IBM Verify

IBM Verify

Join this online user group to communicate across Security product users and IBM experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.

 View Only
Back to discussions
Expand all | Collapse all

How to add the claim "exp" (expiration date of access token) to /userinfo endpoint

  • 1.  How to add the claim "exp" (expiration date of access token) to /userinfo endpoint

    Posted 14 hours ago
    Edited by Thomas Renner 13 hours ago

    Hi all, 

    is it possible to add the expiration date from an access token to the /userinfo endpoint? We are using an OIDC authorization code flow. 
    At the moment there are only customized claims which I added to the OIDCPostTokenMappingRule by calling an /userinfo endpoint 
    Example Request example.host/mga/sps/oauth/oauth20/userinfo?access_token=5ehzHk17laba9TgjFCps
    Example Output:

    {"sub":"MUSTERM","gid":"123456","x-auth-level":"30","given_name":"Max","family_name":"Mustermann","email":"max@company.de"}

    Now I would like to have an additonal claim "exp", with the value of expiration date from access token.

    By parsing the id_token from /token endpoint I will get the value of expiration date from id_token in the claim "exp" out of the box (standard claim). 

    Any idea where to add this coding in the OIDCPostTokenMappingRule for getting the expiration date of access token on /userinfo as well?



    ------------------------------
    Thomas Renner
    ------------------------------



Related Content