Hello,
I was wondering if anybody knew where verbose_oidc_logging is supposed to show up.
I have Debug level logging for the Vault process, and a file based audit log going, but I haven’t seen the contents of the JWTs that are a hitting the JWT/OIDC Auth method.
Thanks,
It shows up in the Vault log, not the audit log.
Note it is a string true to be set, ie:
verbose_oidc_logging="true" with quotes
In log:
[DEBUG] auth.oidc.auth_oidc_d2011e3c: OIDC provider response: ID token=eyJraWQiOiJtMn…
[DEBUG] auth.oidc.auth_oidc_d2011e3c: OIDC provider response:
claims = {
“amr”: [“pwd”],
“at_hash”: “zS7123…”,
“aud”: “0oa123…”,
“auth_time”: 1585252272,
“exp”: 1585264152,
“iat”: 1585260552,
“idp”: “00o485i8522pY30MZ4x6”,
“iss”: “https://dev-123456.okta.com/oauth2/default”,
“jti”: “ID.9fNzbyztInSzau…”,
“sub”: “00u4…”,
“ver”: 1
}