Hi, this is my use case:
I would like to include the channel_id in the JWT (and change its value as many times a user enter/leave a channel).
Thanks in advance.
Hi there @fernandom welcome to the community!
You won’t be able to modify and re-sign tokens, but you could request new tokens with the new claim - To do this you may want to look into triggering silent authentication as a means to request new tokens for a user that has an existing session. Silent auth will run any Actions you have configured to add the additional/new claim. The only pitfall I see here is rate limiting which could happen rather quickly if many users are switching channels frequently.
You could use a backend to interact with the Management API and update user or app metadata with a channel_id and add that as a custom claim using an Action. Basically you would update the metadata for a user with the new channel_id when necessary, and then trigger silent auth - The new metatadata will be pulled into the resulting tokens as a custom claim.
For example, the node management client provides an updateUserMetadata and updateAppMetadata function - An action to add metadata to tokens might look like:
exports.onExecutePostLogin = async (event, api) => {
const namespace = 'https://my-app.example.com';
if (event.authorization) {
api.idToken.setCustomClaim(`${namespace}/user_metadata`, event.user.user_metadata);
api.idToken.setCustomClaim(`${namespace}/app_metadata`, event.client.metadata);
}
};
Hope this helps at least give you an idea of what’s possible!
Thank you very much for clarifying and such a detailed answer.
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.