I think the server side JWT strategy should try and set up your default payload being the <entity>Id. Currently it does nothing and it's easy to forget to add your own hook to set up the JWT payload. It's also something that you didn't have to do with the previous auth version.
Without the hook your JWT payload is empty, which, when decoded doesn’t populate the entity (because there is no id), which may causes event filters and hooks to not fire, and so on….
It doesn’t error but definitely makes you scratch your head when things don't act as you would expect. So I think it will be super confusing for people.
You would still be able to register your own hooks to modify the payload to your liking but it would default to adding just the entity id.
I think the server side JWT strategy should try and set up your default payload being the
<entity>Id. Currently it does nothing and it's easy to forget to add your own hook to set up the JWT payload. It's also something that you didn't have to do with the previous auth version.Without the hook your JWT payload is empty, which, when decoded doesn’t populate the entity (because there is no id), which may causes event filters and hooks to not fire, and so on….
It doesn’t error but definitely makes you scratch your head when things don't act as you would expect. So I think it will be super confusing for people.
You would still be able to register your own hooks to modify the payload to your liking but it would default to adding just the entity id.