Skip to content

Custom claims in access token jwt #1974

Closed
Closed
Custom claims in access token jwt#1974
Labels
featNew feature or request.
@petertriho

Description

@petertriho
petertriho
opened on Aug 5, 2020

Is your feature request related to a problem? Please describe.

At the moment trying to add custom claims at the root of the access token but it ends up being under "ext" e.g.

hydraAdmin
  .acceptConsentRequest(challenge, {
    session: {
      access_token: {
        foo: 'bar'
      },
    },
  })

gives

{
  "ext": {
    "foo": "bar"
  }
  ...
}

I would like

{
  "foo": "bar"
  ...
}

E.g. in hasura the format for an access token jwt should be

{
  "sub": "1234567890",
  "name": "John Doe",
  "admin": true,
  "iat": 1516239022,
  "https://hasura.io/jwt/claims": {
    "x-hasura-allowed-roles": ["editor","user", "mod"],
    "x-hasura-default-role": "user",
    "x-hasura-user-id": "1234567890",
    "x-hasura-org-id": "123",
    "x-hasura-custom": "custom-value"
  }
}

Describe the solution you'd like

Would like the possibility of adding custom claims to the access token jwt.

Describe alternatives you've considered

Current behaviour is ok, I can configure the claims_namespace_path to be $.ext.hasura or seems like I should consider using webhooks instead

Metadata

Metadata

Assignees

No one assigned

    Labels

    featNew feature or request.

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions