I’m currently trying to work around some limitation of istio that is not able to do verification of space delimited claims inside a JWT (currently) but instead can do it for an array of strings. Now I’m trying to add a custom claim to my access token with the original scope values being included as an array as a workaround.
According to Context-Object documentation the
context.accessToken.scope should be an array of strings - but when my rule is executed the accessToken is an empty object literal (according to real-time logs extension).
Am I doing something wrong?
Because I’m pretty sure that I read that all rules will be executed after RBAC stuff is done so that rules would be able to override claim values that are provided by enabling RBAC for an API.
My client application is a SPA using the Implicit Grant flow with
response_type: id_token token.
Any help or information is appreciated.