Assertion built and signed — no Auth0 call made.
| ERP user | erp_user_2 |
|---|---|
| Vessel user | vessel_user_a |
| vessel_user_id | auth0|69DCF6A2978FFFF6332F75F0 |
| erp_session | erp-sess-305d0aac-d296-41ec-b2af-e1d28a0ce205 |
{
"iss": "https://erp-dev.vesselman.com",
"aud": "urn:vesselman:token-exchange",
"iat": 1781262182,
"exp": 1781262242,
"jti": "ff1f96d5-e93b-4c72-8ee9-5206f4b2fcb2",
"vessel_user_id": "auth0|69DCF6A2978FFFF6332F75F0",
"erp_user": "erp_user_2",
"erp_session": "erp-sess-305d0aac-d296-41ec-b2af-e1d28a0ce205"
}
eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6Ik05cTh6a3FjR19tZW1WMTduczFIU3lyRlVlbndIWFh5emdKaFlOVW56VjQifQ.eyJpc3MiOiJodHRwczovL2VycC1kZXYudmVzc2VsbWFuLmNvbSIsImF1ZCI6InVybjp2ZXNzZWxtYW46dG9rZW4tZXhjaGFuZ2UiLCJpYXQiOjE3ODEyNjIxODIsImV4cCI6MTc4MTI2MjI0MiwianRpIjoiZmYxZjk2ZDUtZTkzYi00YzcyLThlZTktNTIwNmY0YjJmY2IyIiwidmVzc2VsX3VzZXJfaWQiOiJhdXRoMHw2OURDRjZBMjk3OEZGRkY2MzMyRjc1RjAiLCJlcnBfdXNlciI6ImVycF91c2VyXzIiLCJlcnBfc2Vzc2lvbiI6ImVycC1zZXNzLTMwNWQwYWFjLWQyOTYtNDFlYy1iMmFmLWUxZDI4YTBjZTIwNSJ9.WBQHTPyOs5gF4Gau3wxtweg1LZQI-kKQFzk_i-gmVY0ZVezUeFo-nof2XRCyPORjVWNVUSM6X81HXIpP2SuWqJIeYIFff3uSHuRZBFcd4hRkkSUHjZddai6xXdTtjBFuaIvQMzVqRvGPKoeDkpGu_pd90hV5ekI44YAfPEwX6erFpogaPzSmiDFC3zEEArBJQT6OuQiuCLPViajQ7euwR9Y6prFS3ldeywR7P9lIxkatOWHxbW_KnZZcKMHPSzQAoRyF707bVYNuAN9wOqd09Vu44pGuMUBJgBiKOq59_t0dkQyWljo6kT143t1EqddmHG6jkvvSJxa_oKNFodk_oQ
curl -X POST https://marcura-dev.eu.auth0.com/oauth/token \ -d grant_type=urn:ietf:params:oauth:grant-type:token-exchange \ -d subject_token_type=urn:vesselman:erp-assertion \ -d "subject_token=<assertion above>" \ -d client_id=Z5qO6B52BWN1UZ8DIZFvEIBaemoacD1Y \ -d client_assertion_type=urn:ietf:params:oauth:client-assertion-type:jwt-bearer \ -d "client_assertion=<private_key_jwt signed by the BFF key>" \ -d "scope=openid profile email"