-
Notifications
You must be signed in to change notification settings - Fork 12
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
JWT Populate Lambda - Power User Mode #387
Comments
Hello, |
yay, this would help me a LOT. |
I really need this! |
Available in 1.14.0, no configuration necessary, the lambda will now allow you to modify or remove claims with the exception fo |
Is there documentation about this? |
@SebastianCanonaco there will be, haven't updated it yet. But you are correct, to remove a claim in the JWT set it to null in your lambda. |
JWT Populate Lambda - Power User Mode
Problem
The JWT Populate lambda is great, but some claims are reserved and cannot be modified.
Reserved claims are as follows:
applicationId
aud
authenticationType
email
email_verified"
exp
iat
iss
preferred_username
roles
sub
If I want to put something else in the JWT in the
aud
claim I cannot and I get sad. :-(Solution
I would like to enable a power user mode on this lambda to assume all risk to let me do whatever I want!
Reserved claims:
exp
iat
sub
It should be noted that once you remove
applicationId
,roles
oraud
FusionAuth may no longer be able to utilize the token. It will depend upon the workflow, but if you are only intending to use this token with an external service you can do whatever you want.Alternatives/workarounds
You can modify or add new claims, or namespace claims in another object.
Additional context
Uh... reasons?
Related
#409
How to vote
Please give us a thumbs up or thumbs down as a reaction to help us prioritize this feature. Feel free to comment if you have a particular need or comment on how this feature should work.
The text was updated successfully, but these errors were encountered: