When you are augmenting claims within a JWT / AT / RT you might call out to an external system via HTTConnect to obtain more information. If this call fails, then the JWT will still be issued, but could be missing the claim information from your HTTPConnect call.
Observed versions
1.48.3
Affects versions
The version, or versions where this bug exists. If you do not know, please leave blank for now.
Steps to reproduce
Steps to reproduce the behavior:
Create a JWT populate lambda
Add a FETCH call to this lambda but make this call timeout
Watch as your JWT does not have the data from your HTTPConnect call
Expected behavior
If we are not able to make an external network call (due to a timeout, etc) then we should have a policy to fail the issuance of a JWT.
Screenshots
If applicable, add screenshots to help explain your problem. Delete this section if it is not applicable.
Platform
(Please complete the following information)
dev setup
mooreds
commented
5 months ago
Description
When you are augmenting claims within a JWT / AT / RT you might call out to an external system via HTTConnect to obtain more information. If this call fails, then the JWT will still be issued, but could be missing the claim information from your HTTPConnect call.
Observed versions
1.48.3
Affects versions
The version, or versions where this bug exists. If you do not know, please leave blank for now.
Steps to reproduce
Steps to reproduce the behavior:
Expected behavior
If we are not able to make an external network call (due to a timeout, etc) then we should have a policy to fail the issuance of a JWT.
Screenshots
If applicable, add screenshots to help explain your problem. Delete this section if it is not applicable.
Platform
(Please complete the following information) dev setup
Community guidelines
All issues filed in this repository must abide by the FusionAuth community guidelines.
Additional context
Customer reported