Use third party oauth2 token generated at user authentication, for REST action in Flow

sylvain_g · ‎10-04-2023

sylvain_g · ‎10-04-2023

Sorry, here is the detail : Is it possible to use the oauth2 token generated at user authentication , in a REST action in a Form that hab been instanciated by the user , via a request in service catalog? The third party I would like to call in the flow, via a REST Action is also federated with the same third party IDP and should understand the token.

If it is possible, what are the big step to do that?

I suppose I should run the flow as the user, but how can I get the user token to pass it to my partner application via Rest Action?

Randheer Singh · ‎10-06-2023

Currently, we do not store the token received as part of the OIDC login flow.
With customization, you can achieve your desired flow.

An Important point to note is that the 3rd party system that will accept this ID token should also have the same client ID. Otherwise, the audience restriction validation will fail while validating the token.

sylvain_g · ‎10-06-2023

Could you give me an example of the customization to do to get the access_token at OIDC login flow ?

And how could it be used in the flow ?

Thank you.