oauth2/userInfo endpoint response missing properties

[thomas-williams-mab]

I'm passing an Authorization Bearer token to a BE application, that I will be calling from a Reapit FE app.

I need to obtain information found in the Identity Token, in order to verify that the user invoking the endpoint is authorized to perform the action (ie. is a vendor tied to the same Customer Id as the logged-in negotiator).

The https://connect.reapit.cloud/oauth2/userInfo endpoint returns a response which does not contain information in the identity token received from the useReapitConnection hook.

The full identity token contains properties corresponding to negotiator id (custom:reapit:userCode) and customer id (custom:reapit:clientCode).

Whereas the response from https://connect.reapit.cloud/oauth2/userInfo in its entirety is:

{
    "sub": "15e512b0-a46a-441a-bd4b-6d025405d445",
    "email_verified": "True",
    "name": "Frank Manning",
    "email": "callum.ross@mab.org.uk",
    "username": "15e512b0-a46a-441a-bd4b-6d025405d445"
}

Is this potentially a misconfiguration issue?

If not, would it be possible to determine negotiatorId and customerId given that uuid username value?

Cheers :)

[HollyJoyPhillips]

Hi @thomas-williams-mab, it's not a misconfiguration just not something we cannot currently provide as the userinfo data is provided by Cognito. However, it's certainly something we are looking at enhancing going forward. I'll move this ticket into our Mid Term backlog and we will revisit as we progress development with Reapit Connect.

[github-actions[bot]]

This issue has been updated and moved to our ‘Mid Term’ column (typically completed within 5 - 8 months). We will assess the effort required and may outline a technical specification. When we're ready to schedule the issue, it will be moved to the ‘Near Term’ column. For more information on our processes, please click here