Unable to understand a thing, I added whatever I see in the documentation. So basically doing for the sake of doing
My basic need is to identify type of user
Now I get 3 - ROLES , PERMISSIONS , SCOPE.
Please can you make my life easy, explaining what is required and their dependency
https://example.com/email: se@gmil.com
http://demozero.net/roles: [“primary”]
azp: ************
permissions: [“view:first”]
scope: openid profile email
https://example.com/email: u@yahk
http://demozero.net/roles: [“super”]
azp: ************
permissions: [“view:first”,“view:second”,“view:third”]
scope: openid profile email view:first view:second view:third
Also is there a better way to get email claim like “email”, than having that namespace , just like other keys like permissions ,scopes, sub, aud, iss, exp, iat ??
Why Script in Rule is required,