Posts

Showing posts from July, 2018

OIDC Scope claim Mapping in IS 5.7.0

Image
In previous wso2 IS versions OIDC scope-claim mapping is maintained in the registry level. From IS 5.7.0 this mapping will be persisted in the db layer. How OIDC scope-claim mapping works? In the location of {product_home}/repository/conf/identity the file oidc-scope-config.xml can be found with the default OIDC scope claim mappings. In the very first server startup scopes and claims defined in this file will be stored in the db and the same data will be displayed in the management console UI. In the tenant creation also the data which is defined in the aforementioned file will be stored in the db against the tenant id. After the very server start up and the tenant creation the changes done to the oidc-scope-config.xml wont get affected. So adding, removing and editing oidc scopes should be done through the Management console UI. OIDC Scope-Claim Mapping UI. In the management console under 'Manage' collapsing panel it can be seen 'OIDC Scopes' section as below.