id-token-attributes

id-token-attributes

Use this entry to set a claim from the Id token response which should be included in the credential as an extended attribute.
id-token-attributes = [+|-]<claim>

Description

Multiple rules can be specified by creating additional configuration entries of the same name. When an Id token is received each claim will be evaluated against each rule in sequence until a match is found. The corresponding code (+|-) will then be used to determine whether the claim will be added to the credential or not. If the claim name does not match a configured rule it will by default be added to the credential.
Options

+ That this claim should be added to the credential.
- That this claim should not be added to the credential.
<claim> The corresponding claim name, which can also contain pattern matching characters (i.e. * ?).

Usage: Optional
Default value None.
Example: id-token-attributes = = -email
Parent topic: [oidc:default] stanza

+	That this claim should be added to the credential.
-	That this claim should not be added to the credential.
<claim>	The corresponding claim name, which can also contain pattern matching characters (i.e. * ?).