1

I've setup oidc-provider for pkce (v7x). When I do the following:

  1. request a code from /auth with response_type='code'
  2. Used the code to get token form /token with grant_type=authorization_code
  3. Receive token as shown:
{
access_token: "a8DM82TgXF-cjlzH8yOjuK6_OF9h_JaYJjSPrAdCRG0"
expires_in: 86400
id_token: "eyJhbGci....FQg"
scope: "openid"
token_type: "Bearer"
}

How can I get node-oidc-provider to return a JWT access_token with claims?

User202202181041
  • 11
  • 1

1 Answers1

1

You shall use the Resource Indicators feature (oidc-provider docs) and request an access token for a particular resource server, in the resource indicators feature the configuration getResourceServerInfo is for validating the resource indicator provided (or defaulted to) in the authorization request. The return value from this getResourceServerInfo helper also defines the access token format (accessTokenFormat property), when the value is jwt the resulting Access Token is, well, a JWT following the JSON Web Token (JWT) Profile for OAuth 2.0 Access Tokens.

  • Thank you, that helped allot! For some reason when I add the below to the Provider configuration, I didn't have to set the `accessTokenFormat` explicitly. `formats: { AccessToken(token) { return 'jwt'; } }` – User202202181041 Feb 24 '22 at 16:47
  • 1
    That's no longer the way to do so. Please follow my guidance and use the resource indicators feature to get the best overall results. –  Feb 24 '22 at 16:53
  • When I set `accessTokenFormat: 'jwt'` as you described, it results in the `id_token` being returned as a `jwt` but the `access_token` is still a reference token. Any idea why this is happening? – Jeremy Hewett Dec 01 '22 at 23:28