robotdan
commented
3 years ago FusionAuth: We may be able to satisfy this with AJAX support in lambdas via issue #267.
Closed trevorr closed 4 months ago
robotdan
commented
3 years ago FusionAuth: We may be able to satisfy this with AJAX support in lambdas via issue #267.
andrewpai
commented
4 months ago Closing, as this was resolved with completion of
Add ability for application to request an augmented JWT
Problem
I would like to put dynamic, application-specific data (such as user permissions) into a FA JWT (so my application does not need to look up permissions on every request).
Solution
The JWT Issue endpoint (or one like it) could allow an application to obtain a new JWT with additional claims based on the original JWT and an API key (for authenticating the app). The application would then replace the user's JWT with the new one.
Alternatives/workarounds
The JWT Populate lambda (https://fusionauth.io/docs/v1/tech/lambdas/jwt-populate) can add to the JWT, but it only has access to information already stored in FA. Specifically, it cannot do anything asynchronous (unless #267 is implemented), like request the current user permissions from my application. I could attempt to push any data I need into
registration.dataany time it changes, so that JWT Populate can access it, but I worry that could get out of sync in the face of intermittent failures. Even if #267 is implemented, this approach seems simpler, requires less configuration, and offers more flexibility.Related issues
267
How to vote
Please give us a thumbs up or thumbs down as a reaction to help us prioritize this feature. Feel free to comment if you have a particular need or comment on how this feature should work.