Get org_id in Backend Call

Hey there,

I have a SPA with a Go Backend. In the backend I need to know die user id and the org id. It is a pure b2b setting (no personal accounts alongside org accounts)

I am using GitHub - auth0/go-jwt-middleware: A Middleware for Go Programming Language to check for JWTs on HTTP requests to get the claims.
Based on the claims I get the sub for the user id. So far so good. And because of the claims I know that this request is valid.

But how to get the org id? I know that the org id is in the JWT. But I am not sure, if I want to decode the JWT on my own. Is it secure when I do it after I the claims were verified through the middleware validator?

I have read quite some resources and I am on it for days, but maybe I am missing an important concept here?

Hey @klausbreyer!

It’s common practice to decode/inspect claims from a protected backend - There’s actually a fairly straightforward example of this here.

You will just want to update the customClaimsExample struct (and subsequent methods) to use Org_id:

type CustomClaimsExample struct {
	OrgId       string `json:"org_id"`
	ShouldReject bool   `json:"shouldReject,omitempty"`
1 Like

Thank you so much - this was the missing piece!

1 Like

Awesome, happy to help!

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.