-
-
Notifications
You must be signed in to change notification settings - Fork 1.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Custom claims in access token jwt #1974
Comments
Yeah this should be possible. We obviously would not want to override any claims which are set by Hydra though. Fixing this would mean quite a big breaking change so we would need to think about how to make this backwards compatible. |
I think keeping the existing behaviour would be best (defaults to be being added to e.g.
|
We could probably also just mirror the keys for a transition period:
|
Would you be open to contribute this change @petertriho? |
I'm happy to try if you let me know where I should be looking to make the changes. I've never programmed in Go before so I may need some time. |
Hey @petertriho, I am sure you are quite busy, are you still up for contributing on this? |
Hi @vinckr, |
I was able to achieve the desired behaviour by making the following change. A bit lazy as it doesn't validate much but got the job done. from: |
Thank you for hydra in general and that change specifically! Being in the middle of the migration from a legacy authentication manager towards hydra and being required to remain compatible to various client integrations, the chance to include private/custom claims at the top level eases my life a lot. Is there a due date when this change will be included in a tagged release? |
Is your feature request related to a problem? Please describe.
At the moment trying to add custom claims at the root of the access token but it ends up being under "ext" e.g.
gives
I would like
E.g. in hasura the format for an access token jwt should be
Describe the solution you'd like
Would like the possibility of adding custom claims to the access token jwt.
Describe alternatives you've considered
Current behaviour is ok, I can configure the claims_namespace_path to be
$.ext.hasura
or seems like I should consider using webhooks insteadThe text was updated successfully, but these errors were encountered: