Openid Connect
OpenId Connect guide
Workflow:
- applicationRedirectUrl = http://134.60.64.132/activiti-webapp-explorer2/ui/callback#access_token=eyJhbGciOiJSUzI1NiJ9.eyJhdWQiOlsiY2xvdWRzb2NrZXQiXSwidXNlcl9uYW1lIjoiY3NkZW1vIiwic2NvcGUiOlsib3BlbmlkIl0sImlkX3Rva2VuIjoiZXlKaGJHY2lPaUpTVXpJMU5pSjkuZXlKcGMzTWlPaUpvZEhSd2N6b3ZMMmxrY0M1NWJXVnVjeTVqYjIwaUxDSmhkV1FpT2lKaGRHOXpJaXdpWVhwd0lqb2lZWFJ2Y3lJc0luTjFZaUk2SW1OelpHVnRieUlzSW01dmJtTmxJanB1ZFd4c0xDSmhkWFJvWDNScGJXVWlPakV1TkRjek56WTJNakkyUlRrc0ltbGhkQ0k2TVM0ME56TTNOall5TWpaRk9Td2laWGh3SWpveExqUTNNemd3T1RReU5VVTVMQ0p0WVhoZllXZGxJam8yTURBd01Dd2ljbTlzWlhNaU9sc2lZV1J0YVc0aVhYMC5ZY2JNdGhnandlOGY1ZHlkTUVpUlV1NXRla2hvU1JkSjdUcFhpN1dnTWE4emlwZE1Eczlra3VHUU9fYVFiSEZEdmZHTUVucVRGeTZUeVp3RUk5YmtjM3hJeXo1OTVpRUEwSGlQUmNIOUtoYnpWRUdRRzAtZ1RUS2ptckhzTENNRFRiNEotVzBucURkY2o5V0xtUE55YnhOdk9XS2t5VmdlR2NRZzRvOXBWOUR1VUJWY3RINC15SXh3aDRvUFo1bU91OHNrN0ZaWHd0QUl2Y3RwTGoyTl9tdy1mQUdaN3NLZ1A2N1lna3hOb1N3ZzY1VEFMT1Y5S1g3eFF5T0hwbG0zbXJld3BVcnZ2ay1VandSazljaDI1M29SRF9wNjhvaXRDUy1sYmVGeVM0V3ZucFppcGM5R2JEVEkzV0g1UEVNbTlscmR2enhORDFtZzdodS1IVS1UN0EiLCJleHAiOjE0NzM4MDk0MjUsImF1dGhvcml0aWVzIjpbImFkbWluIl0sImp0aSI6ImU2NjMyNTFjLTE3NTItNGQ5OC04MDBlLTI0NDQ0MTVmMGI3OCIsImNsaWVudF9pZCI6ImF0b3MifQ.COCWgMdHPRDXe-dAbhHYKRlljknAgGYQp_bLKEYARJ-1wdGy2X-58U2eWQGGoPtyg7a3u1Ao2k3r5sPBkMT3QHmPNdL9RWPI_V5Jaa2UU2Tuhfd-uFP2opHC2Hdmiwh0yxl88kKP0IJOIyUvTlg6F9uLKaLjzd8dZOl6xDblJXDeceXhycWN31G-zbJp2nLp5didMrKvBzNNBJzmbsZ-kFveqi9ykxzu0Eawe_GHKZJ-nDgJ-Z-psDgcwtfHFtmWYy6G44EhkU2V9YDVOSHPqOWBtTHB6IHqxhN8bHzdrxtG2u_qeBk5BE_iLqRyQr679_QMIsH6wPC8XeE8ufNSdg&token_type=bearer&state=&expires_in=43199&id_token=eyJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2lkcC55bWVucy5jb20iLCJhdWQiOiJhdG9zIiwiYXpwIjoiYXRvcyIsInN1YiI6ImNzZGVtbyIsIm5vbmNlIjpudWxsLCJhdXRoX3RpbWUiOjEuNDczNzY2MjI2RTksImlhdCI6MS40NzM3NjYyMjZFOSwiZXhwIjoxLjQ3MzgwOTQyNUU5LCJtYXhfYWdlIjo2MDAwMCwicm9sZXMiOlsiYWRtaW4iXX0.YcbMthgjwe8f5dydMEiRUu5tekhoSRdJ7TpXi7WgMa8zipdMDs9kkuGQO_aQbHFDvfGMEnqTFy6TyZwEI9bkc3xIyz595iEA0HiPRcH9KhbzVEGQG0-gTTKjmrHsLCMDTb4J-W0nqDdcj9WLmPNybxNvOWKkyVgeGcQg4o9pV9DuUBVctH4-yIxwh4oPZ5mOu8sk7FZXwtAIvctpLj2N_mw-fAGZ7sKgP67YgkxNoSwg65TALOV9KX7xQyOHplm3mrewpUrvvk-UjwRk9ch253oRD_p68oitCS-lbeFyS4WvnpZipc9GbDTI3WH5PEMm9lrdvzxND1mg7hu-HU-T7A&jti=e663251c-1752-4d98-800e-2444415f0b78
