diff --git a/ehealthid-rp/src/main/java/com/oviva/ehealthid/relyingparty/svc/TokenIssuerImpl.java b/ehealthid-rp/src/main/java/com/oviva/ehealthid/relyingparty/svc/TokenIssuerImpl.java index e390403..17cd358 100644 --- a/ehealthid-rp/src/main/java/com/oviva/ehealthid/relyingparty/svc/TokenIssuerImpl.java +++ b/ehealthid-rp/src/main/java/com/oviva/ehealthid/relyingparty/svc/TokenIssuerImpl.java @@ -96,7 +96,10 @@ private String issueIdToken(String audience, String nonce, IdTokenJWS federatedI new JWTClaimsSet.Builder() .issuer(issuer.toString()) .audience(audience) - .subject(federatedIdToken.body().sub()) // propagate original `sub` + .subject( + federatedIdToken.body().sub() + + "-" + + federatedIdToken.body().iss()) // in accordance with requirement A_23035 .issueTime(Date.from(now)) .expirationTime(Date.from(now.plus(Duration.ofHours(8))));