WSO2 Identity Server - Get Tenant ID in JWT

Question

Refer to this link I can add Tenant Domain Name information to our JWT token in sub like username@carbon.super

But I need a way to put Tenand ID info in JWT like a claim. How can I do this for IS 5.10.0 ?

Answer 1

It is not supported by IS OOTB. But you can write a custom claim provider sample and deploy it into the Identity Server. Refer this sample to know how to write a custom claim provider. https://github.com/wso2/samples-is/tree/master/etc/custom-claim-provider.

if it is authorizationcode grant or refresh token grant flow, Refer this implementation https://github.com/wso2/samples-is/blob/master/etc/custom-claim-provider/src/main/java/org/wso2/carbon/identity/custom/claim/provider/CustomClaimProvider.java#L57 and

additionalClaims.put("tenantName", oAuthTokenReqMessageContext.getOauth2AccessTokenReqDTO().getTenantDomain());
additionalClaims.put("tenantId", OAuth2Util.getTenantId(oAuthTokenReqMessageContext.getOauth2AccessTokenReqDTO().getTenantDomain()));

If it is an implicit granttype or hybrid flow, then refer this and https://github.com/wso2/samples-is/blob/master/etc/custom-claim-provider/src/main/java/org/wso2/carbon/identity/custom/claim/provider/CustomClaimProvider.java#L44

 additionalClaims.put("tenantName", oAuthAuthzReqMessageContext.getTenantDomain());
 additionalClaims.put("tenantId", OAuth2Util.getTenantId(oAuthAuthzReqMessageContext.getTenantDomain()));