adam•10mo ago

Custom claims in JWTs

I'm using Convex custom auth to connect a AWS Cognito user pool. I've successfully got it working, though I'm unable to access my custom JWT claims in Convex. I'm using custom claims for role based access. The JWT contains claims such as:

{
  "sub": "some-value",
  "cognito:groups": [
    "admin"
  ],
  ...
}

{
  "sub": "some-value",
  "cognito:groups": [
    "admin"
  ],
  ...
}

I found in the docs it states "Note that Convex currently only supports passing through a list of fields which are part of the OpenId standard." My question is, will there be support for custom claims in the future and is there any workaround in the mean time? I would expect having such an ability would open up Convex support for many enterprise companies that are heavily invested in the AWS ecosystem.

3 Replies

Michal Srb•10mo ago

We don't have a timeline for enabling this yet. For now we suggest cramming the information into one of the existing fields. You can even serialize bunch of data into a JSON string and put it on one of the OpenID fields.

adamOP•10mo ago

Ok, thanks Michal

Michal Srb•7mo ago

Custom claims are now supported with convex@1.14.0

Custom claims in JWTs

Did you find this page helpful?