IDP server does not return a new id_token using the grant_type=refresh_token

  • 7025223
  • 29-Jul-2021
  • 29-Jul-2021

Environment


  • Access Manager 4.4.x
  • Access Manager 5.0.x

Situation

OpenID application requires a new "id_token" to be returned with a request using the long living refresh_token
POST /nidp/oauth/nam/token HTTP/1.1
Content-Length: 2129
Content-Type: application/x-www-form-urlencoded
Host: idpa.kgast.nam.com:8443
grant_type=refresh_token&refresh_token=ey*******&scope=openid+Gast


{
"access_token": "ey**********,
"token_type": "bearer",
"expires_in": 3599,
"scope": "Gast"
}

Resolution

An enhancement request has been added to the ideas portal. If you require to have this functionality you are able to vote for it at: https://community.microfocus.com/cyberres/accessmanager/i/accmanideas/return-an-openid-token-using-grant_type-refresh_token-requesing-a-new-oauth-access-token-using-the-refresh-token

Cause

Access Manager does not support returning  an "id_token" using a refresh_token