logto-io
how can i change the claims_supported value
Describe the bug
in my openid-configuration, i can not find exp, aud,
Expected behavior
claims_supported include ['iss', 'exp', 'aud', 'email']
How to reproduce?
self hosted
Environment
Self-hosted (Docker image)
Screenshots
No response
Thanks for raising this. Just to clarify:
-
Logto's ID tokens do include standard claims such as
iss,exp, andaudas expected. -
However, per the OpenID Connect Discovery 1.0 specification, the
claims_supportedfield is RECOMMENDED, and the list it provides is not guaranteed to be exhaustive. Providers may choose not to list every supported claim for privacy or other reasons.
Given this, I would recommend loosening the strict validation on the claims_supported metadata. Instead, itβs more robust to validate the actual ID token received, which will reliably indicate what claims are present in a specific authentication flow.
