OpenAM - Use OAuth2 Access Token to get User Detai

2019-05-31 04:53发布

Is it possible to get user details (attributes belonging to the resource owner) from ForgeRock's OpenAM using an OAuth 2 access token?

I have a trusted SPA UI that is able to get an access token from OpenAM using the Resource Owner Password Credentials Grant type. However, that access token gives me no information about the resource owner. The token_info endpoint similarly gives me no information.

OpenAM seems to have endpoints for listing user attributes, but expects a JWT as means of authentication for the request.

How can I get user attributes from an access token?

1条回答
forever°为你锁心
2楼-- · 2019-05-31 05:22

There is a userinfo endpoint that will return user attributes. In OpenAM 13.0, the data returned by the endpoint is scriptable. In prior versions it is mapped to scopes.

The sample client application is helpful to understand how this works:

https://github.com/ForgeRock/openid

查看更多
登录 后发表回答