JWT payload is empty

krzysztof1 · April 10, 2022, 5:37pm

I’m trying to populate JWT payload with Hasura details using actions login flow

exports.onExecutePostLogin = async (event, api) => {
  const namespace = "https://hasura.io/jwt/claims";
  api.accessToken.setCustomClaim(namespace,
    {
      'x-hasura-default-role': 'user',
      // do some custom logic to decide allowed roles
      'x-hasura-allowed-roles': ['user'],
      'x-hasura-user-id': event.user.user_id
    });
};

I was testing using POST https://<domain>/oauth/token
id token and access token is returned however access token has empty payload
to add more details whatabyte s throwing an error Error in event handler: TypeError: Cannot convert undefined or null to object - where I guess it’s about JWT empty payload

tyf · April 12, 2022, 1:32am

Hi there @krzysztof1!

While I’m not familiar with Hasura, I’d be curious to know if the access token is actually empty or are you referring to the fact that the custom claims weren’t added?

Looking at our examples here, I’m not sure the code you’ve shared will work (it didn’t for me in testing). Typically, each custom claim is added like this:

exports.onExecutePostLogin = async (event, api) => {
   const namespace = 'https://my-app.example.com';
   api.accessToken.setCustomClaim(`${namespace}/a`, claim_a);
   api.accessToken.setCustomClaim(`${namespace}/b`, claim_b);
   api.accessToken.setCustomClaim(`${namespace}/c`, claim_c);
}

Let us know!

krzysztof1 · April 12, 2022, 4:56pm

Hi @tyf,

the issue was that I haven’t set up audience for my JWT so I was receiving JWE.
There was missing payload between JWT headers and signature (like double dots header…signature)

However I will try with setCustomClaim as I haven’t seen that.
Thank you!

tyf · April 12, 2022, 8:49pm

Awesome, thanks for the update - Always happy to help!

tyf · April 27, 2022, 8:50pm

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.