- access_token parameter can be decoded using publicKey. You can use https://jwt.io/
- example of decoded access_token: {
"aud": [ "cloudsocket" ], "user_name": "csdemo", "scope": [ "openid" ], "id_token": "eyJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2lkcC55bWVucy5jb20iLCJhdWQiOiJhdG9zIiwiYXpwIjoiYXRvcyIsInN1YiI6ImNzZGVtbyIsIm5vbmNlIjpudWxsLCJhdXRoX3RpbWUiOjEuNDczNzY2MjI2RTksImlhdCI6MS40NzM3NjYyMjZFOSwiZXhwIjoxLjQ3MzgwOTQyNUU5LCJtYXhfYWdlIjo2MDAwMCwicm9sZXMiOlsiYWRtaW4iXX0.YcbMthgjwe8f5dydMEiRUu5tekhoSRdJ7TpXi7WgMa8zipdMDs9kkuGQO_aQbHFDvfGMEnqTFy6TyZwEI9bkc3xIyz595iEA0HiPRcH9KhbzVEGQG0-gTTKjmrHsLCMDTb4J-W0nqDdcj9WLmPNybxNvOWKkyVgeGcQg4o9pV9DuUBVctH4-yIxwh4oPZ5mOu8sk7FZXwtAIvctpLj2N_mw-fAGZ7sKgP67YgkxNoSwg65TALOV9KX7xQyOHplm3mrewpUrvvk-UjwRk9ch253oRD_p68oitCS-lbeFyS4WvnpZipc9GbDTI3WH5PEMm9lrdvzxND1mg7hu-HU-T7A", "exp": 1473809425, "authorities": [ "admin" ], "jti": "e663251c-1752-4d98-800e-2444415f0b78", "client_id": "atos"
- id_token field of access_token can be decoded too;
- example of decoded id_token:
"iss": "https://idp.ymens.com", "aud": "atos", "azp": "atos", "sub": "csdemo", "nonce": null, "auth_time": 1473766226, "iat": 1473766226, "exp": 1473809425, "max_age": 60000, "roles": [ "admin" ]
- publicKey = -----BEGIN PUBLIC KEY-----MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2UEDg+Gg5VStt5MF+DYJraw7nv8Bkn5uOyDVBgVraM5E5tX4lQaIo9MBjK/KA4HhI0jxJTLUocos31NwfYhXsJ45SwaNA/ZkiGGx8On8bAeg/ggY3JcbXLe3EKkAtxRi35bJnfQP34f2+xcZdeBpyx2XQHB+iMfQ9fQo3n/mXrbkpjCOghWDMXepVWAeBs3ERAa7OLcZcni8mXTqzeTWjnjoiVDw5ClezTTkOgM8t4HwhRy8AbzhNNgv0bbOBfTf3LWeXMbCz1IFCtKgqi1bTiVE5dX6ylEpwWcZcObc+DbgAIhPibqzjXW0rArzRCSmxAEh22VHONuLyD0V+Wtj6QIDAQAB-----END PUBLIC KEY-----
- you can get more information from: http://openid.net/connect/
Funding Partners
Horizon 2020