IBM Cloud Identity provides a tool that helps retrieving authenticated user’s session attributes. This is a useful tool for the following purposes:
- Help retrieving user’s credential information for debugging
- Help Cloud Identity application developers figuring out what attributes are available in the credential for attribute mapping in their application
How to retrieve an authenticated session attributes/ user credential info:
- In a browser , open the credential viewer URL https://[your.cloud.identity.tenant.hostname]/ivcreds
- If you don’t already have an authenticated session, it will ask you to log in.
Note: For debugging issue, It is best that you login into a Cloud Identity applications first, then open this URL in a separate tab. It will pick up the authenticated user credential .
- An example of an authenticated credential information is below. Note: You can also download it to a json format file.
As shown in the example, user credential includes the authentication mechanism and types as well as identity source of where the user is coming from. It also contains user credential data such as user name, id, email, and groups that the user belong to if any.
This tool is only for the authenticated user to view their own credential. You can not use this tool to view someone’s else credential. When debugging issue, support can ask the end user to use the tool and download the credential in json file to pass a long in a case.