OAuth 2 token enrichment

In token exchange use-case, we described a scenario where we exchanged secure opaque token with JWT access token containing sensitive data. MicroPerimeterâ„¢ Edge can be configured to inject extra information outside OAuth 2 domain into the access token that can be later consumed by the microservice.

In this scenario client uses JWT access token issued by OAuth 2 authorization server and MicroPerimeterâ„¢ Edge extends it with extra user data retrieved from Identity Provider. The extra data can be transformed by the Sidecar into a form suitable for consumption by its microservice.

Below diagram presents access token enrichment process: token enrichment flow