Not sure what you mean by integrity. The
Not sure what you mean by integrity. The convex server uses the token provided for authentication. The token comes from the clerk API. For SSR, you need to provide the token server-side since there isn't an authenticated ConvexProvider wrapping everything. When you provide the token server-side, it fetches the authenticated results. On the client-side, it has an authenticated provider and the requests from there use that. In both cases, the token is the same and Convex handles the token validation and parsing.
Let's make a support thread to continue talking about how auth works in Convex?
1 Reply
Thanks, I created a support thread: 1234975458987217028
https://discord.com/channels/1019350475847499849/1234975458987217028
I see, that clears up my understanding. When I said "integrity" I was talking about an attacker sending a different token.
Earlier, I was trying to make two different query functions on the client side, one to get the userIdentity.identityToken, and another to select from users. But, I learned that this is a security vulnerability.
So, this sentence cleared up my understanding: For SSR, you need to provide the token server-side since there isn't an authenticated ConvexProvider wrapping everything.