State in response correctly returned
state
HSazGiMlda
2022-11-27 18:20:14 SUCCESS
ExtractAuthorizationCodeFromAuthorizationResponse
Found authorization code
code
ukEe0MWlQLHclTBQT0G-tV8z1ecPf3eTHbsd3nb3Yj0.3YmS3kYcELCF6FLbQRAYOeywKJuoVQ5zJKICaYCyyrd0PGvmkSV1KWK_RGwtIAho26_1MglF92gTQ4V-u9IJPg
2022-11-27 18:20:14 SUCCESS
ExtractAccessTokenFromAuthorizationResponse
Extracted the access token
value
14V1XI_l4GPVTuVLCgvYIL3NQ13cck3xS2ZQsEGGB_o.8aS4OUa0YxVtne1nJryKQ_7nW4OsFeNFV7D22kfR2-axZj-21fJVqOYO98QbX6o6PF1AqUNgcgRgo5HWxxdung.M18xNjY5NTczMjEzXzE4
type
bearer
2022-11-27 18:20:14 SUCCESS
ExtractIdTokenFromAuthorizationResponse
Found and parsed the id_token from authorization_endpoint_response
value
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiIxIiwiYWRkcmVzcyI6eyJhZGRyZXNzIjp7ImNvdW50cnkiOiJVUyIsImxvY2FsaXR5IjoiTG9zIEFuZ2VsZXMiLCJwb3N0YWxfY29kZSI6IjkwMjEwIiwicmVnaW9uIjoiQ0EiLCJzdHJlZXRfYWRkcmVzcyI6IjEyMzQgSG9sbHl3b29kIEJsdmQuIn0sInBob25lX251bWJlciI6IisxICgzMTApIDEyMy00NTY3In0sImFtciI6WyJwYXNzd29yZCJdLCJhdF9oYXNoIjoiZzhTY19rclhWazFRRTZiQkdhMUYyUSIsImF1ZCI6WyJjZDVjNTAzNS1kNTM2LTQ5MTctYjJjZC1hNjFkYWY3MzA3ZjMiXSwiYXV0aF90aW1lIjoxNjY5NTcxNTg4LCJiaXJ0aGRhdGUiOiIyMDIyLTExLTIzIiwiY19oYXNoIjoiY08zX2ttRzE1U29WZ2d5YjRtajg0USIsImVtYWlsX3ZlcmlmaWVkIjp0cnVlLCJleHAiOjE2Njk1ODA0MTMsImdlbmRlciI6Ik1hbGUiLCJpYXQiOjE2Njk1NzMyMTMsImlzcyI6Imh0dHBzOi8vb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tL29hdXRoMiIsImp0aSI6IjgzOTg1ZTQ5LWI4N2EtNGM2Zi1hNWJjLTgxMDM0MWE1ZTY3NyIsImxvY2FsZSI6ImVuLVVTIiwibWlkZGxlX25hbWUiOiJNaWRkbGVOYW1lIiwibmFtZSI6IklTViBEZXYiLCJuaWNrbmFtZSI6Im5pY2tuYW1lIiwibm9uY2UiOiJvUnFpUjB4eFdRIiwicGhvbmVfbnVtYmVyIjoiMTIzNDU2Nzg5IiwicGhvbmVfbnVtYmVyX3ZlcmlmaWVkIjp0cnVlLCJwaWN0dXJlIjoiaHR0cHM6Ly9vaWRjLWNvbmZvcm1hbmNlLnJlbC52ZXJpZnkuaWJtY2xvdWRzZWN1cml0eS5jb20iLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJpc3ZkZXZAaWJtLmNvbSIsInByb2ZpbGUiOiJFbmQtVXNlciIsInJhdCI6MTY2OTU3MzIwMywicmVhbG1OYW1lIjoiY2xvdWRJZGVudGl0eVJlYWxtIiwic19oYXNoIjoiQnp6RHhQRmJfcUdlbkEtTDdhZmstQSIsInN1YiI6IjYxNjAwMTdONjciLCJ1cGRhdGVkX2F0IjoxNjY5MTcyODU0LCJ3ZWJzaXRlIjoid3d3LmlibS5jb20iLCJ6b25laW5mbyI6IkFtZXJpY2EvTG9zX0FuZ2VsZXMifQ.mcDI48Ba0qKIQnAZXK39BzRUXbB2u-K3_U1FuucsJXpFGovc272KhOofPRQQAxqK3snv7kQGPwELa-aYGbKMcSo-c5qeOfhyTWVSFpf89WeQ_9EFSwiT-rYj5I_526gIlWzsBM3tjT3xluwlJOvuYt9CHYwHnpuNxtixnRxnyaHon-xA7QYEzGxA2NNMkpO2iw90DN8hm3hS2p2CGJApsh5iPWtm8SRu442r5K0tVaSJiIj2185xNcMQMX5yiW9CwZ-4IxzWo8TnYYSm1RmUk-DyapPCQje3_t3EHxNFrvzmU9_2MG1wb0qRK8ma3Szd44ObSrxMD2QIkWGlQpfxcA
header
{
  "kid": "server",
  "alg": "RS256"
}
claims
{
  "at_hash": "g8Sc_krXVk1QE6bBGa1F2Q",
  "sub": "6160017N67",
  "zoneinfo": "America/Los_Angeles",
  "birthdate": "2022-11-23",
  "gender": "Male",
  "realmName": "cloudIdentityRealm",
  "amr": [
    "password"
  ],
  "iss": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "preferred_username": "isvdev@ibm.com",
  "locale": "en-US",
  "acr": "1",
  "updated_at": 1669172854,
  "auth_time": 1669571588,
  "nickname": "nickname",
  "exp": 1669580413,
  "iat": 1669573213,
  "jti": "83985e49-b87a-4c6f-a5bc-810341a5e677",
  "website": "www.ibm.com",
  "address": {
    "address": {
      "country": "US",
      "street_address": "1234 Hollywood Blvd.",
      "locality": "Los Angeles",
      "postal_code": "90210",
      "region": "CA"
    },
    "phone_number": "+1 (310) 123-4567"
  },
  "email_verified": true,
  "rat": 1669573203,
  "profile": "End-User",
  "phone_number_verified": true,
  "middle_name": "MiddleName",
  "nonce": "oRqiR0xxWQ",
  "picture": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com",
  "aud": "cd5c5035-d536-4917-b2cd-a61daf7307f3",
  "c_hash": "cO3_kmG15SoVggyb4mj84Q",
  "s_hash": "BzzDxPFb_qGenA-L7afk-A",
  "name": "ISV Dev",
  "phone_number": "123456789"
}
2022-11-27 18:20:14 SUCCESS
ValidateIdToken
ID token iss, aud, exp, iat, auth_time, acr & nbf claims passed validation checks
2022-11-27 18:20:14
ValidateIdTokenStandardClaims
sub is a string with content
2022-11-27 18:20:14
ValidateIdTokenStandardClaims
zoneinfo is a string with content
2022-11-27 18:20:14
ValidateIdTokenStandardClaims
birthdate is a valid birthdate in the format stated in OpenID Connect Standard - YYYY-MM-DD, 0000-MM-DD or YYYY
2022-11-27 18:20:14
ValidateIdTokenStandardClaims
gender is a string with content
2022-11-27 18:20:14
ValidateIdTokenStandardClaims
Skipping unknown claim: realmName
2022-11-27 18:20:14
ValidateIdTokenStandardClaims
preferred_username is a string with content
2022-11-27 18:20:14
ValidateIdTokenStandardClaims
locale is a string with content
2022-11-27 18:20:14
ValidateIdTokenStandardClaims
updated_at is a number
2022-11-27 18:20:14
ValidateIdTokenStandardClaims
nickname is a string with content
2022-11-27 18:20:14
ValidateIdTokenStandardClaims
website is a string with content
2022-11-27 18:20:14
ValidateIdTokenStandardClaims
Skipping unknown claim: address.address
2022-11-27 18:20:14
ValidateIdTokenStandardClaims
Skipping unknown claim: address.phone_number
2022-11-27 18:20:14
ValidateIdTokenStandardClaims
address is a valid object or contains invalid claims
2022-11-27 18:20:14
ValidateIdTokenStandardClaims
email_verified is a boolean
2022-11-27 18:20:14
ValidateIdTokenStandardClaims
Skipping unknown claim: rat
2022-11-27 18:20:14
ValidateIdTokenStandardClaims
