Closed HemantKMehta closed 3 years ago
Ditto my comment for 127... can't this be a claim added in the interception script?
Closing this ticket as it seems it can be handled via interception script.
I will assign it to Milton once he approves invitation to github org, so he can slowly dive into openbanking.
Open Banking Brasil Financial-grade API Security Profile 1.0 implementers Draft 1: The details about this claim is defined in clause 5.2.2.3 (in the given link) as:
5.2.2.3. Requesting the "cnpj" Claim This profile defines "cnpj" as a new standard claim as per clause 5.1OIDC CNPJ, short for Cadastro Nacional de Pessoas Jurídicas, is an identification number of Brazilian companies issued by the Brazilian Ministry of Revenue, in Portuguese "Secretaria da Receita Federal" or "Ministério da Fazenda". In the Brasil Open Banking identity model, individuals can associated with 0 or more CNPJs. A CNPJ is a string consisting of numbers that is 14 digits long and may start with a 0, the first eight digits identify the company, the four digits after the slash identify the branch or subsidiary ("0001" defaults to the headquarters), and the last two are checksum digits. For this profile, the cnpj claim must be requested and supplied as the 14 digit number.
If the cnpj Claim is requested as an Essential Claim for the ID Token or UserInfo response with a values parameter requesting a specific cnpj value, the Authorization Server MUST return a cnpj Claim Value that contains a set of CNPJs one of which must match the requested value. If this is an Essential Claim and the requirement cannot be met, then the Authorization Server MUST treat that outcome as a failed authentication attempt.
Name: cnpj, Type: Array of Strings, Array Element Regex: 'd{14}$'