Does the CLAIMS-KEY have to be a url?

amaster507 · June 30, 2020, 6:57pm

From the docs: https://graphql.dgraph.io/authorization/

# Dgraph.Authorization HEADER CLAIMS-KEY ALGORITHM KEY

CLAIMS-KEY is the key inside the JWT that contains the claims relevant to Dgraph auth

# Dgraph.Authorization X-My-App-Auth https://my.app.io/jwt/claims HS256 "secretkey"

…expect[s] the JWT to contain custom claims object "https://my.app.io/jwt/claims": { ... } with the claims used in authorization rules.

The example given uses a URL (to a non-existent domain) for the CLAIMS-KEY.

Is there any reason why I should use a URL instead of my own custom variable name such as data or variables? Is there an alternative purpose of using a URL here? If I use my own domain name what if anything should be the endpoint of that URL?

pawan · July 2, 2020, 1:06pm

Hi @amaster507

The custom claims key can be anything. It doesn’t have to be a URL. We don’t check that it is a valid URL. It is usually used to have some distinction between claims belonging to different endpoints. Whatever is specified in the schema would be used to extract the variables.

Topic		Replies	Views
GraphQL authorization using standard claims GraphQL kind:enhancement , status:accepted , ticket:created	14	2159	April 22, 2021
Using JWT claim data outside of an auth rule? GraphQL kind:question	2	660	June 4, 2021
Using Auth0 - Graphql Documentation	5	852	February 23, 2021
Is it possible to read the rest of the data inside JWT GraphQL kind:question	3	821	April 22, 2021
Help with Auth rule for graphql GraphQL kind:question	1	325	March 11, 2021

Does the CLAIMS-KEY have to be a url?

Related topics