profile is a string with content
2022-11-27 18:20:14
ValidateIdTokenStandardClaims
phone_number_verified is a boolean
2022-11-27 18:20:14
ValidateIdTokenStandardClaims
middle_name is a string with content
2022-11-27 18:20:14
ValidateIdTokenStandardClaims
picture is a string with content
2022-11-27 18:20:14
ValidateIdTokenStandardClaims
name is a string with content
2022-11-27 18:20:14
ValidateIdTokenStandardClaims
phone_number is a string with content
2022-11-27 18:20:14 SUCCESS
ValidateIdTokenStandardClaims
id_token claims are valid
2022-11-27 18:20:14 SUCCESS
ValidateIdTokenNonce
Nonce values match
nonce
oRqiR0xxWQ
2022-11-27 18:20:14 SUCCESS
ValidateIdTokenACRClaimAgainstRequest
Nothing to check; the conformance suite did not request an acr claim in request object
2022-11-27 18:20:14 SUCCESS
ValidateIdTokenSignature
id_token signature validated
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiIxIiwiYWRkcmVzcyI6eyJhZGRyZXNzIjp7ImNvdW50cnkiOiJVUyIsImxvY2FsaXR5IjoiTG9zIEFuZ2VsZXMiLCJwb3N0YWxfY29kZSI6IjkwMjEwIiwicmVnaW9uIjoiQ0EiLCJzdHJlZXRfYWRkcmVzcyI6IjEyMzQgSG9sbHl3b29kIEJsdmQuIn0sInBob25lX251bWJlciI6IisxICgzMTApIDEyMy00NTY3In0sImFtciI6WyJwYXNzd29yZCJdLCJhdF9oYXNoIjoiZzhTY19rclhWazFRRTZiQkdhMUYyUSIsImF1ZCI6WyJjZDVjNTAzNS1kNTM2LTQ5MTctYjJjZC1hNjFkYWY3MzA3ZjMiXSwiYXV0aF90aW1lIjoxNjY5NTcxNTg4LCJiaXJ0aGRhdGUiOiIyMDIyLTExLTIzIiwiY19oYXNoIjoiY08zX2ttRzE1U29WZ2d5YjRtajg0USIsImVtYWlsX3ZlcmlmaWVkIjp0cnVlLCJleHAiOjE2Njk1ODA0MTMsImdlbmRlciI6Ik1hbGUiLCJpYXQiOjE2Njk1NzMyMTMsImlzcyI6Imh0dHBzOi8vb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tL29hdXRoMiIsImp0aSI6IjgzOTg1ZTQ5LWI4N2EtNGM2Zi1hNWJjLTgxMDM0MWE1ZTY3NyIsImxvY2FsZSI6ImVuLVVTIiwibWlkZGxlX25hbWUiOiJNaWRkbGVOYW1lIiwibmFtZSI6IklTViBEZXYiLCJuaWNrbmFtZSI6Im5pY2tuYW1lIiwibm9uY2UiOiJvUnFpUjB4eFdRIiwicGhvbmVfbnVtYmVyIjoiMTIzNDU2Nzg5IiwicGhvbmVfbnVtYmVyX3ZlcmlmaWVkIjp0cnVlLCJwaWN0dXJlIjoiaHR0cHM6Ly9vaWRjLWNvbmZvcm1hbmNlLnJlbC52ZXJpZnkuaWJtY2xvdWRzZWN1cml0eS5jb20iLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJpc3ZkZXZAaWJtLmNvbSIsInByb2ZpbGUiOiJFbmQtVXNlciIsInJhdCI6MTY2OTU3MzIwMywicmVhbG1OYW1lIjoiY2xvdWRJZGVudGl0eVJlYWxtIiwic19oYXNoIjoiQnp6RHhQRmJfcUdlbkEtTDdhZmstQSIsInN1YiI6IjYxNjAwMTdONjciLCJ1cGRhdGVkX2F0IjoxNjY5MTcyODU0LCJ3ZWJzaXRlIjoid3d3LmlibS5jb20iLCJ6b25laW5mbyI6IkFtZXJpY2EvTG9zX0FuZ2VsZXMifQ.mcDI48Ba0qKIQnAZXK39BzRUXbB2u-K3_U1FuucsJXpFGovc272KhOofPRQQAxqK3snv7kQGPwELa-aYGbKMcSo-c5qeOfhyTWVSFpf89WeQ_9EFSwiT-rYj5I_526gIlWzsBM3tjT3xluwlJOvuYt9CHYwHnpuNxtixnRxnyaHon-xA7QYEzGxA2NNMkpO2iw90DN8hm3hS2p2CGJApsh5iPWtm8SRu442r5K0tVaSJiIj2185xNcMQMX5yiW9CwZ-4IxzWo8TnYYSm1RmUk-DyapPCQje3_t3EHxNFrvzmU9_2MG1wb0qRK8ma3Szd44ObSrxMD2QIkWGlQpfxcA
2022-11-27 18:20:14 SUCCESS
ValidateIdTokenSignatureUsingKid
id_token signature validated
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiIxIiwiYWRkcmVzcyI6eyJhZGRyZXNzIjp7ImNvdW50cnkiOiJVUyIsImxvY2FsaXR5IjoiTG9zIEFuZ2VsZXMiLCJwb3N0YWxfY29kZSI6IjkwMjEwIiwicmVnaW9uIjoiQ0EiLCJzdHJlZXRfYWRkcmVzcyI6IjEyMzQgSG9sbHl3b29kIEJsdmQuIn0sInBob25lX251bWJlciI6IisxICgzMTApIDEyMy00NTY3In0sImFtciI6WyJwYXNzd29yZCJdLCJhdF9oYXNoIjoiZzhTY19rclhWazFRRTZiQkdhMUYyUSIsImF1ZCI6WyJjZDVjNTAzNS1kNTM2LTQ5MTctYjJjZC1hNjFkYWY3MzA3ZjMiXSwiYXV0aF90aW1lIjoxNjY5NTcxNTg4LCJiaXJ0aGRhdGUiOiIyMDIyLTExLTIzIiwiY19oYXNoIjoiY08zX2ttRzE1U29WZ2d5YjRtajg0USIsImVtYWlsX3ZlcmlmaWVkIjp0cnVlLCJleHAiOjE2Njk1ODA0MTMsImdlbmRlciI6Ik1hbGUiLCJpYXQiOjE2Njk1NzMyMTMsImlzcyI6Imh0dHBzOi8vb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tL29hdXRoMiIsImp0aSI6IjgzOTg1ZTQ5LWI4N2EtNGM2Zi1hNWJjLTgxMDM0MWE1ZTY3NyIsImxvY2FsZSI6ImVuLVVTIiwibWlkZGxlX25hbWUiOiJNaWRkbGVOYW1lIiwibmFtZSI6IklTViBEZXYiLCJuaWNrbmFtZSI6Im5pY2tuYW1lIiwibm9uY2UiOiJvUnFpUjB4eFdRIiwicGhvbmVfbnVtYmVyIjoiMTIzNDU2Nzg5IiwicGhvbmVfbnVtYmVyX3ZlcmlmaWVkIjp0cnVlLCJwaWN0dXJlIjoiaHR0cHM6Ly9vaWRjLWNvbmZvcm1hbmNlLnJlbC52ZXJpZnkuaWJtY2xvdWRzZWN1cml0eS5jb20iLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJpc3ZkZXZAaWJtLmNvbSIsInByb2ZpbGUiOiJFbmQtVXNlciIsInJhdCI6MTY2OTU3MzIwMywicmVhbG1OYW1lIjoiY2xvdWRJZGVudGl0eVJlYWxtIiwic19oYXNoIjoiQnp6RHhQRmJfcUdlbkEtTDdhZmstQSIsInN1YiI6IjYxNjAwMTdONjciLCJ1cGRhdGVkX2F0IjoxNjY5MTcyODU0LCJ3ZWJzaXRlIjoid3d3LmlibS5jb20iLCJ6b25laW5mbyI6IkFtZXJpY2EvTG9zX0FuZ2VsZXMifQ.mcDI48Ba0qKIQnAZXK39BzRUXbB2u-K3_U1FuucsJXpFGovc272KhOofPRQQAxqK3snv7kQGPwELa-aYGbKMcSo-c5qeOfhyTWVSFpf89WeQ_9EFSwiT-rYj5I_526gIlWzsBM3tjT3xluwlJOvuYt9CHYwHnpuNxtixnRxnyaHon-xA7QYEzGxA2NNMkpO2iw90DN8hm3hS2p2CGJApsh5iPWtm8SRu442r5K0tVaSJiIj2185xNcMQMX5yiW9CwZ-4IxzWo8TnYYSm1RmUk-DyapPCQje3_t3EHxNFrvzmU9_2MG1wb0qRK8ma3Szd44ObSrxMD2QIkWGlQpfxcA
2022-11-27 18:20:14 SUCCESS
CheckForSubjectInIdToken
Found 'sub' in id_token
sub
6160017N67
2022-11-27 18:20:14
EnsureIdTokenUpdatedAtValid
id_token response does not contain 'updated_at'
2022-11-27 18:20:14 INFO
ValidateEncryptedIdTokenHasKid
Skipped evaluation due to missing required element: id_token jwe_header
path
jwe_header
mapped
object
id_token
2022-11-27 18:20:14 WARNING
EnsureIdTokenDoesNotContainName
Unexpectedly found name in id_token. The conformance suite did not request the 'name' claim is returned in the id_token and hence did not expect the server to include it. Technically this does not violate the specifications but it is likely a bug in the server and may result in user data being exposed in unintended ways.
