Dba SP
unread,5 Jun 2023, 10:57:31 am05/06/23Sign in to reply to author
Sign in to forward
You don’t have permission to delete messages in this group
Either email addresses are anonymous for this group or you need the ‘view member email addresses’ permission to view the original message
to WildFly
Hello all,
I am using wildfly elytron oidc to secure our ressource server with a bearer token. While using keycloak as oidc provider everything works fine, however if we configure elytron to check tokens against an AzureAD app, the validation of the token fails. It fails because of org.wildfly.security.http.oidc.TokenValidator.TypeValidator: This validator expects that the access token has a claim named "typ" with the content "Bearer". While keycloak puts this claim into its token, AzureAD is not (and as far is I knmow, it is not possible to put this claim into an AzureAD token).
I could not find anything about a mandatory claim "typ" in the oidc , so the type-claims seems to be keycloak related?
Is there any way to turn this validation of, so that tokens without this claim can be used successfully?
(Or are we doing something completly wrong?)
I would appreciate any hint :)
(used versions of elytron: 2.0.0 and 2.2.0)