JWT with array to client-principal

Posted by BartMille on 12-Dec-2018 14:30

Is it possible to export a JWT claim to a CP-property if the contains an array?

In my case, the roles are stored in an array. I can't create a property containing the roles.

JWT extract:

....

 "scope": [
 "admin",
 "user"
],

....

If i try to assign the claim "scope" to the roles-property in a CP, the PASOE throws an error.

All Replies

Posted by Michael Jacobs on 12-Dec-2018 17:46

This looks like a bug.

In general all of the token's claims are propagated as CP properties except those that are mapped to the user-id and scope.  

Did you turn off the mapping of scope to Roles and see that the scope claim did not appear as a CP property?

Posted by BartMille on 13-Dec-2018 16:13

Yes I did. It didn't throw an error anymore.But it still wasn't there in the properties.

I also converted another property to an array to see what happened. It simply disappeared from the properties.

As a workaround we could pass the roles in a comma separated string, but that's not ideal.

Using 117.3 btw. Both on Windows & Ubuntu

Posted by BartMille on 14-Jan-2019 15:09

Michael,

Do you have any idea why this is happening?

The problem is getting worse, since more & more array are being passed into the JWT token.

For example the 'audience' property also cannot be read once it contains an array instead of just a single string

My last remark was wrong. No problem with audience. I misinterpreted the error message.

This thread is closed