I have integrated node oidc-provider library into my node application to create an IDP server. I have the following configuration:

{
    oidc: {
      clients: [
        {
          client_id: '',
          client_secret: '',
          grant_types: ['implicit', 'authorization_code', 'refresh_token'],
          redirect_uris: [''],
          response_types: ['code', 'id_token'],
          id_token_signed_response_alg: 'RS256',
          token_endpoint_auth_method: 'client_secret_basic',
        },
      ],
      findAccount: (ctx, id) => {
        return Account.findAccount(ctx, id, app);
      },
      conformIdTokenClaims: false,
      acrValues: ['auth_my_idp'],
      claims: {
        openid: ['sub', 'username'],
        email: ['email', 'email_verified'],
        profile: ['family_name', 'given_name']
      },
      clientDefaults: {
        grant_types: ['authorization_code', 'refresh_token'],
        id_token_signed_response_alg: 'RS256',
        response_types: ['code', 'id_token'],
        token_endpoint_auth_method: 'client_secret_basic',
      },
      interactions: {
        url(ctx, interaction) {
          return `/token/${interaction.uid}`;
        },
        proxy: false,
        forceHTTPS: true,
      },
      pkce: {
        required: () => false,
      },
      features: {
        devInteractions: { enabled: false },
        claimsParameter: {
          enabled: true,
        },
      },
      adapter: getRedisAdapter(triconf),
      // setting very short time on sessions
      ttl: {
        AccessToken: function AccessTokenTTL() {
          return 300; 
        },
        AuthorizationCode: 300 
        BackchannelAuthenticationRequest: function BackchannelAuthenticationRequestTTL() {
          return 300; 
        },
        ClientCredentials: function ClientCredentialsTTL() {
          return 300; 
        },
        DeviceCode: 300,
        Grant: 300,
        IdToken: 300,
        Interaction: 300,
        RefreshToken: function RefreshTokenTTL() {
          return 300;
        },
        Session: 300,
      },
    },
  };

The findAccount function looks like:

static async findAccount(ctx, id, app) {
    let response;
    await app.sql.Person.findOne({
      where: { id: id, deleted_at: null },
    }).then(person => {
      response = {
        accountId: id,
        async claims(use, scope) {
          return {
            sub: person?.email,
            email: person?.email,
          };
        },
      };
    });
    if (!response) {
      return undefined;
    }
    return response;
  }

I am making the request to authorize call to get the authorization code first:

http://localhost:3000/oidc/auth?client_id=oidc_client_id&redirect_uri=http://localhost:8080&state=<state value>&response_type=code&scope=openid%20offline_access%20profile%20email&acr_values=auth_my_idp&nonce=<nonce>&prompt=consent

This returns a code successfully to the redirect uri provided http://localhost:8080. Then I am using postman to make another call to http://localhost:3000/oidc/token endpoint to get the id_token which is successfully returning the tokens with following responses:

{
    "access_token": "an access token",
    "expires_in": 300,
    "id_token": "an id token",
    "scope": "openid offline_access profile email",
    "token_type": "Bearer"
}

When I decode the id_token, I could not find the acr claims there.

I tried returning acr as a claims explicitly from the findAccount claims function but it did not help.

async claims(use, scope) {
          return {
            sub: person?.email,
            email: person?.email,
            acr: 'auth_my_idp'
          };
        },

Which configuration should I add for oidc-provider to include the acr as a claim in id_token?