Wondering if there is a way to get the Id Token just by passing user Id (instead of the session token) in the Authorisation Grant Flow
I understand the whole point of auth grant flow is to first authenticate and then use that token to invoke the /authorize and get any tokens (ID Token etc…)
However, am evaluating a niche use case and just wondering if we can get the ID Token without the SSO Token and just by the user Id ?
As you mentioned, by default the client must authenticate to use the /oauth2/idtokeninfo endpoint.
However, this can be disabled in the OAuth 2.0 provider configuration. In the AM admin UI, go to Realms > Realm Name > Services > OAuth2 Provider > Advanced OpenID Connect and disable Idtokeninfo Endpoint Requires Client Authentication.