Closed
Description
Background:
-
Current NJS implementation disregard the
access_token
that is being sent by the IdP and only uses theid_token
to get stored in the NGINX Plus K/V store. -
Token Recommandation
When Using Do Don't ID Token - Assume the user is authenticated - Call an API - Get user profile data - Check if the client is allowed to access something. Access Token - Call an API - Inspect its content on the client - Check if the client is allowed to access something - Inspect its content on the server side
Acceptance Criteria:
- Enhance the NJS Code to capture the
access_token
sent by the IdP. - Store the
access_token
in the k/v store as same as we storeid_token
andrefresh_token
Compatibility:
- This issue will not block the existing features as there would be no change of variables, and this is just to add features.
Metadata
Metadata
Assignees
Labels
No labels