BrennanPaciorek
commented
1 month ago I have made more substantial changes since this was approved. @AlanCoding Can you review the changes in this commit in particular?
That commit makes some changes to make sure that we don't add any roles via JWT auth which cannot be removed via JWT auth. It should be the last change to the application code I make before merging this.
sonarcloud[bot]
Every time a user authenticates with JWT, all user role assignments unlisted in the decrypted JWT are removed from the database.
AAP-25531