Intended UAA-specific user identity fields in JWT access token ?
I wonder the rationale for apparenty uaa-specific  user-related fields
in the access token (username, email ) while they are now returned in a
standard maneer in the openidconnect id token.
Is it something that would change in the future ( seemed similar
decoupling) ? Or is it a standard practice that avoids clients to request
the idtoken to get access to basic user identity ?
Thanks in advance,
ps: please let me know if such questions are better suited for a GH issue
on the UAA repo.
Some of these fields are described in the JSON web tokens specification.However, the vendor may add additional fields, or attributes, to the token