logto icon indicating copy to clipboard operation
logto copied to clipboard
verified publisher icon logto-io

feature request: Augment `IdTokenClaims` in LogToClient configuration in order to include custom data

Open MatteoGauthier opened this issue 1 year ago • 6 comments

What problem did you meet?

I'd like to be able to extend the JWT IdTokenClaims data to include data such as identifiers, etc...

Describe what you'd like Logto to have

With the server side SDK, I think it would be interesting to be able to add properties to the JWT when instantiating the LogToClient class (with @logto/next for example).

  const logtoClient = new LogtoClient({
    appId: env.LOGTO_CLIENT_ID,
    appSecret: env.LOGTO_CLIENT_SECRET,
    endpoint: env.LOGTO_ENDPOINT,
    baseUrl,
    // @todo change
    cookieSecret: env.NEXTAUTH_SECRET,
    cookieSecure: process.env.NODE_ENV === "production",
    scopes: ["openid", "profile", "email"],
	// Will be added to the IdTokenClaims and accesible through .getIdTokenClaims()
	customTokenData: {
		purchasedCourses: ['id1', 'id2]
	}
  })

Voilà ! have a nice day

MatteoGauthier avatar Feb 13 '24 09:02 MatteoGauthier

The team is working on the feature of customize JWT, @darcyYe could you please add some updates when the feature is ready?

wangsijie avatar Feb 19 '24 03:02 wangsijie

Hi @MatteoGauthier , we are working on custom JWT these days. Unfortunately, we will only support access token customization in the release. You can check whether a custom access token can meet your requirements once the feature is released. From your description, it seems that user-level data (purchased courses, in this case) should not be configured globally. Additionally, based on our perspective, this data is intended for API authorization, making it more suitable to be included in the access token.

darcyYe avatar Feb 19 '24 06:02 darcyYe

This issue is stale because it has been open for 30 days with no activity. Remove stale label or comment or this will be closed in 5 days.

github-actions[bot] avatar Mar 05 '24 01:03 github-actions[bot]

This issue is stale because it has been open for 30 days with no activity. Remove stale label or comment or this will be closed in 5 days.

github-actions[bot] avatar Mar 21 '24 01:03 github-actions[bot]

Custom JWT feature will be available to Logto Cloud in following weeks, will post update here.

darcyYe avatar Mar 28 '24 02:03 darcyYe

This issue is stale because it has been open for 30 days with no activity. Remove stale label or comment or this will be closed in 5 days.

github-actions[bot] avatar Apr 12 '24 01:04 github-actions[bot]

Custom JWT is available in OSS v1.15 and on Logto Cloud.

darcyYe avatar Jun 12 '24 06:06 darcyYe