name
ISV Dev
2022-11-27 18:20:14 SUCCESS
EnsureIdTokenDoesNotContainEmailForScopeEmail
email claim not found in id_token, which is expected as it was not requested to be returned there
Userinfo endpoint tests
2022-11-27 18:20:14
CallProtectedResource
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/userinfo
request_method
GET
request_headers
{
  "accept": "application/json",
  "authorization": "bearer 14V1XI_l4GPVTuVLCgvYIL3NQ13cck3xS2ZQsEGGB_o.8aS4OUa0YxVtne1nJryKQ_7nW4OsFeNFV7D22kfR2-axZj-21fJVqOYO98QbX6o6PF1AqUNgcgRgo5HWxxdung.M18xNjY5NTczMjEzXzE4",
  "content-length": "0"
}
request_body

                                
2022-11-27 18:20:14 RESPONSE
CallProtectedResource
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK9fe62ed9-8735-4ff9-8ddb-9c9da6c51609",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c2816383aa5e3547bbe1",
  "content-length": "828",
  "date": "Sun, 27 Nov 2022 18:20:14 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:mtvUru6BweS3aVgtFTMpMwAf24rqogK4hvIJ12VffBQ\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:57871319; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d134AA4D4FCAE493224B6862DA64A2829~-1~YAAQr/nerX/N4HuEAQAA8YFRuggMSR8i8eeEJKo8j71I0/bdMU8RlqLgTh0MR9Bf4DqtP1aO2z7/Fhgg62vJrxLqX/CsQ3+PotN98VZUvQCddTG/8VMRx9Q1X8q0Qt5nEu3uT+0swtCZJrYkMLGjLCK6KurYxWKvGB1GIcWvnZHlLEtaqXm8fjuRifu/e5UvSmVYKaoxvrJ+3jfo2Q7zCSQrcwnvd3GN2OwPs9aCefp95Byr0x9JVo4bMWRxQShZiUADOSez0eOJG8yhnCGhZSFIVop+97kpoEH5tR9q2JjcjdgW0ltdxXGQ21AP2VwvNodqiOhART9zwjiTvqO4Q/sqdv4bKgC1ka7+gyZSX1k0mHSseSSl6tu2oXfz0j7XbT6K2zI\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 27 Nov 2023 18:20:14 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003dCEEFF5EBEDD614621A72C146A1E628C0~YAAQr/nerYDN4HuEAQAA8YFRuhH77ROEPRwDV4qGPunEDRCV8NL9THornsGdcvAOtecd3z0L4ykGojTP/aOGxHbe4GeMm2Z1lxbcwASYxv/McdpqFr37nag7GaWWkGBvH1Ct8D+YdzaCQZp2mCKFECcItkOm3Nivbitiw0L4uD3oUynFY5y/fRwfwILJQWiaiqnIWOZoNCoNDAKSv6+qS7yyQZhF+vrAhudWKyiWJg/LrrhTK/3IHSVVBmqgB+2QPL8QGjvRoD4gYFaPzDkoZzcjmVHkeAidLFdRmq98k5hHc/LeJwzQI+07q9+J~3485765~4273465; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dSun, 27 Nov 2022 22:20:14 GMT; Max-Age\u003d14400; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d104",
    "origin; dur\u003d126"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"acr":"1","address":{"address":{"country":"US","locality":"Los Angeles","postal_code":"90210","region":"CA","street_address":"1234 Hollywood Blvd."},"phone_number":"+1 (310) 123-4567"},"amr":["password"],"aud":["cd5c5035-d536-4917-b2cd-a61daf7307f3"],"auth_time":1669571588,"birthdate":"2022-11-23","email_verified":true,"gender":"Male","iss":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2","locale":"en-US","middle_name":"MiddleName","name":"ISV Dev","nickname":"nickname","phone_number":"123456789","phone_number_verified":true,"picture":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com","preferred_username":"isvdev@ibm.com","profile":"End-User","rat":1669573203,"realmName":"cloudIdentityRealm","sub":"6160017N67","updated_at":1669172854,"website":"www.ibm.com","zoneinfo":"America/Los_Angeles"}
2022-11-27 18:20:14 SUCCESS
CallProtectedResource
Got a response from the resource endpoint
status
200
endpoint_name
resource
headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK9fe62ed9-8735-4ff9-8ddb-9c9da6c51609",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c2816383aa5e3547bbe1",
  "content-length": "828",
  "date": "Sun, 27 Nov 2022 18:20:14 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:mtvUru6BweS3aVgtFTMpMwAf24rqogK4hvIJ12VffBQ\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:57871319; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d134AA4D4FCAE493224B6862DA64A2829~-1~YAAQr/nerX/N4HuEAQAA8YFRuggMSR8i8eeEJKo8j71I0/bdMU8RlqLgTh0MR9Bf4DqtP1aO2z7/Fhgg62vJrxLqX/CsQ3+PotN98VZUvQCddTG/8VMRx9Q1X8q0Qt5nEu3uT+0swtCZJrYkMLGjLCK6KurYxWKvGB1GIcWvnZHlLEtaqXm8fjuRifu/e5UvSmVYKaoxvrJ+3jfo2Q7zCSQrcwnvd3GN2OwPs9aCefp95Byr0x9JVo4bMWRxQShZiUADOSez0eOJG8yhnCGhZSFIVop+97kpoEH5tR9q2JjcjdgW0ltdxXGQ21AP2VwvNodqiOhART9zwjiTvqO4Q/sqdv4bKgC1ka7+gyZSX1k0mHSseSSl6tu2oXfz0j7XbT6K2zI\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 27 Nov 2023 18:20:14 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003dCEEFF5EBEDD614621A72C146A1E628C0~YAAQr/nerYDN4HuEAQAA8YFRuhH77ROEPRwDV4qGPunEDRCV8NL9THornsGdcvAOtecd3z0L4ykGojTP/aOGxHbe4GeMm2Z1lxbcwASYxv/McdpqFr37nag7GaWWkGBvH1Ct8D+YdzaCQZp2mCKFECcItkOm3Nivbitiw0L4uD3oUynFY5y/fRwfwILJQWiaiqnIWOZoNCoNDAKSv6+qS7yyQZhF+vrAhudWKyiWJg/LrrhTK/3IHSVVBmqgB+2QPL8QGjvRoD4gYFaPzDkoZzcjmVHkeAidLFdRmq98k5hHc/LeJwzQI+07q9+J~3485765~4273465; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dSun, 27 Nov 2022 22:20:14 GMT; Max-Age\u003d14400; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d104",
    "origin; dur\u003d126"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
body
{"acr":"1","address":{"address":{"country":"US","locality":"Los Angeles","postal_code":"90210","region":"CA","street_address":"1234 Hollywood Blvd."},"phone_number":"+1 (310) 123-4567"},"amr":["password"],"aud":["cd5c5035-d536-4917-b2cd-a61daf7307f3"],"auth_time":1669571588,"birthdate":"2022-11-23","email_verified":true,"gender":"Male","iss":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2","locale":"en-US","middle_name":"MiddleName","name":"ISV Dev","nickname":"nickname","phone_number":"123456789","phone_number_verified":true,"picture":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com","preferred_username":"isvdev@ibm.com","profile":"End-User","rat":1669573203,"realmName":"cloudIdentityRealm","sub":"6160017N67","updated_at":1669172854,"website":"www.ibm.com","zoneinfo":"America/Los_Angeles"}
2022-11-27 18:20:14 SUCCESS
EnsureHttpStatusCodeIs200
resource endpoint returned the expected http status
expected_status
200
http_status
200
2022-11-27 18:20:14 SUCCESS
CreateTokenEndpointRequestForAuthorizationCodeGrant
Created token endpoint request
grant_type
authorization_code
code
ukEe0MWlQLHclTBQT0G-tV8z1ecPf3eTHbsd3nb3Yj0.3YmS3kYcELCF6FLbQRAYOeywKJuoVQ5zJKICaYCyyrd0PGvmkSV1KWK_RGwtIAho26_1MglF92gTQ4V-u9IJPg
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
2022-11-27 18:20:14 SUCCESS
AddBasicAuthClientSecretAuthenticationParameters
Added basic authorization header
Authorization
Basic Y2Q1YzUwMzUtZDUzNi00OTE3LWIyY2QtYTYxZGFmNzMwN2YzOmNwYUZUdGNzQkQ=
2022-11-27 18:20:14
CallTokenEndpoint
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/token
request_method
POST
request_headers
{
  "accept": "application/json",
  "authorization": "Basic Y2Q1YzUwMzUtZDUzNi00OTE3LWIyY2QtYTYxZGFmNzMwN2YzOmNwYUZUdGNzQkQ\u003d",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "267"
}
request_body
grant_type=authorization_code&code=ukEe0MWlQLHclTBQT0G-tV8z1ecPf3eTHbsd3nb3Yj0.3YmS3kYcELCF6FLbQRAYOeywKJuoVQ5zJKICaYCyyrd0PGvmkSV1KWK_RGwtIAho26_1MglF92gTQ4V-u9IJPg&redirect_uri=https%3A%2F%2Fwww.certification.openid.net%2Ftest%2Fa%2Fisv_op_oidc_core_test%2Fcallback
2022-11-27 18:20:15 RESPONSE
CallTokenEndpoint
