client credentials may not work for this.
I want to use client credentials to communicate between services and internal companies.
I would like the service requesting the token to be able to pass data that would become claims like the data in a SAML flow but without the cert, taking advantage of the OIDC simplicity.
Is there a way to pass data to the token endpoint and that become a custom claim that is part of the JWT?
Is there a way to pass data to the token endpoint and that become a custom claim that is part of the JWT?
No. But you could store custom attributes for your users in Okta and include that information in your tokens.
Because it’s a client credential flow, there isn’t a user context.
If you have the ability to create custom Authorization Servers, you can set it up to include whatever custom claims you want. However, it doesn’t support getting arbitrary data from the incoming request and putting that in a token.
I am looking to implement similar thing with client credentials flow. A unique ID will be sent in request and that should be included as custom claim in the token.
Can you suggest any other approach for such requirement?
Thanks
You likely want to check out the technique outlined in this article, about how to add static claims to tokens issued to service applications.
Did you finally find an approach for that purpose ?
This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.