How to Change Issuer Claim in Identity token WSO2 Identity Server through Configuration

0
votes

I need to change the Iss claim in the ID token for the WOS2 Identity Server (5.7.0). I know how to do this through the management console, but I need to do it through configuration code for a more automated deployment experience. To do this through the management console, go to Identity Providers > Resident > Inbound Authentication Configuration > OAuth2/OpenID Configuration > Identity Provider Entity ID. This is the only editable field in this list. Here is the location: enter image description here

How do I edit this field through code? Is it the Identity.xml > SSOService > EntityId field? This does not seem to work when I try to edit this field, does it only work when the database is seeded or is there a different field I need to change?

1
oauth-2.0wso2wso2is

1 Answers

1
votes

If you need to change Issuer (EntityId) for OIDC from some CI/CD process please modify OAuth -> OpenIDConnect -> IDTokenIssuerID in identity.xml before first server start up. This value will be added to database during the first server start up and subsequently value will be read from DB (IDP_AUTHENTICATOR_PROPERTY) table.

FYI reference [1]

[1] https://github.com/wso2/carbon-identity-framework/blob/master/components/idp-mgt/org.wso2.carbon.idp.mgt/src/main/java/org/wso2/carbon/idp/mgt/IdentityProviderManager.java#L2046