OAuth 2 token enrichment
In token exchange use-case, we described a scenario where we exchanged secure opaque token with JWT access token containing sensitive data. MicroPerimeter™ Edge can be configured to inject extra information outside OAuth 2 domain into the access token that can be later consumed by the microservice.
In this scenario client uses JWT access token issued by OAuth 2 authorization server and MicroPerimeter™ Edge extends it with extra user data retrieved from Identity Provider. The extra data can be transformed by the Sidecar into a form suitable for consumption by its microservice.
Below diagram presents access token enrichment process: