AnsweredAssumed Answered

PPID generated only with iss + resource_owner + salt ?

Question asked by tkudo on Sep 14, 2016
Latest reply on Sep 26, 2016 by Sascha Preibisch

I'd like to know implementation details on generating a PPID for sub value in ID Token. OTK doc states that the value will be created with values of part1, part2 and part3 though, it doesn't clarify what are part1 and part2 while describing part3 is "salt."


Using the OpenID Connect Assertions - CA API Management OAuth Toolkit - 3.5 - CA Technologies Documentation 


It seems that the default values for the former 2 parts are iss and resource_owner respectively, but I don't think it is sufficient to generate PPID as all three values including salt are global i.e. the same sub value is to be provided to all OIDC RP. Please let me know if it is some sort of doc bug or there is some algorithm leveraging client / sectoral identifier behind the documentation.