IG 2023.6


Provides the cross-domain SSO properties for the CDSSO token, the user ID of the session, and the full claims set. When the CrossDomainSingleSignOnFilter processes a request, it injects the information in this context.


The context is named cdsso, and is accessible at ${contexts.cdsso}. The context has the following properties:

"claimsSet": org.forgerock.json.jose.jwt.JwtClaimsSet

Full JwtClaimsSet for the identity of the authenticated user. Cannot be null.

Access claims as follows:

  • Claims with a getter by using the property name. For example, access getSubject with contexts.cdsso.claimsSet.subject.

  • All other claims by using the getClaim method. For example, access subname with contexts.cdsso.claimsSet.getClaim('subname').

"cookieInfo": org.forgerock.openig.http.CookieBuilder

Configuration data for the CDSSO authentication cookie, with the following attributes:

  • name: Cookie name (string)

  • domain: (Optional) Cookie domain (string)

  • path: Cookie path (string)

No attribute can be null.

"redirectEndpoint": java.lang.String

Redirect endpoint URI configured for communication with AM. Cannot be null.

"sessionUid": java.lang.String

Universal session ID. Cannot be null.

"token": java.lang.String

Value of the CDSSO token. Cannot be null.

Copyright © 2010-2023 ForgeRock, all rights reserved.