exp value not being validated on authorization endpoint #8464

ranierimazili · 2021-09-23T12:42:06Z

ranierimazili
Sep 23, 2021

Hello,

when using a JWE on request query parameter, the exp value isn't being validated. I've created a request object with an old value for exp attribute, but the authorization endpoint is still returning the code and id_token instead of 401 http status.
Is this the expected behavior?

P.S: It's validating only the redirect_uri inside the request object

Answered by ranierimazili

Sep 23, 2021

Forgot to add new policy on realm using fapi1-advanced profile... after that it's working now.

View full answer

ranierimazili · 2021-09-23T16:18:58Z

ranierimazili
Sep 23, 2021
Author

Forgot to add new policy on realm using fapi1-advanced profile... after that it's working now.

0 replies

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

exp value not being validated on authorization endpoint #8464

Uh oh!

{{title}}

Uh oh!

Uh oh!

{{editor}}'s edit

{{editor}}'s edit

Uh oh!

Replies: 1 comment

Uh oh!

{{title}}

Uh oh!

Select a reply

Uh oh!

exp value not being validated on authorization endpoint #8464

Uh oh!

Uh oh!

ranierimazili Sep 23, 2021

Replies: 1 comment

Uh oh!

ranierimazili Sep 23, 2021 Author

ranierimazili
Sep 23, 2021

ranierimazili
Sep 23, 2021
Author