When initially setting up an OpenID configuration in TIBCO Spotfire, it can be useful to see what claims and their values can be found in the JWT (JSON Web Token / ID Token) that is retrieved by Spotfire.
This can aid in debugging and ensuring the correct configuration is applied.
The following procedure works in Spotfire Server 11.4 and greater.
Procedure
Note: the config command is located in <INSTALLATION ROOT>/tomcat/spotfire-bin
1) On the spotfire server export the server configuration (Linux users use config.sh)config.bat export-config
2) This will export the current configuration to a file called configuration.xml. Enable claims logging in this file:config.bat set-config-prop -n security.oidc.log-claim-values -v true
3) Import the config into the Spotfire databaseconfig.bat import-config -c "Enabled OpenID claims logging" configuration.xml
4) Restart the spotfire service.
Once implemented, log file entries will be displayed at INFO level, DEBUG is not necessary.
The logs will show what claims are available in the OpenID token and their values. A sample output looks like below.INFO 2022-08-25T09:41:03,887+0000 [unknown, #B-28, #189] auth.oidc.OidcAuthenticator: Claims available in the ID Token: {sub=jsmith, aud=[000afa31-8b8c-12a3-a721-1aaa9e750000], auth_time=1661420463, iss=https://idp.example.com/auth/, name=John Smith, exp=2022-08-25T10:41:03.000+0000, iat=2022-08-25T09:41:03.000+0000, nonce=a5j5aj65c16f3034p21khlkh9o, email=John.Smith@example.com}
Comments
0 comments
Please sign in to leave a comment.