Assertion built and signed — no Auth0 call made.
| ERP user | erp_user_3 |
|---|---|
| Vessel user | vessel_user_b |
| vessel_user_id | AUTH0|6A21582266777B8516430BC2 |
| erp_session | erp-sess-f968955e-d139-4c1c-89d3-03e804a2e84c |
{
"iss": "https://erp-dev.vesselman.com",
"aud": "urn:vesselman:token-exchange",
"iat": 1781261898,
"exp": 1781261958,
"jti": "78638762-3eca-4656-a6dc-aad8777414b3",
"vessel_user_id": "AUTH0|6A21582266777B8516430BC2",
"erp_user": "erp_user_3",
"erp_session": "erp-sess-f968955e-d139-4c1c-89d3-03e804a2e84c"
}
eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6Ik05cTh6a3FjR19tZW1WMTduczFIU3lyRlVlbndIWFh5emdKaFlOVW56VjQifQ.eyJpc3MiOiJodHRwczovL2VycC1kZXYudmVzc2VsbWFuLmNvbSIsImF1ZCI6InVybjp2ZXNzZWxtYW46dG9rZW4tZXhjaGFuZ2UiLCJpYXQiOjE3ODEyNjE4OTgsImV4cCI6MTc4MTI2MTk1OCwianRpIjoiNzg2Mzg3NjItM2VjYS00NjU2LWE2ZGMtYWFkODc3NzQxNGIzIiwidmVzc2VsX3VzZXJfaWQiOiJBVVRIMHw2QTIxNTgyMjY2Nzc3Qjg1MTY0MzBCQzIiLCJlcnBfdXNlciI6ImVycF91c2VyXzMiLCJlcnBfc2Vzc2lvbiI6ImVycC1zZXNzLWY5Njg5NTVlLWQxMzktNGMxYy04OWQzLTAzZTgwNGEyZTg0YyJ9.kgSAWaLYqKmTvpcgbJSJby2qz-NvDEQPfemKcKs5Md3M9tvna5J34rl2LcrhleWpMdozGWM6k7-I--t_AhF4wKcbVyxqH2AeDXnTLyqM7SGmFBKSuwsttwuXyRyt9uxRmWch60agTmL_Oe0ruBduoZy-D0KUElQbLcIsqJc86dXPxtwiaLuJzno4l5ZHxqAr22NK11I1z6SFV0zUYHMXFJS6_GXqZkC7LjLzHhUSePCirDv9838h8GRe4i8bjFjKkbXdcWdH-CG2iApd6Ys3Z1_O4zxgXlb8HJ7mBhe3bVVGlNBi3iTzFBIlYNRkJ1yDYg93UaNemDEByrMWwyiszA
curl -X POST https://marcura-dev.eu.auth0.com/oauth/token \ -d grant_type=urn:ietf:params:oauth:grant-type:token-exchange \ -d subject_token_type=urn:vesselman:erp-assertion \ -d "subject_token=<assertion above>" \ -d client_id=Z5qO6B52BWN1UZ8DIZFvEIBaemoacD1Y \ -d client_assertion_type=urn:ietf:params:oauth:client-assertion-type:jwt-bearer \ -d "client_assertion=<private_key_jwt signed by the BFF key>" \ -d "scope=openid profile email"