Uploaded image for project: 'Keycloak'
  1. Keycloak
  2. KEYCLOAK-3219

WellKnown endpoint doesn't support claims_supported

    XMLWordPrintable

Details

    • Feature Request
    • Status: Closed (View Workflow)
    • Major
    • Resolution: Done
    • 2.0.0.CR1
    • 2.1.0.CR1
    • OIDC
    • None

    Description

      There is no support for claims query parameter and the well-known endpoint doesn't provide claims_supported.

      In OIDC discovery http://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata is specified this :

      claims_supported
          RECOMMENDED. JSON array containing a list of the Claim Names of the Claims that the 
      OpenID Provider MAY be able to supply values for. Note that for privacy or other reasons, this 
      might not be an exhaustive list. 
      

      So it's not REQUIRED per specs, however there is still 1 failing test from conformance testsuite because of this. Details in attachement.

      We can possibly also add some other claim related stuff to WellKnown endpoint (support for "claim_types_supported" should be easy as we support just "normal" . Support for "claims_parameter_supported" might be more tricky (in case we want to use "true" ), however it seems that we will need to support "claims" parameter to support some other tests from OIDC conformance testsuite without FAILURE or WARNING.

      Attachments

        Issue Links

          Activity

            People

              mposolda@redhat.com Marek Posolda
              mposolda@redhat.com Marek Posolda
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: