libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases Packages Activity Actions

doc/token-exchange.adoc: issuer claim -> iss claim (#27018)

Browse source 
Fixed a typo in the text.
This commit is contained in:
larsw 2024-03-14 13:37:40 +01:00 committed by GitHub
parent a5634b201c
commit 42244d2a67
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
docs/documentation/securing_apps/topics/token-exchange/token-exchange.adoc
View file

@ -357,7 +357,7 @@ to do this is <<_client_to_client_permission, discussed earlier>> in this sectio
The `subject_token_type` must either be `urn:ietf:params:oauth:token-type:access_token` or `urn:ietf:params:oauth:token-type:jwt`.
If the type is `urn:ietf:params:oauth:token-type:access_token` you specify the `subject_issuer` parameter and it must be the
alias of the configured identity provider. If the type is `urn:ietf:params:oauth:token-type:jwt`, the provider will be matched via
the `issuer` claim within the JWT which must be the alias of the provider, or a registered issuer within the providers configuration.
the `iss` (issuer) claim within the JWT which must be the alias of the provider, or a registered issuer within the providers configuration.
For validation, if the token is an access token, the provider's user info service will be invoked to validate the token. A successful call
will mean that the access token is valid. If the subject token is a JWT and if the provider has signature validation enabled, that will be attempted,