Enduser Attributes

This document defines attributes for operations with an authenticated and/or authorized enduser.

enduser.idstringUsername or client_id extracted from the access token or Authorization header in the inbound request from outside the system.usernameExperimental
enduser.rolestringActual/assumed role the client is making the request under extracted from token or application security context.adminExperimental
enduser.scopestringScopes or granted authorities the client currently possesses extracted from token or application security context. The value would come from the scope associated with an OAuth 2.0 Access Token or an attribute value in a SAML 2.0 Assertion.read:message, write:filesExperimental