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK39e66cea-3ce4-476a-b271-239e78f70a19",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c2816383aa5e20655b05",
  "content-length": "1959",
  "date": "Sun, 27 Nov 2022 18:20:15 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:y0KhGW+bFbfO8csZdu5lsuXoi94J1f4GyWaUW78OrMI\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:61017047; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d1D1700B0216B137F87BE273BEEA39095~-1~YAAQr/nerYXN4HuEAQAAMYNRughYibxvedD/rpJ+OIcOk/a9uiF3O3oavPxbQmWqH0ksglacXWD7plrvJjRCwUeyVuUH20M6X5HI2tJpSFqPX84V6jlgEqsGx4PAxJrPXiGf2ktSTaxCUYOZYJqYuGzEUwpfCkGL9xKtl2YHRRAa3nkkHqaBHvH56Vi8y5jpIIvsVh+hzGlrs8TG5qltR7qTHRQ2L10Sk72rgxhUIOQf/yADUU+cHEV8ModzWRMi1l6WdeAkzGkMieQvA/x7TQuI6LLAUIdFCi37sqv4D0uIPBAtagNLHl8i0Fa05UjUNVJm0IGDacIy60ETECYUn7kZLxnRICX6Txfx4Usq0smbKoFNiqeDRy5CV8fcmgItK85QwRA\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 27 Nov 2023 18:20:15 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003dF54B206C923ACBE9CC426E462D5BB346~YAAQr/nerYbN4HuEAQAAMYNRuhErZjEjW8hofJRIPrO3C2Ur6fsD9qUjmX6vSNbhF7ZEh45wV7uA/RInzRBDEOh4R+YieeT8yvz6NWPIPoL/5pMKFTkxm8jg7BKlFDwLqCTt/SbTSHPAD5rR3jn1UuqFS4kIufXnUfci7ybBonZxroOmt6YB+mI3/mZcCUkm1f28HRxRFFf8ILy6YD/U0aD0EQL7JtA2gyCMUphSq77Ug34XnpVsncOy4gFJNR0SzCO8CXT//WUbMc6eYAU0hX9LNVfhtWit8fLDtvW8RnW1TPzNthqYxhnOqNvO~3485765~4273465; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dSun, 27 Nov 2022 22:20:14 GMT; Max-Age\u003d14399; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d93",
    "origin; dur\u003d161"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"access_token":"G6xnuNVjrGGBQ8RkPAIUVJNl_zlTzl4jdhF1G0vZXFg.93i-yAgSpSOgnsAHZbxUiAtt38iF3660WWX-l1Fxl_YICD7Ssus_IIeXfxP7oDideNd1eiO618FKmPIebJEdAQ.M18xNjY5NTczMjE0XzE4","expires_in":7200,"id_token":"eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiIxIiwiYWRkcmVzcyI6eyJhZGRyZXNzIjp7ImNvdW50cnkiOiJVUyIsImxvY2FsaXR5IjoiTG9zIEFuZ2VsZXMiLCJwb3N0YWxfY29kZSI6IjkwMjEwIiwicmVnaW9uIjoiQ0EiLCJzdHJlZXRfYWRkcmVzcyI6IjEyMzQgSG9sbHl3b29kIEJsdmQuIn0sInBob25lX251bWJlciI6IisxICgzMTApIDEyMy00NTY3In0sImFtciI6WyJwYXNzd29yZCJdLCJhdF9oYXNoIjoiWTlEWjZldHNhZjdwc2JJUDktc3owdyIsImF1ZCI6WyJjZDVjNTAzNS1kNTM2LTQ5MTctYjJjZC1hNjFkYWY3MzA3ZjMiXSwiYXV0aF90aW1lIjoxNjY5NTcxNTg4LCJiaXJ0aGRhdGUiOiIyMDIyLTExLTIzIiwiZW1haWxfdmVyaWZpZWQiOnRydWUsImV4cCI6MTY2OTU4MDQxNCwiZ2VuZGVyIjoiTWFsZSIsImlhdCI6MTY2OTU3MzIxNCwiaXNzIjoiaHR0cHM6Ly9vaWRjLWNvbmZvcm1hbmNlLnJlbC52ZXJpZnkuaWJtY2xvdWRzZWN1cml0eS5jb20vb2F1dGgyIiwianRpIjoiMDc3N2Y2MGMtZWY2OC00ZWZmLTgwMjEtYTZiZjVjM2M0YjU5IiwibG9jYWxlIjoiZW4tVVMiLCJtaWRkbGVfbmFtZSI6Ik1pZGRsZU5hbWUiLCJuYW1lIjoiSVNWIERldiIsIm5pY2tuYW1lIjoibmlja25hbWUiLCJub25jZSI6Im9ScWlSMHh4V1EiLCJwaG9uZV9udW1iZXIiOiIxMjM0NTY3ODkiLCJwaG9uZV9udW1iZXJfdmVyaWZpZWQiOnRydWUsInBpY3R1cmUiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbSIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicHJvZmlsZSI6IkVuZC1Vc2VyIiwicmF0IjoxNjY5NTczMjAzLCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJzX2hhc2giOiJCenpEeFBGYl9xR2VuQS1MN2Fmay1BIiwic3ViIjoiNjE2MDAxN042NyIsInVwZGF0ZWRfYXQiOjE2NjkxNzI4NTQsIndlYnNpdGUiOiJ3d3cuaWJtLmNvbSIsInpvbmVpbmZvIjoiQW1lcmljYS9Mb3NfQW5nZWxlcyJ9.chuVq3S-QS2f0ZkrJz8NLmAsMWbRB4aApZ-BWc0ZteOi1j8o4dFKmRGImiEdRANT7dJMgHg9XP-njhOurwixnRvIjpQ_s-r_CaQR_M1lq9EzLtcnhB2n_TsW1xeAKTt70bbBLBnfUNU-LroX-dBVyNEtgX8ydFNUwOXgL1gCsbAUhUNkPhRluStbE_WLrtj834Z3_5Op9m-nVjGc_Q657DQOBUfiny0wo7ojDGtl75qR98HErxkJ4kXZ23kBVDqYkTxIP0b3AtLXh6TtBh9jEbwBZBJTco68KNMjfVPmwNKhBkJ09Iq6tMOCV61jQ8NFPBUYP73tNvooCGGYPx_biw","scope":"openid email","token_type":"bearer"}
2022-11-27 18:20:15 SUCCESS
CallTokenEndpoint
Parsed token endpoint response
access_token
G6xnuNVjrGGBQ8RkPAIUVJNl_zlTzl4jdhF1G0vZXFg.93i-yAgSpSOgnsAHZbxUiAtt38iF3660WWX-l1Fxl_YICD7Ssus_IIeXfxP7oDideNd1eiO618FKmPIebJEdAQ.M18xNjY5NTczMjE0XzE4
expires_in
7200
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiIxIiwiYWRkcmVzcyI6eyJhZGRyZXNzIjp7ImNvdW50cnkiOiJVUyIsImxvY2FsaXR5IjoiTG9zIEFuZ2VsZXMiLCJwb3N0YWxfY29kZSI6IjkwMjEwIiwicmVnaW9uIjoiQ0EiLCJzdHJlZXRfYWRkcmVzcyI6IjEyMzQgSG9sbHl3b29kIEJsdmQuIn0sInBob25lX251bWJlciI6IisxICgzMTApIDEyMy00NTY3In0sImFtciI6WyJwYXNzd29yZCJdLCJhdF9oYXNoIjoiWTlEWjZldHNhZjdwc2JJUDktc3owdyIsImF1ZCI6WyJjZDVjNTAzNS1kNTM2LTQ5MTctYjJjZC1hNjFkYWY3MzA3ZjMiXSwiYXV0aF90aW1lIjoxNjY5NTcxNTg4LCJiaXJ0aGRhdGUiOiIyMDIyLTExLTIzIiwiZW1haWxfdmVyaWZpZWQiOnRydWUsImV4cCI6MTY2OTU4MDQxNCwiZ2VuZGVyIjoiTWFsZSIsImlhdCI6MTY2OTU3MzIxNCwiaXNzIjoiaHR0cHM6Ly9vaWRjLWNvbmZvcm1hbmNlLnJlbC52ZXJpZnkuaWJtY2xvdWRzZWN1cml0eS5jb20vb2F1dGgyIiwianRpIjoiMDc3N2Y2MGMtZWY2OC00ZWZmLTgwMjEtYTZiZjVjM2M0YjU5IiwibG9jYWxlIjoiZW4tVVMiLCJtaWRkbGVfbmFtZSI6Ik1pZGRsZU5hbWUiLCJuYW1lIjoiSVNWIERldiIsIm5pY2tuYW1lIjoibmlja25hbWUiLCJub25jZSI6Im9ScWlSMHh4V1EiLCJwaG9uZV9udW1iZXIiOiIxMjM0NTY3ODkiLCJwaG9uZV9udW1iZXJfdmVyaWZpZWQiOnRydWUsInBpY3R1cmUiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbSIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicHJvZmlsZSI6IkVuZC1Vc2VyIiwicmF0IjoxNjY5NTczMjAzLCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJzX2hhc2giOiJCenpEeFBGYl9xR2VuQS1MN2Fmay1BIiwic3ViIjoiNjE2MDAxN042NyIsInVwZGF0ZWRfYXQiOjE2NjkxNzI4NTQsIndlYnNpdGUiOiJ3d3cuaWJtLmNvbSIsInpvbmVpbmZvIjoiQW1lcmljYS9Mb3NfQW5nZWxlcyJ9.chuVq3S-QS2f0ZkrJz8NLmAsMWbRB4aApZ-BWc0ZteOi1j8o4dFKmRGImiEdRANT7dJMgHg9XP-njhOurwixnRvIjpQ_s-r_CaQR_M1lq9EzLtcnhB2n_TsW1xeAKTt70bbBLBnfUNU-LroX-dBVyNEtgX8ydFNUwOXgL1gCsbAUhUNkPhRluStbE_WLrtj834Z3_5Op9m-nVjGc_Q657DQOBUfiny0wo7ojDGtl75qR98HErxkJ4kXZ23kBVDqYkTxIP0b3AtLXh6TtBh9jEbwBZBJTco68KNMjfVPmwNKhBkJ09Iq6tMOCV61jQ8NFPBUYP73tNvooCGGYPx_biw
scope
openid email
token_type
bearer
2022-11-27 18:20:15 SUCCESS
CheckIfTokenEndpointResponseError
No error from token endpoint
2022-11-27 18:20:15 SUCCESS
CheckForAccessTokenValue
Found an access token
access_token
G6xnuNVjrGGBQ8RkPAIUVJNl_zlTzl4jdhF1G0vZXFg.93i-yAgSpSOgnsAHZbxUiAtt38iF3660WWX-l1Fxl_YICD7Ssus_IIeXfxP7oDideNd1eiO618FKmPIebJEdAQ.M18xNjY5NTczMjE0XzE4
2022-11-27 18:20:15 SUCCESS
ExtractAccessTokenFromTokenResponse
Extracted the access token
value
G6xnuNVjrGGBQ8RkPAIUVJNl_zlTzl4jdhF1G0vZXFg.93i-yAgSpSOgnsAHZbxUiAtt38iF3660WWX-l1Fxl_YICD7Ssus_IIeXfxP7oDideNd1eiO618FKmPIebJEdAQ.M18xNjY5NTczMjE0XzE4
type
bearer
2022-11-27 18:20:15 SUCCESS
ExtractExpiresInFromTokenEndpointResponse
Extracted 'expires_in'
expires_in
7200
2022-11-27 18:20:15 SUCCESS
ValidateExpiresIn
expires_in passed all validation checks
expires_in
7200
2022-11-27 18:20:15 INFO
CheckForRefreshTokenValue
Couldn't find refresh token
2022-11-27 18:20:15 SUCCESS
ExtractIdTokenFromTokenResponse
Found and parsed the id_token from token_endpoint_response
value
