- Tokens
- Access Tokens
- Refresh Tokens
-
ID Tokens
- Identifying "claims" expected to be included into an ID token
- Adding claims to an ID token
- Changing signing key for ID tokens
- Generating encrypted ID tokens
- When a response_type parameter contains id_token
- Custom header claims in ID tokens
- Proof-of-Possession (PoP) Tokens
-
Grant Type
- Scopes
- PKCE (RFC 7636)
- Client Management
- Authorization Requests
- User Authentication
- Error Handling
- Client Authentication
- Introspection
- Userinfo Endpoint
- JARM
- Device Flow (RFC 8628)
When a response_type parameter contains id_token
Overview
When the response_type parameter of an authorization request contains id_token in its value, the scope parameter of the request must contains openid in its value.
Detail
When calling the Authlete /auth/authorization API, if the response_type in the parameters contains id_token, please make the scope parameter contains openid in its value.
Otherwise, the API will return the response like below.
{
"type": "authorizationResponse",
"resultCode": "A004302",
"resultMessage": "[A004302] The value of 'response_type' (id_token) is not allowed when 'scope' does not contain 'openid'.",
"action": "BAD_REQUEST",
"client": ...
}
How did we do with this article?