Closed HemantKMehta closed 3 years ago
I do not think we need to add this as an Auth Server feature. Can't we use the id_token interception script to add this claim?
I have the same opinion. @HemantKMehta please add claim to id_token via interception script.
Closing this ticket. It can be solved via interception script.
I will assign it to Milton once he approves invitation to github org, so he can slowly dive into openbanking.
Open Banking Brasil Financial-grade API Security Profile 1.0 implementers Draft 1: The details about this claim is defined in clause 5.2.2.2 (in the given link) as: Requesting the "cpf" Claim This profile defines "cpf" as a new standard claim as per clause 5.1 OIDC The CPF number (Cadastro de Pessoas Físicas, [sepeˈɛfi]; Portuguese for "Natural Persons Register") is the Brazilian individual taxpayer registry identification. This number is attributed by the Brazilian Federal Revenue to Brazilians and resident aliens who, directly or indirectly, pay taxes in Brazil. In the Brasil Open Banking identity model, the cpf is a string consisting of numbers that is 11 characters long and may start with a 0. If the cpf Claim is requested as an Essential Claim for the ID Token or UserInfo response with a values parameter requesting a specific cpf value, the Authorization Server MUST return a cpf Claim Value that matches the requested value. If this is an Essential Claim and the requirement cannot be met, then the Authorization Server MUST treat that outcome as a failed authentication attempt. Name: cpf, Type: String, Regex: 'd{11}$'