Exchange a valid social JWT for an IBM Security Verify access token.

This API allows IBM Security Verify access token to be generated by sending an access token from a social identity provider. The token must be included in a JWT containing the following claims.
If the access token is not available, a "userinfo" claim may be passed in instead of a token. The signed JWT is proof of valid login. The claims should be similar to the id_token claims.

NameDescriptionOptionalValid Values
platSocial network platform that issed the tokenfalsewechat
subPrincipal subject identifier at the social networkfalseuser unique identifier on the social platform
tokenThe access token issued by the platformfalsevalid access token issued by the social platform
ississuer of the JWT token used to invoke the token exchange APIfalseany uri
typType of the JWT tokenfalseurn:com:ibm:cloudidentity:social
expThe expiration time after which the JWT will not be accepted. Format is seconds since epochtrue1594123601
userinfoA JSON object that contains the user info claims. These are the claims used to search for the user and optionally create. The only required claim is the attribute configured to be the user unique identifier. If this claim is included the "token" claim is ignored.true{"plat": "plat", ..., "userinfo": { "email": "[email protected]"}}
<attribute name>A user claim that will be added to the resulting credential. The attribute name must be configured in the attribute mappings in the identity source.trueThe value to be added to the cred attribute

These are the claims expected when the previous call returned a 400 requesting a missing attribute
NameDescriptionOptionalValid Values
platSocial network platform that issed the tokenfalsewechat
state_idThe state_id returned from the previous requestfalse1231424525
eg: phone_numberShould be the name of the missing attribute returned from the previous call.
Ex: the first call returned a 400 with missingAttrName = phone_number. The Name would be phone number.
falseThe value of the missing attribute, ex: the phone number

Language
URL