When a response_type parameter contains id_token

Overview
Detail

Overview

When the response_type parameter of an authorization request contains** id_token in its value, the scope** parameter of the request must contains openid in its value.

Detail

When calling the Authlete /auth/authorization API, if the response_type in the parameters contains id_token, please make the** scope** parameter contains openid in its value. Otherwise, the API will return the response like below.

{
    "type": "authorizationResponse",
    "resultCode": "A004302",
    "resultMessage": "[A004302] The value of 'response_type' (id_token) is not allowed when 'scope' does not contain 'openid'.",
    "action": "BAD_REQUEST",
    "client": ...
}

Generating encrypted ID tokens Custom header claims in ID tokens

Client Management

Client Authentication

Scopes & Consent

Authorization Requests

Token Issuance & Formats

Token Lifecycle & Policies

Token Introspection & Validation

Identity Endpoints

Verifiable Credentials

Error Handling & Debugging

Security

When a response_type parameter contains id_token

Overview

Detail

Client Management

Client Authentication

Scopes & Consent

Authorization Requests

Token Issuance & Formats

Token Lifecycle & Policies

Token Introspection & Validation

Identity Endpoints

Verifiable Credentials

Error Handling & Debugging

Security

​Overview

​Detail

Overview

Detail