wso2 identity server after token refresh userinfo returns wrong results and only sub

Asked Mar 15 '17 at 12:48

Active Mar 20 '17 at 09:29

Viewed 153 times

I have set up a WSO Identity server v5.3.0 and got OAuth2 authentication working against it. I have set it up with Google as a federated authenticator.

After following the instructions on wso2 identity server oauth userinfo only returns sub, I get my real email-address when querying the userinfo endpoint:

{
  "email": “<my-real-email-adress>“,
  "sub": "<my-real-email-adress>"
}

But after the accessToken is refresh-et I get

{
  "sub": "<my-real-email-adress>@carbon.super"
}

So email is gone, and the sub is not correct any more.

How do I set it up so I can still use the userinfo endpoint after the token is refreshed?

It works after token-refresh if I turn off the federated authentication, and instead use the default authentication build-in in WSO2

Edit: Here is a screen shot of my service provider configuration

Screenshot of service provider configuraion

edited Jun 13 '22 at 20:32

Community

asked Mar 15 '17 at 12:48

Claus Nørgaard

can you share a screenshot of your service provider configurations? specially the claim configs and the local and outbound authentication sections of the service provider? – farasath Mar 17 '17 at 19:08
Added to the original post – Claus Nørgaard Mar 20 '17 at 10:07

wso2 identity server after token refresh userinfo returns wrong results and only sub

0 Answers0