OneLogin OIDC Token Issued with Incorrect Issuer (iss) for Specific User #20
Description
Hello team,
We are encountering an issue with our Android app that uses the OneLogin OIDC SDK (com.onelogin:onelogin-oidc-android-sdk:1.0.0) to authenticate users via OpenID Connect.
Expected Behavior:
All users should receive an access_token containing the correct issuer (iss) as configured in our OIDC app.
Problem:
One specific user receives an access_token that contains a different or outdated iss (e.g., different_domain_name), despite the app being correctly configured to use same_domain_name/oidc/2.
This causes the getUserInfo() call to fail with the following error:
Error: {"detailMessage":"invalid token provided", ...}
Other users receive the correct issuer and have no issues.
I checked token iss in jwt.io.