All docs
This doc
This section provides information about the expected requests and the relevant responses that the WSO2 Identity Server would generate for the OpenID Connect Implicit Client flow.
Note: The nonce value is a mandatory parameter and it is not provided, you will not receive an Id Token.
{"auth_time":1453184484,"exp":1453188084,"sub":"[email protected]","azp":"W2OoSxQDCVrBk1lnffo1NGCKZbQa","at_hash":"DoxjyXzmrL6Z_kWRzmBdCA","nonce":"abc","aud":["W2OoSxQDCVrBk1lnffo1NGCKZbQa"],"iss":"https:\/\/playground.local:9443\/oauth2\/token","iat":1453184484}
The Id Token does not contain the at_hash
value because no access token is generated and an access token is required to calculate the at_hash
value.
Note: The access token and the IDToken are both returned to the client.