ForgeRock OpenBanking Reference Implementation is an example of how you can bundle all the micro-services together to create an Open Banking eco-system
The id_token in the hybrid flow redirect url was not verifyable. We need
to resign the token issued by AM so that we can put the correct key id
(kid) into the jwt - the kid needs to match that of the kid in the OB
jwks_uri in order for it to be verifiable. AM assignes UUID keyIds
rather than the SHA1 hash of the certificate as specified by the OB
directory. See OPENAM-10425.
The id_token in the hybrid flow redirect url was not verifyable. We need to resign the token issued by AM so that we can put the correct key id (kid) into the jwt - the kid needs to match that of the kid in the OB jwks_uri in order for it to be verifiable. AM assignes UUID keyIds rather than the SHA1 hash of the certificate as specified by the OB directory. See OPENAM-10425.