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiIxIiwiYWRkcmVzcyI6eyJhZGRyZXNzIjp7ImNvdW50cnkiOiJVUyIsImxvY2FsaXR5IjoiTG9zIEFuZ2VsZXMiLCJwb3N0YWxfY29kZSI6IjkwMjEwIiwicmVnaW9uIjoiQ0EiLCJzdHJlZXRfYWRkcmVzcyI6IjEyMzQgSG9sbHl3b29kIEJsdmQuIn0sInBob25lX251bWJlciI6IisxICgzMTApIDEyMy00NTY3In0sImFtciI6WyJwYXNzd29yZCJdLCJhdF9oYXNoIjoiWTlEWjZldHNhZjdwc2JJUDktc3owdyIsImF1ZCI6WyJjZDVjNTAzNS1kNTM2LTQ5MTctYjJjZC1hNjFkYWY3MzA3ZjMiXSwiYXV0aF90aW1lIjoxNjY5NTcxNTg4LCJiaXJ0aGRhdGUiOiIyMDIyLTExLTIzIiwiZW1haWxfdmVyaWZpZWQiOnRydWUsImV4cCI6MTY2OTU4MDQxNCwiZ2VuZGVyIjoiTWFsZSIsImlhdCI6MTY2OTU3MzIxNCwiaXNzIjoiaHR0cHM6Ly9vaWRjLWNvbmZvcm1hbmNlLnJlbC52ZXJpZnkuaWJtY2xvdWRzZWN1cml0eS5jb20vb2F1dGgyIiwianRpIjoiMDc3N2Y2MGMtZWY2OC00ZWZmLTgwMjEtYTZiZjVjM2M0YjU5IiwibG9jYWxlIjoiZW4tVVMiLCJtaWRkbGVfbmFtZSI6Ik1pZGRsZU5hbWUiLCJuYW1lIjoiSVNWIERldiIsIm5pY2tuYW1lIjoibmlja25hbWUiLCJub25jZSI6Im9ScWlSMHh4V1EiLCJwaG9uZV9udW1iZXIiOiIxMjM0NTY3ODkiLCJwaG9uZV9udW1iZXJfdmVyaWZpZWQiOnRydWUsInBpY3R1cmUiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbSIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicHJvZmlsZSI6IkVuZC1Vc2VyIiwicmF0IjoxNjY5NTczMjAzLCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJzX2hhc2giOiJCenpEeFBGYl9xR2VuQS1MN2Fmay1BIiwic3ViIjoiNjE2MDAxN042NyIsInVwZGF0ZWRfYXQiOjE2NjkxNzI4NTQsIndlYnNpdGUiOiJ3d3cuaWJtLmNvbSIsInpvbmVpbmZvIjoiQW1lcmljYS9Mb3NfQW5nZWxlcyJ9.chuVq3S-QS2f0ZkrJz8NLmAsMWbRB4aApZ-BWc0ZteOi1j8o4dFKmRGImiEdRANT7dJMgHg9XP-njhOurwixnRvIjpQ_s-r_CaQR_M1lq9EzLtcnhB2n_TsW1xeAKTt70bbBLBnfUNU-LroX-dBVyNEtgX8ydFNUwOXgL1gCsbAUhUNkPhRluStbE_WLrtj834Z3_5Op9m-nVjGc_Q657DQOBUfiny0wo7ojDGtl75qR98HErxkJ4kXZ23kBVDqYkTxIP0b3AtLXh6TtBh9jEbwBZBJTco68KNMjfVPmwNKhBkJ09Iq6tMOCV61jQ8NFPBUYP73tNvooCGGYPx_biw
header
{
  "kid": "server",
  "alg": "RS256"
}
claims
{
  "at_hash": "Y9DZ6etsaf7psbIP9-sz0w",
  "sub": "6160017N67",
  "zoneinfo": "America/Los_Angeles",
  "birthdate": "2022-11-23",
  "gender": "Male",
  "realmName": "cloudIdentityRealm",
  "amr": [
    "password"
  ],
  "iss": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "preferred_username": "isvdev@ibm.com",
  "locale": "en-US",
  "acr": "1",
  "updated_at": 1669172854,
  "auth_time": 1669571588,
  "nickname": "nickname",
  "exp": 1669580414,
  "iat": 1669573214,
  "jti": "0777f60c-ef68-4eff-8021-a6bf5c3c4b59",
  "website": "www.ibm.com",
  "address": {
    "address": {
      "country": "US",
      "street_address": "1234 Hollywood Blvd.",
      "locality": "Los Angeles",
      "postal_code": "90210",
      "region": "CA"
    },
    "phone_number": "+1 (310) 123-4567"
  },
  "email_verified": true,
  "rat": 1669573203,
  "profile": "End-User",
  "phone_number_verified": true,
  "middle_name": "MiddleName",
  "nonce": "oRqiR0xxWQ",
  "picture": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com",
  "aud": "cd5c5035-d536-4917-b2cd-a61daf7307f3",
  "s_hash": "BzzDxPFb_qGenA-L7afk-A",
  "name": "ISV Dev",
  "phone_number": "123456789"
}
2022-11-27 18:20:15 SUCCESS
ValidateIdToken
ID token iss, aud, exp, iat, auth_time, acr & nbf claims passed validation checks
2022-11-27 18:20:15
ValidateIdTokenStandardClaims
sub is a string with content
2022-11-27 18:20:15
ValidateIdTokenStandardClaims
zoneinfo is a string with content
2022-11-27 18:20:15
ValidateIdTokenStandardClaims
birthdate is a valid birthdate in the format stated in OpenID Connect Standard - YYYY-MM-DD, 0000-MM-DD or YYYY
2022-11-27 18:20:15
ValidateIdTokenStandardClaims
gender is a string with content
2022-11-27 18:20:15
ValidateIdTokenStandardClaims
Skipping unknown claim: realmName
2022-11-27 18:20:15
ValidateIdTokenStandardClaims
preferred_username is a string with content
2022-11-27 18:20:15
ValidateIdTokenStandardClaims
locale is a string with content
2022-11-27 18:20:15
ValidateIdTokenStandardClaims
updated_at is a number
2022-11-27 18:20:15
ValidateIdTokenStandardClaims
nickname is a string with content
2022-11-27 18:20:15
ValidateIdTokenStandardClaims
website is a string with content
2022-11-27 18:20:15
ValidateIdTokenStandardClaims
Skipping unknown claim: address.address
2022-11-27 18:20:15
ValidateIdTokenStandardClaims
Skipping unknown claim: address.phone_number
2022-11-27 18:20:15
ValidateIdTokenStandardClaims
address is a valid object or contains invalid claims
2022-11-27 18:20:15
ValidateIdTokenStandardClaims
email_verified is a boolean
2022-11-27 18:20:15
ValidateIdTokenStandardClaims
Skipping unknown claim: rat
2022-11-27 18:20:15
ValidateIdTokenStandardClaims
profile is a string with content
2022-11-27 18:20:15
ValidateIdTokenStandardClaims
phone_number_verified is a boolean
2022-11-27 18:20:15
ValidateIdTokenStandardClaims
middle_name is a string with content
2022-11-27 18:20:15
ValidateIdTokenStandardClaims
picture is a string with content
2022-11-27 18:20:15
ValidateIdTokenStandardClaims
name is a string with content
2022-11-27 18:20:15
ValidateIdTokenStandardClaims
phone_number is a string with content
2022-11-27 18:20:15 SUCCESS
ValidateIdTokenStandardClaims
id_token claims are valid
2022-11-27 18:20:15 SUCCESS
ValidateIdTokenNonce
Nonce values match
nonce
oRqiR0xxWQ
2022-11-27 18:20:15 SUCCESS
ValidateIdTokenACRClaimAgainstRequest
Nothing to check; the conformance suite did not request an acr claim in request object
2022-11-27 18:20:15 SUCCESS
ValidateIdTokenSignature
id_token signature validated
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiIxIiwiYWRkcmVzcyI6eyJhZGRyZXNzIjp7ImNvdW50cnkiOiJVUyIsImxvY2FsaXR5IjoiTG9zIEFuZ2VsZXMiLCJwb3N0YWxfY29kZSI6IjkwMjEwIiwicmVnaW9uIjoiQ0EiLCJzdHJlZXRfYWRkcmVzcyI6IjEyMzQgSG9sbHl3b29kIEJsdmQuIn0sInBob25lX251bWJlciI6IisxICgzMTApIDEyMy00NTY3In0sImFtciI6WyJwYXNzd29yZCJdLCJhdF9oYXNoIjoiWTlEWjZldHNhZjdwc2JJUDktc3owdyIsImF1ZCI6WyJjZDVjNTAzNS1kNTM2LTQ5MTctYjJjZC1hNjFkYWY3MzA3ZjMiXSwiYXV0aF90aW1lIjoxNjY5NTcxNTg4LCJiaXJ0aGRhdGUiOiIyMDIyLTExLTIzIiwiZW1haWxfdmVyaWZpZWQiOnRydWUsImV4cCI6MTY2OTU4MDQxNCwiZ2VuZGVyIjoiTWFsZSIsImlhdCI6MTY2OTU3MzIxNCwiaXNzIjoiaHR0cHM6Ly9vaWRjLWNvbmZvcm1hbmNlLnJlbC52ZXJpZnkuaWJtY2xvdWRzZWN1cml0eS5jb20vb2F1dGgyIiwianRpIjoiMDc3N2Y2MGMtZWY2OC00ZWZmLTgwMjEtYTZiZjVjM2M0YjU5IiwibG9jYWxlIjoiZW4tVVMiLCJtaWRkbGVfbmFtZSI6Ik1pZGRsZU5hbWUiLCJuYW1lIjoiSVNWIERldiIsIm5pY2tuYW1lIjoibmlja25hbWUiLCJub25jZSI6Im9ScWlSMHh4V1EiLCJwaG9uZV9udW1iZXIiOiIxMjM0NTY3ODkiLCJwaG9uZV9udW1iZXJfdmVyaWZpZWQiOnRydWUsInBpY3R1cmUiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbSIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicHJvZmlsZSI6IkVuZC1Vc2VyIiwicmF0IjoxNjY5NTczMjAzLCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJzX2hhc2giOiJCenpEeFBGYl9xR2VuQS1MN2Fmay1BIiwic3ViIjoiNjE2MDAxN042NyIsInVwZGF0ZWRfYXQiOjE2NjkxNzI4NTQsIndlYnNpdGUiOiJ3d3cuaWJtLmNvbSIsInpvbmVpbmZvIjoiQW1lcmljYS9Mb3NfQW5nZWxlcyJ9.chuVq3S-QS2f0ZkrJz8NLmAsMWbRB4aApZ-BWc0ZteOi1j8o4dFKmRGImiEdRANT7dJMgHg9XP-njhOurwixnRvIjpQ_s-r_CaQR_M1lq9EzLtcnhB2n_TsW1xeAKTt70bbBLBnfUNU-LroX-dBVyNEtgX8ydFNUwOXgL1gCsbAUhUNkPhRluStbE_WLrtj834Z3_5Op9m-nVjGc_Q657DQOBUfiny0wo7ojDGtl75qR98HErxkJ4kXZ23kBVDqYkTxIP0b3AtLXh6TtBh9jEbwBZBJTco68KNMjfVPmwNKhBkJ09Iq6tMOCV61jQ8NFPBUYP73tNvooCGGYPx_biw
2022-11-27 18:20:15 SUCCESS
ValidateIdTokenSignatureUsingKid
id_token signature validated
