How can I set or get userDataInJWT/userDataInDatabase for a user session?

[matthiastz]

Hi 👋, when visiting the CDI API doc. I saw getSessionInfo, and I am interested

1. if one of those fields (userDataInJWT/userDataInDatabase) could be expanded with user data (e.g. the email, and more?)
2. also it is unclear to me, what exact Schema these 2 properties follow, the docs just say "should be a JSON object (not a JSON literal nor an array) example: {"test":123}". So, what is {"test":123}? Is this some custom data that somehow as applied to the user that is connected to the sessionHandle? Applying such data is done via createNewSession, right?

Point 1. is especially important to me, since in my authn architecture I would like to minimize roundtrips (API calls) between the CDI and other services, so if there would be a way to GET a sessionInfo & userInfo (email, etc.) in one API call, that would be awesome. Is this somehow possible?

Ty.

[rishabhpoddar]

userDataInJWT is a JSON that's stored in the access token, whereas userDataInDatabase is a JSON stored in the database.

So, what is {"test":123}? Is this some custom data that somehow as applied to the user that is connected to the sessionHandle?

It's a JSON that can contain any key value, as defined by you. This will be associated with that specific session.

Applying such data is done via createNewSession, right?

Yes. You can also use session.mergeIntoAccessTokenPayload (this will modify the userDataInJWT), or session.updateSessionData (this will modify the userDataInDatabase)

The most efficient way to store info from a retrieval point of view would be to store it in the accessTokenPayload (userDataInJWT) since fetching this info can be done via the access token itself and doesn't require any network calls.

Since this isn't a bug, i'm closing this issue.