Security – Pubci World

November 14, 2016

How to create a self-signed SSL certificate for multiple domains

Domain names could contain multiple sub domains. For an example, esb.dev.abc.com and test.api.dev.abc.com are belong to the same organization. Wildcard certificate *.dev.abc.com covers only the esb.dev.abc.com and it does not cover test.api.dev.abc.com. This wildcard certificate does not support if there are multiple dots (.) after the .dev.abc.com. We can add multiple DNS alternative names to … Continue reading How to create a self-signed SSL certificate for multiple domains

June 19, 2016June 19, 2016

Customize ID Token in OpenID in WSO2 Identity Server 5.0.0 with Claims

Based on the user’s requirement he may need to customize the ID token. Once you decode the default ID token, it looks like as follows. What we are going to do is add new key value pairs to the following using claims. { “exp”: -677328449, “azp”: “asdbUY31SEQtDpCi7aCsZSj96P0a”, “sub”: “admin@carbon.super”, “aud”: “asdbUY31SEQtDpCi7aCsZSj96P0a”, “iss”: “https:\/\/localhost:9443\/oauth2endpoints\/token”, “iat”: -680928449 … Continue reading Customize ID Token in OpenID in WSO2 Identity Server 5.0.0 with Claims

June 19, 2016June 19, 2016

ID Token in OpenID in WSO2 Identity Server 5.1.0

ID Token is a JSON Web Token (JWT) which has introduced by OpenID Connect. OAuth does not communicate the identity information of the end user. Due to this OpenID uses ID Token to communicate the end user information. You can read more on ID Token in [1]. Let see how we can get the ID … Continue reading ID Token in OpenID in WSO2 Identity Server 5.1.0