Difference in dump for same app in two different tenants

emil.enemaerke · August 25, 2021, 7:44am

Hi

We are having a dev and production tenant that we keeping in sync. When dumping config from both tenants there is a difference in the json file for two identical applications.

From development tenant it looks like:

{
  "is_token_endpoint_ip_header_trusted": false,
  "name": "ClientName",
  "is_first_party": true,
  "oidc_conformant": true,
  "sso_disabled": false,
  "cross_origin_auth": false,
  "refresh_token": {
    "expiration_type": "non-expiring",
    "leeway": 0,
    "infinite_token_lifetime": true,
    "infinite_idle_token_lifetime": true,
    "token_lifetime": 31557600,
    "idle_token_lifetime": 2592000,
    "rotation_type": "non-rotating"
  },
  "jwt_configuration": {
    "alg": "RS256",
    "lifetime_in_seconds": 36000,
    "secret_encoded": false
  },
  "token_endpoint_auth_method": "client_secret_post",
  "app_type": "non_interactive",
  "grant_types": [
    "client_credentials"
  ],
  "custom_login_page_on": true
}

in production it has more information added:

{
  "is_token_endpoint_ip_header_trusted": false,
  "name": "ClientName",
  "is_first_party": true,
  "oidc_conformant": true,
  "sso_disabled": false,
  "cross_origin_auth": false,
  "refresh_token": {
    "expiration_type": "non-expiring",
    "idle_token_lifetime": 2592000,
    "infinite_idle_token_lifetime": true,
    "infinite_token_lifetime": true,
    "leeway": 0,
    "token_lifetime": 31557600,
    "rotation_type": "non-rotating"
  },
  "allowed_clients": [],
  "callbacks": [],
  "native_social_login": {
    "apple": {
      "enabled": false
    },
    "facebook": {
      "enabled": false
    }
  },
  "jwt_configuration": {
    "alg": "RS256",
    "lifetime_in_seconds": 36000,
    "secret_encoded": false
  },
  "client_aliases": [],
  "token_endpoint_auth_method": "client_secret_post",
  "app_type": "non_interactive",
  "grant_types": [
    "client_credentials"

  ],
  "custom_login_page_on": true
}

Comparing in Araxis diff tool:

Why is there a difference in those two dumps when configuration is exactly the same in the GUI? Note that it is only for some of the applications that there is a difference, most of them are similar.

dan.woda · August 26, 2021, 4:37pm

Hi @emil.enemaerke,

Would you please DM me the tenant names and client IDs for the two applications? I would like to take a look.

dan.woda · August 31, 2021, 4:17pm

I was able to recreate the native social login diffs by turning on native social login, then turning it off. This suggests that maybe someon was testing native social login in the application that has the extra params, but ultimately turned those settings off.

Would that be a possible scenario?

emil.enemaerke · September 1, 2021, 6:07am

I can see in our git history that it has been tuned on at some point in time and then turned off again. So your assumption seems correct.

dan.woda · September 1, 2021, 2:57pm

Let us know if you have any other questions.

system · September 16, 2021, 2:58pm

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.