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiIxIiwiYWRkcmVzcyI6eyJhZGRyZXNzIjp7ImNvdW50cnkiOiJVUyIsImxvY2FsaXR5IjoiTG9zIEFuZ2VsZXMiLCJwb3N0YWxfY29kZSI6IjkwMjEwIiwicmVnaW9uIjoiQ0EiLCJzdHJlZXRfYWRkcmVzcyI6IjEyMzQgSG9sbHl3b29kIEJsdmQuIn0sInBob25lX251bWJlciI6IisxICgzMTApIDEyMy00NTY3In0sImFtciI6WyJwYXNzd29yZCJdLCJhdF9oYXNoIjoiWTlEWjZldHNhZjdwc2JJUDktc3owdyIsImF1ZCI6WyJjZDVjNTAzNS1kNTM2LTQ5MTctYjJjZC1hNjFkYWY3MzA3ZjMiXSwiYXV0aF90aW1lIjoxNjY5NTcxNTg4LCJiaXJ0aGRhdGUiOiIyMDIyLTExLTIzIiwiZW1haWxfdmVyaWZpZWQiOnRydWUsImV4cCI6MTY2OTU4MDQxNCwiZ2VuZGVyIjoiTWFsZSIsImlhdCI6MTY2OTU3MzIxNCwiaXNzIjoiaHR0cHM6Ly9vaWRjLWNvbmZvcm1hbmNlLnJlbC52ZXJpZnkuaWJtY2xvdWRzZWN1cml0eS5jb20vb2F1dGgyIiwianRpIjoiMDc3N2Y2MGMtZWY2OC00ZWZmLTgwMjEtYTZiZjVjM2M0YjU5IiwibG9jYWxlIjoiZW4tVVMiLCJtaWRkbGVfbmFtZSI6Ik1pZGRsZU5hbWUiLCJuYW1lIjoiSVNWIERldiIsIm5pY2tuYW1lIjoibmlja25hbWUiLCJub25jZSI6Im9ScWlSMHh4V1EiLCJwaG9uZV9udW1iZXIiOiIxMjM0NTY3ODkiLCJwaG9uZV9udW1iZXJfdmVyaWZpZWQiOnRydWUsInBpY3R1cmUiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbSIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicHJvZmlsZSI6IkVuZC1Vc2VyIiwicmF0IjoxNjY5NTczMjAzLCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJzX2hhc2giOiJCenpEeFBGYl9xR2VuQS1MN2Fmay1BIiwic3ViIjoiNjE2MDAxN042NyIsInVwZGF0ZWRfYXQiOjE2NjkxNzI4NTQsIndlYnNpdGUiOiJ3d3cuaWJtLmNvbSIsInpvbmVpbmZvIjoiQW1lcmljYS9Mb3NfQW5nZWxlcyJ9.chuVq3S-QS2f0ZkrJz8NLmAsMWbRB4aApZ-BWc0ZteOi1j8o4dFKmRGImiEdRANT7dJMgHg9XP-njhOurwixnRvIjpQ_s-r_CaQR_M1lq9EzLtcnhB2n_TsW1xeAKTt70bbBLBnfUNU-LroX-dBVyNEtgX8ydFNUwOXgL1gCsbAUhUNkPhRluStbE_WLrtj834Z3_5Op9m-nVjGc_Q657DQOBUfiny0wo7ojDGtl75qR98HErxkJ4kXZ23kBVDqYkTxIP0b3AtLXh6TtBh9jEbwBZBJTco68KNMjfVPmwNKhBkJ09Iq6tMOCV61jQ8NFPBUYP73tNvooCGGYPx_biw
2022-11-27 18:20:15 SUCCESS
CheckForSubjectInIdToken
Found 'sub' in id_token
sub
6160017N67
2022-11-27 18:20:15
EnsureIdTokenUpdatedAtValid
id_token response does not contain 'updated_at'
2022-11-27 18:20:15 INFO
ValidateEncryptedIdTokenHasKid
Skipped evaluation due to missing required element: id_token jwe_header
path
jwe_header
mapped
object
id_token
2022-11-27 18:20:15 WARNING
EnsureIdTokenDoesNotContainName
Unexpectedly found name in id_token. The conformance suite did not request the 'name' claim is returned in the id_token and hence did not expect the server to include it. Technically this does not violate the specifications but it is likely a bug in the server and may result in user data being exposed in unintended ways.
name
ISV Dev
2022-11-27 18:20:15 SUCCESS
EnsureIdTokenDoesNotContainEmailForScopeEmail
email claim not found in id_token, which is expected as it was not requested to be returned there
2022-11-27 18:20:15 SUCCESS
VerifyIdTokenSubConsistentHybridFlow
authorization endpoint and token endpoint id_token have same sub
sub_auth_endpoint
6160017N67
sub_token_endpoint
6160017N67
Userinfo endpoint tests
2022-11-27 18:20:15
CallProtectedResource
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/userinfo
request_method
GET
request_headers
{
  "accept": "application/json",
  "authorization": "bearer G6xnuNVjrGGBQ8RkPAIUVJNl_zlTzl4jdhF1G0vZXFg.93i-yAgSpSOgnsAHZbxUiAtt38iF3660WWX-l1Fxl_YICD7Ssus_IIeXfxP7oDideNd1eiO618FKmPIebJEdAQ.M18xNjY5NTczMjE0XzE4",
  "content-length": "0"
}
request_body

                                
2022-11-27 18:20:15 RESPONSE
CallProtectedResource
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK847e88ca-3683-4dbe-918b-587af6776410",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c2816383aa5f03da9357",
  "content-length": "828",
  "date": "Sun, 27 Nov 2022 18:20:15 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:rPftzjjPEUS2yBIGI+RIDfieu2xlienp+GEt5K6BXIM\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:61017047; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003dEAB45F652690FD8995DADC96A67BB561~-1~YAAQr/nerYrN4HuEAQAAQYRRugjKt0ZrfgsOpkcJTDbbvbnOJgqOLCbIjzIR1qnKfIkTVwNeZQU6Ho5d+gKAbXpA4veySfnTQVlPb4ArV/ot0dgnC40IA05gnR1qWEH9rc9eeRZiiPs7qoCT2iM1P86F8OIlRCbSbzpIveNfwQ607ecmBQfzvdHL4jEUKMwZyW6doRARxlLT7KD3z72oXhppoyYZ4XKYCqyqMNsPrGRgl8EDDC+fJbZ1LlQ+9FDhxG/MmtD8UbbhYqnSTllTSos6QlLu+mvZjt2NcAMGbmfU6l0RFADVZ+xmSc7+2R9xnpPGPKQ5ioRGI2ipFyjaxtfx889CXVDVH/8RAk5odEvr5zH0a+Qf3W5dHxaoSG3Ux+zcyNw\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 27 Nov 2023 18:20:15 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d83E826EE60DA743BAFFA08CE9E4394FF~YAAQr/nerYvN4HuEAQAAQYRRuhHmjZW7MZrOkkx4jOaeaX1ZhNeQsjpAysy3nBqHWXDh9BNKqh0KdZrPiu+fTGSx9T3iJZHlzo8POsPl/NZmolD1nWn8fYEKrL6loacqE+ZRiC+p141jrTvrUUkx4VK8wnSvClm5J5C5ONi2HH2ZNZA/o3KrnkRHdwTFoRevzrghKfBXT6Sh8bLuxKGbnKLv4LAZVyGzVV7feyDJpWpefG31tquaDVno1kWcXGLplOUnyI36OHYcV+4F1BzvctgomYNTDT8WODr330jf2F1iF1FWxPagMDN4ZkWd~4339255~4337716; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dSun, 27 Nov 2022 22:20:15 GMT; Max-Age\u003d14400; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d90",
    "origin; dur\u003d101"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"acr":"1","address":{"address":{"country":"US","locality":"Los Angeles","postal_code":"90210","region":"CA","street_address":"1234 Hollywood Blvd."},"phone_number":"+1 (310) 123-4567"},"amr":["password"],"aud":["cd5c5035-d536-4917-b2cd-a61daf7307f3"],"auth_time":1669571588,"birthdate":"2022-11-23","email_verified":true,"gender":"Male","iss":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2","locale":"en-US","middle_name":"MiddleName","name":"ISV Dev","nickname":"nickname","phone_number":"123456789","phone_number_verified":true,"picture":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com","preferred_username":"isvdev@ibm.com","profile":"End-User","rat":1669573203,"realmName":"cloudIdentityRealm","sub":"6160017N67","updated_at":1669172854,"website":"www.ibm.com","zoneinfo":"America/Los_Angeles"}
2022-11-27 18:20:15 SUCCESS
CallProtectedResource
Got a response from the resource endpoint
status
200
endpoint_name
resource
headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK847e88ca-3683-4dbe-918b-587af6776410",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c2816383aa5f03da9357",
  "content-length": "828",
  "date": "Sun, 27 Nov 2022 18:20:15 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:rPftzjjPEUS2yBIGI+RIDfieu2xlienp+GEt5K6BXIM\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:61017047; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003dEAB45F652690FD8995DADC96A67BB561~-1~YAAQr/nerYrN4HuEAQAAQYRRugjKt0ZrfgsOpkcJTDbbvbnOJgqOLCbIjzIR1qnKfIkTVwNeZQU6Ho5d+gKAbXpA4veySfnTQVlPb4ArV/ot0dgnC40IA05gnR1qWEH9rc9eeRZiiPs7qoCT2iM1P86F8OIlRCbSbzpIveNfwQ607ecmBQfzvdHL4jEUKMwZyW6doRARxlLT7KD3z72oXhppoyYZ4XKYCqyqMNsPrGRgl8EDDC+fJbZ1LlQ+9FDhxG/MmtD8UbbhYqnSTllTSos6QlLu+mvZjt2NcAMGbmfU6l0RFADVZ+xmSc7+2R9xnpPGPKQ5ioRGI2ipFyjaxtfx889CXVDVH/8RAk5odEvr5zH0a+Qf3W5dHxaoSG3Ux+zcyNw\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 27 Nov 2023 18:20:15 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d83E826EE60DA743BAFFA08CE9E4394FF~YAAQr/nerYvN4HuEAQAAQYRRuhHmjZW7MZrOkkx4jOaeaX1ZhNeQsjpAysy3nBqHWXDh9BNKqh0KdZrPiu+fTGSx9T3iJZHlzo8POsPl/NZmolD1nWn8fYEKrL6loacqE+ZRiC+p141jrTvrUUkx4VK8wnSvClm5J5C5ONi2HH2ZNZA/o3KrnkRHdwTFoRevzrghKfBXT6Sh8bLuxKGbnKLv4LAZVyGzVV7feyDJpWpefG31tquaDVno1kWcXGLplOUnyI36OHYcV+4F1BzvctgomYNTDT8WODr330jf2F1iF1FWxPagMDN4ZkWd~4339255~4337716; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dSun, 27 Nov 2022 22:20:15 GMT; Max-Age\u003d14400; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d90",
