Hello, I am working on POC project and the technologies are angular is UI and Backend APIs are in JAVA. OIDC Client is configured in the Angular to retrieve the ID_token and Access-token and the app receiving the both tokens successfully. when app decodes the id_token everything looks good, but the access token is just having the header and no body. there is no sub in the access token. Can you please let me what could the issue in the access token?
I think you have an opaque access token - this happens when you do not specify an audience. Opaque access tokens are not JWTs and cannot be decoded.
Specify an audience when you call /authorize and you will get an access token back.
Thanks for helping on this one John!