How to get scope information by token of client-credentials?
I deployed a JAS and two applications (A and B).
A obtained an access token from JAS using client credentials mode, then use this token to access B's resources.
curl --request POST "http://host/oidc/endpoint/jazzop/token" \--header "Content-Type: application/x-www-form-urlencoded" \--data-urlencode "grant_type=client_credentials" \--data-urlencode "client_id=<CLIENT_ID>" \--data-urlencode "client_secret=<PASSWORD>" \--data-urlencode "scope=openid custom_scope"=> {"access_token":"xxxxxxxxxxxxxxxxxxx","token_type":"Bearer","expires_in":7200,"scope":"openid custom_scope"}
For B, can obtain A's client ID from JAS.
curl http://host/oidc/endpoint/jazzop/userinfo --header 'Authorization: Bearer xxxxxxxxxxxxxxxxxxx'
=> {"sub":"<CLIENT_ID>","iss":"https:\/\/host\/oidc\/endpoint\/jazzop"}
How can I get the scope ?
I want to check A's token must have 'custom_scope'.