    "origin; dur\u003d101"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
body
{"acr":"1","address":{"address":{"country":"US","locality":"Los Angeles","postal_code":"90210","region":"CA","street_address":"1234 Hollywood Blvd."},"phone_number":"+1 (310) 123-4567"},"amr":["password"],"aud":["cd5c5035-d536-4917-b2cd-a61daf7307f3"],"auth_time":1669571588,"birthdate":"2022-11-23","email_verified":true,"gender":"Male","iss":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2","locale":"en-US","middle_name":"MiddleName","name":"ISV Dev","nickname":"nickname","phone_number":"123456789","phone_number_verified":true,"picture":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com","preferred_username":"isvdev@ibm.com","profile":"End-User","rat":1669573203,"realmName":"cloudIdentityRealm","sub":"6160017N67","updated_at":1669172854,"website":"www.ibm.com","zoneinfo":"America/Los_Angeles"}
2022-11-27 18:20:15 SUCCESS
EnsureHttpStatusCodeIs200
resource endpoint returned the expected http status
expected_status
200
http_status
200
2022-11-27 18:20:15
CallUserInfoEndpoint
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/userinfo
request_method
GET
request_headers
{
  "accept": "application/json",
  "authorization": "bearer G6xnuNVjrGGBQ8RkPAIUVJNl_zlTzl4jdhF1G0vZXFg.93i-yAgSpSOgnsAHZbxUiAtt38iF3660WWX-l1Fxl_YICD7Ssus_IIeXfxP7oDideNd1eiO618FKmPIebJEdAQ.M18xNjY5NTczMjE0XzE4",
  "content-length": "0"
}
request_body

                                
2022-11-27 18:20:15 RESPONSE
CallUserInfoEndpoint
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK0e951540-67d5-48a1-8432-669e795277f8",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c2816383aa5f3547e381",
  "content-length": "828",
  "date": "Sun, 27 Nov 2022 18:20:15 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:euqa1q9bcisbKm3TOr5dVUUFanF1D3lHRXmROm8rVP4\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:61017047; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003dA967CA1064B29B2258CD27BA7F4AA7E0~-1~YAAQr/nerY7N4HuEAQAAWYVRugjDgW5C2jnwYDv2xPWarE3T254zmxIi5QNgMNc/Ok80A72wJQ6kEDfBt1YeLZ8SSgs0R5jQMkboK+5CSSR3CJsL2M8g+SYwiQTonP6+LzGufSYUUSe3rh3+eiNXdW2Pd0j3nmsnlwHozrohLIyjo7NC0dKJREIbAHsiY9iqscIpWkgpVoWsrnjm5JN9jQ9d0my9Hg1T7QyweywauYxopm1gNt1K7Yg2/S4uefSQRnfmE/BnOGnCOIFie6gfu/Nw9s9A8twJoW00yTZHY6WHv3JWz8KQDdNXKBgAuCb6ECUjhKC1EEsF4sg7rQ/Sk2gpJ7fQtLYw/fGPdGd6YGyTnN816mW3Trqk5/RF6efd/kcuX/0\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 27 Nov 2023 18:20:15 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003dA5ED44B700F67273E1A7D5A16B01776C~YAAQr/nerY/N4HuEAQAAWYVRuhFpS5hkMCI/5El+K7l+YC1/X23nRaUj/pcM9yPRrnCgH2wyghN6DGy8dE2Zqr6fMo0FtDZAs3vUNk3Gel59epVdjfKTUkpGgOHCiWf/D6fnP5MvcZcWYbypVmwUbVCnwPt2exVPBLU3ZAXLcPGZ1uUHZ8J5Oh0Pw7B88lSqa+4Ng+AgY8jHJDG9f70avhrduxNRiqQFMJKETnbOm8cdNCI1ur/rJz6EQOqh0nNe6zCQ0LyCLoCjJQ3YcXsCJRYYFDA8waqAd51Xit7NubKmNR/wtV9stGxoMGi7~4339255~4337716; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dSun, 27 Nov 2022 22:20:15 GMT; Max-Age\u003d14400; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d89",
    "origin; dur\u003d120"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"acr":"1","address":{"address":{"country":"US","locality":"Los Angeles","postal_code":"90210","region":"CA","street_address":"1234 Hollywood Blvd."},"phone_number":"+1 (310) 123-4567"},"amr":["password"],"aud":["cd5c5035-d536-4917-b2cd-a61daf7307f3"],"auth_time":1669571588,"birthdate":"2022-11-23","email_verified":true,"gender":"Male","iss":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2","locale":"en-US","middle_name":"MiddleName","name":"ISV Dev","nickname":"nickname","phone_number":"123456789","phone_number_verified":true,"picture":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com","preferred_username":"isvdev@ibm.com","profile":"End-User","rat":1669573203,"realmName":"cloudIdentityRealm","sub":"6160017N67","updated_at":1669172854,"website":"www.ibm.com","zoneinfo":"America/Los_Angeles"}
2022-11-27 18:20:15 SUCCESS
CallUserInfoEndpoint
Got a response from the userinfo endpoint
headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK0e951540-67d5-48a1-8432-669e795277f8",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c2816383aa5f3547e381",
  "content-length": "828",
  "date": "Sun, 27 Nov 2022 18:20:15 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:euqa1q9bcisbKm3TOr5dVUUFanF1D3lHRXmROm8rVP4\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:61017047; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003dA967CA1064B29B2258CD27BA7F4AA7E0~-1~YAAQr/nerY7N4HuEAQAAWYVRugjDgW5C2jnwYDv2xPWarE3T254zmxIi5QNgMNc/Ok80A72wJQ6kEDfBt1YeLZ8SSgs0R5jQMkboK+5CSSR3CJsL2M8g+SYwiQTonP6+LzGufSYUUSe3rh3+eiNXdW2Pd0j3nmsnlwHozrohLIyjo7NC0dKJREIbAHsiY9iqscIpWkgpVoWsrnjm5JN9jQ9d0my9Hg1T7QyweywauYxopm1gNt1K7Yg2/S4uefSQRnfmE/BnOGnCOIFie6gfu/Nw9s9A8twJoW00yTZHY6WHv3JWz8KQDdNXKBgAuCb6ECUjhKC1EEsF4sg7rQ/Sk2gpJ7fQtLYw/fGPdGd6YGyTnN816mW3Trqk5/RF6efd/kcuX/0\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 27 Nov 2023 18:20:15 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003dA5ED44B700F67273E1A7D5A16B01776C~YAAQr/nerY/N4HuEAQAAWYVRuhFpS5hkMCI/5El+K7l+YC1/X23nRaUj/pcM9yPRrnCgH2wyghN6DGy8dE2Zqr6fMo0FtDZAs3vUNk3Gel59epVdjfKTUkpGgOHCiWf/D6fnP5MvcZcWYbypVmwUbVCnwPt2exVPBLU3ZAXLcPGZ1uUHZ8J5Oh0Pw7B88lSqa+4Ng+AgY8jHJDG9f70avhrduxNRiqQFMJKETnbOm8cdNCI1ur/rJz6EQOqh0nNe6zCQ0LyCLoCjJQ3YcXsCJRYYFDA8waqAd51Xit7NubKmNR/wtV9stGxoMGi7~4339255~4337716; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dSun, 27 Nov 2022 22:20:15 GMT; Max-Age\u003d14400; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d89",
    "origin; dur\u003d120"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
status_code
{
  "code": 200
}
body
{"acr":"1","address":{"address":{"country":"US","locality":"Los Angeles","postal_code":"90210","region":"CA","street_address":"1234 Hollywood Blvd."},"phone_number":"+1 (310) 123-4567"},"amr":["password"],"aud":["cd5c5035-d536-4917-b2cd-a61daf7307f3"],"auth_time":1669571588,"birthdate":"2022-11-23","email_verified":true,"gender":"Male","iss":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2","locale":"en-US","middle_name":"MiddleName","name":"ISV Dev","nickname":"nickname","phone_number":"123456789","phone_number_verified":true,"picture":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com","preferred_username":"isvdev@ibm.com","profile":"End-User","rat":1669573203,"realmName":"cloudIdentityRealm","sub":"6160017N67","updated_at":1669172854,"website":"www.ibm.com","zoneinfo":"America/Los_Angeles"}
2022-11-27 18:20:15 SUCCESS
EnsureHttpStatusCodeIs200
resource endpoint returned the expected http status
expected_status
200
http_status
200
2022-11-27 18:20:15 SUCCESS
ExtractUserInfoFromUserInfoEndpointResponse
Extracted user info
userinfo
{
  "acr": "1",
  "address": {
    "address": {
      "country": "US",
      "locality": "Los Angeles",
      "postal_code": "90210",
      "region": "CA",
      "street_address": "1234 Hollywood Blvd."
    },
    "phone_number": "+1 (310) 123-4567"
  },
  "amr": [
    "password"
  ],
  "aud": [
    "cd5c5035-d536-4917-b2cd-a61daf7307f3"
  ],
  "auth_time": 1669571588,
  "birthdate": "2022-11-23",
  "email_verified": true,
  "gender": "Male",
  "iss": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "locale": "en-US",
  "middle_name": "MiddleName",
  "name": "ISV Dev",
  "nickname": "nickname",
  "phone_number": "123456789",
  "phone_number_verified": true,
  "picture": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com",
  "preferred_username": "isvdev@ibm.com",
  "profile": "End-User",
  "rat": 1669573203,
  "realmName": "cloudIdentityRealm",
  "sub": "6160017N67",
  "updated_at": 1669172854,
  "website": "www.ibm.com",
  "zoneinfo": "America/Los_Angeles"
}
2022-11-27 18:20:15
ValidateUserInfoStandardClaims
Skipping unknown claim: acr
2022-11-27 18:20:15
ValidateUserInfoStandardClaims
Skipping unknown claim: address.address
2022-11-27 18:20:15
ValidateUserInfoStandardClaims
Skipping unknown claim: address.phone_number
2022-11-27 18:20:15
ValidateUserInfoStandardClaims
address is a valid object or contains invalid claims
2022-11-27 18:20:15
ValidateUserInfoStandardClaims
Skipping unknown claim: amr
2022-11-27 18:20:15
ValidateUserInfoStandardClaims
Skipping unknown claim: aud
2022-11-27 18:20:15
ValidateUserInfoStandardClaims
Skipping unknown claim: auth_time
2022-11-27 18:20:15
ValidateUserInfoStandardClaims
birthdate is a valid birthdate in the format stated in OpenID Connect Standard - YYYY-MM-DD, 0000-MM-DD or YYYY
2022-11-27 18:20:15
ValidateUserInfoStandardClaims
email_verified is a boolean
2022-11-27 18:20:15
ValidateUserInfoStandardClaims
gender is a string with content
2022-11-27 18:20:15
ValidateUserInfoStandardClaims
Skipping unknown claim: iss
2022-11-27 18:20:15
ValidateUserInfoStandardClaims
locale is a string with content
2022-11-27 18:20:15
ValidateUserInfoStandardClaims
middle_name is a string with content
2022-11-27 18:20:15
ValidateUserInfoStandardClaims
name is a string with content
2022-11-27 18:20:15
ValidateUserInfoStandardClaims
nickname is a string with content
2022-11-27 18:20:15
ValidateUserInfoStandardClaims
phone_number is a string with content
2022-11-27 18:20:15
ValidateUserInfoStandardClaims
phone_number_verified is a boolean
2022-11-27 18:20:15
ValidateUserInfoStandardClaims
picture is a string with content
2022-11-27 18:20:15
ValidateUserInfoStandardClaims
preferred_username is a string with content
2022-11-27 18:20:15
ValidateUserInfoStandardClaims
profile is a string with content
2022-11-27 18:20:15
ValidateUserInfoStandardClaims
Skipping unknown claim: rat
2022-11-27 18:20:15
ValidateUserInfoStandardClaims
Skipping unknown claim: realmName
2022-11-27 18:20:15
ValidateUserInfoStandardClaims
sub is a string with content
2022-11-27 18:20:15
ValidateUserInfoStandardClaims
updated_at is a number
2022-11-27 18:20:15
ValidateUserInfoStandardClaims
website is a string with content
2022-11-27 18:20:15
ValidateUserInfoStandardClaims
zoneinfo is a string with content
2022-11-27 18:20:15 SUCCESS
ValidateUserInfoStandardClaims
Userinfo is valid
2022-11-27 18:20:15 SUCCESS
EnsureUserInfoContainsSub
Found sub in userinfo
sub
6160017N67
2022-11-27 18:20:15 SUCCESS
EnsureUserInfoUpdatedAtValid
'updated_at' in userinfo response seems to be a valid time
updated_at
"Nov 23, 2022, 3:07:34 AM"
now
"Nov 27, 2022, 6:20:15 PM"
2022-11-27 18:20:15
EnsureMemberValuesInClaimNameReferenceToMemberNamesInClaimSources
userinfo response does not contain '_claim_names' nor _claim_sources'
2022-11-27 18:20:15 SUCCESS
VerifyUserInfoAndIdTokenInAuthorizationEndpointSameSub
userinfo response and id_token sub are the same
sub_user_info
6160017N67
sub_id_token
6160017N67
2022-11-27 18:20:15 SUCCESS
VerifyUserInfoAndIdTokenInTokenEndpointSameSub
userinfo response and id_token sub are the same
sub_user_info
6160017N67
sub_id_token
6160017N67
2022-11-27 18:20:15 WARNING
VerifyScopesReturnedInUserInfoClaims
'claims' in userinfo doesn't contain all scope items of scope in authorization request(corresponds to scope standard claims)
actual_scope_items
[
  "acr",
  "address",
  "amr",
  "aud",
  "auth_time",
  "birthdate",
  "email_verified",
  "gender",
  "iss",
  "locale",
  "middle_name",
  "name",
  "nickname",
  "phone_number",
  "phone_number_verified",
  "picture",
  "preferred_username",
  "profile",
  "rat",
  "realmName",
  "sub",
  "updated_at",
  "website",
  "zoneinfo"
]
missing_items
[
  "email"
]
expected_scope_items
[
  "sub",
  "email",
  "email_verified"
]
2022-11-27 18:20:15 WARNING
EnsureUserInfoDoesNotContainName
Unexpectedly found name in userinfo response. The conformance suite did not request the 'name' claim is returned and hence did not expect the server to include it. Technically this does not violate the specifications but it is likely a bug in the server and may result in user data being exposed in unintended ways.
name
ISV Dev
2022-11-27 18:20:15 FINISHED
oidcc-scope-email
Test has run to completion
testmodule_result
WARNING
Unregister dynamically registered client
2022-11-27 18:20:15
UnregisterDynamicallyRegisteredClient
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register/cd5c5035-d536-4917-b2cd-a61daf7307f3
request_method
DELETE
request_headers
{
  "accept": "application/json",
  "authorization": "Bearer KE90S_dbJbLBsSihpxE546m9xUy-dhD62Gjx7i0gGzc.1WOhTX86CSIJx4jq21kMUzgfTuOoWc5TxNi2FeNt7n2zC9xaPNYC8Nre5LHiLA0TQRrDz31L2CojArj3rtfnjQ.M18xNjY5NTczMTUxXzE4",
  "content-length": "0"
}
request_body

                                
2022-11-27 18:20:17 RESPONSE
UnregisterDynamicallyRegisteredClient
HTTP response
response_status_code
204 NO_CONTENT
response_status_text
No Content
response_headers
{
  "x-backside-transport": "OK OK",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AKc9a97021-8cbb-4984-8cee-f579720161d6",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c2816383aa5f3547e401",
  "date": "Sun, 27 Nov 2022 18:20:17 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:ogxnW/KBn8nmHcAAWIq9pbaYuL8NDGmbEwn/bebZ8os\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:61017047; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003dD65F1B3FF0FA3CAE36D50ED7F9C62022~-1~YAAQr/nerbPN4HuEAQAAWYtRugjWDibNWdiTezIZhE8Vmzt3lrY50z9M6lKjMArfjtwYljv5Eebc7ZMdow47ttJ4PsAMDO7DFJDWUjxqoftTpsCOasya4LLGXTRqREyTZIAQ23M7FM5ULCZTnzGSbZgS0ScTZp4OekZf2W1iLYy5IkZvv7OZ1c/qOLtD/wp0iLiuVu0JCUnY3G1ffymxHbbWd3Elu7VxaxMGeTzWKjdaE/y4LVxPnjQiPJkfTF7xf1bWaJmUeN4v9ZbXPMuIw2r9+5dMFnNTtF0FsWOAJ3mf7H7eUCiDhTMYG/eVh0B1EJHMIXiZ8NtGHTUzy4/M/6aM1jkeQyZFG9vAXiK/xRr/o7lJ4mlpp9+67kiI868y+6S7rEY\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 27 Nov 2023 18:20:17 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d4B208F2137C5533C17EFEF9C39E65E86~YAAQr/nerbTN4HuEAQAAWYtRuhGcLMaoIoEL1AfRazN1K/P6hWYJdgZUbkWMksJnPcCS6AL3moyDqs0+RtD2obXxp+PDze74EJ7Mr9HujxpFm17F+Fw/0GMpSialfLrkX/vgyR4X5PjR9hCzysLEQkak9u9uJQyPIwBgbrS3kN7Z3MUUjVunUkSu5WDRz9KyWUDlQmleoGpJRunt76P6TgWbcjUkR5cVLKT2regMkCso1PxzodvVrnaWlYbZkcB9kRRqrA+nHEEw+URTfqblEJ/1o8u0fUqk17YPHv8WQDZEMuoCCn8E6iekm9pW~4339255~4337716; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dSun, 27 Nov 2022 22:20:15 GMT; Max-Age\u003d14398; Secure"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body

                                
2022-11-27 18:20:17 SUCCESS
UnregisterDynamicallyRegisteredClient
Client successfully unregistered
2022-11-27 18:20:29
TEST-RUNNER
Alias has now been claimed by another test
alias
isv_op_oidc_core_test
new_test_id
mUWLMkuooIIsD6R
Test Results