Bug ID 1145989: ID token sub-session variables are not populated

Last Modified: Dec 18, 2024

Affected Product(s):
BIG-IP APM(all modules)

Known Affected Versions:
15.1.5, 15.1.5.1, 15.1.6, 15.1.6.1, 15.1.7, 15.1.8, 15.1.8.1, 15.1.8.2, 15.1.9, 15.1.9.1, 15.1.10, 15.1.10.2, 15.1.10.3, 15.1.10.4, 15.1.10.5, 15.1.10.6

Fixed In:
17.1.2, 16.1.5

Opened: Sep 05, 2022

Severity: 3-Major

Symptoms

When refresh token is used, ID token sub-session variables are not populated.

Impact

The sub-session variables related to the ID token are not populated when APM per-request policy uses a refresh token to request a new access token and ID token.

Conditions

- Configured APM as OAuth Client in per-request policy. - OIDC is enabled. - After token expires and refresh token is used to fetch new token (grant_type=refresh_token).

Workaround

None

Fix Information

The sub-sessions of ID token populated in refresh token use-case.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips