PAR request fails when the PAR URL domain is different from the IDP/token URL

[Akila94]

Description:
When a different URL is used as the PAR request URL (a different domain) but the identity server resident IDP URL is different from that, the PAR request throws an error telling the audience values does not match.

Currently the aud value sent in the request object is validated with the following URLs in the accelerator code base,

• Token endpoint
• Resident IDP URL
• PAR endpoint (this is built by adding the necessary par endpoint URL parts to the Resident IDP URL)

Hence, when the real PAR request contains a different domain than the above URLs, the PAR request fails.

To avoid this scenario, a configuration should be introduced to configure the PAR request URL. If a URL is defined, when the PAR request is performed, the audience value of the request object will be validated with the configured URL.

Suggested Labels:
Accelerator, OB3

Suggested Assignees:

Affected Product Version:
OB3 IAM accelerator

OS, DB, other environment details and versions:

Steps to reproduce:

Related Issues:
https://github.com/wso2-enterprise/wso2-ob-internal/issues/904

[Akila94]

Closing this since this fix is not required. Refer the issue: #208