Jan Gertgens
Reputation: 1
Entra ID App Registration no Roles in Token object with elytron-oicde-client
We have the problem that with Microsoft Entra ID in conjunction with an app registration and the JBoss Elytron OIDC client, the roles are not available in JBoss.
We were able to identify the problem. It is related to the scope. An app registration requires the specification of the API scope so that the roles are included in the access token. The scope cannot be passed with the Elytron OIDC client. Does anyone know another solution in conjunction with JBoss EAP 7.4 to obtain the roles using the Elytron OIDC client?
Upvotes: 0
Views: 14
Answers (0)
Related Questions
- Entra ID - Adding actor claim to the token via client credential flow
- Verify token from Microsoft Entra ID fails?
- Missing application-http-authentication in JBoss EAP 7.4 standalone.xml which uses ApplicationDomain
- EAP 7: Server-to-server remote EJB & Elytron config
- Elytron programmatic login with FORM authentication
- OpenID Connect JWT token verification and usage strategy for backend api - jwks or session?
- Azure MSAL - Authentication cannot realize userinfo request
- Need to exclude apache httpcomponent from jboss 6.4 module