You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Describe the issue:
When the session extended endpoint is enable and the token binding is set to SSO session, isk attribute will be returned in the id token. If the users attributes are updated and the token is refreshed (using refresh token grant), isk claim will be removed from the id token. Since the session is not revoked, the isk claim should return when the token is refreshed.
How to reproduce:
Enable session extended endpoint
Create a service provider and enable SSO session binding
Get an access token with openid scope
Update the user attribute from the mgt console
Refresh the access token
ISK claim will be removed in the new id token
Expected behavior:
isk attribute should not be removed when the user attributes are changed.
Describe the issue:
When the session extended endpoint is enable and the token binding is set to SSO session, isk attribute will be returned in the id token. If the users attributes are updated and the token is refreshed (using refresh token grant), isk claim will be removed from the id token. Since the session is not revoked, the isk claim should return when the token is refreshed.
How to reproduce:
Expected behavior:
isk attribute should not be removed when the user attributes are changed.
Environment information:
[1] - https://is.docs.wso2.com/en/5.11.0/develop/idp-session-extender-endpoint/#identity-provider-session-extending-api
The text was updated successfully, but these errors were encountered: