Skip to content
This repository has been archived by the owner on Apr 2, 2019. It is now read-only.

Support access tokens in JWT format #101

Open
leplatrem opened this issue Jan 31, 2018 · 0 comments
Open

Support access tokens in JWT format #101

leplatrem opened this issue Jan 31, 2018 · 0 comments
Assignees
@leplatrem
Labels
P1
Milestone
v1.1

Comments

@leplatrem
Copy link
Collaborator

According to this:
https://auth0.com/docs/tokens/access-token#access-token-format

  • If the audience is set to YOUR_AUTH0_DOMAIN/userinfo, then the access token will be an opaque string.
  • If the audience is set to the unique identifier of a custom API, then the access token will be a JSON Web Token (JWT).

When the audience is set to a custom API and the scope parameter includes the openid value, then the generated access token will be a JWT valid for both retrieving the user's profile and for accessing the custom API. The audience parameter of this JWT will include two values: YOUR_AUTH0_DOMAIN/userinfo and your custom API's unique identifier.

Currently, in Doorman's codebase and documentation we only considered Access token opaque strings and JWT ID tokens. We should consider JWT Access tokens too.
@leplatrem leplatrem added the P1 label Jan 31, 2018
@leplatrem leplatrem self-assigned this Jan 31, 2018
@leplatrem leplatrem added this to the v1.1 milestone Feb 15, 2018
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@leplatrem leplatrem

Labels
P1
Projects
None yet
Milestone
v1.1
Development

No branches or pull requests
1 participant
@leplatrem