mirror of
https://github.com/zitadel/zitadel.git
synced 2025-06-18 01:48:32 +00:00
20e4f1ce57
* deprecated `ctx.v1.userinfo`-field in "pre userinfo creation" trigger in favour of `ctx.v1.claims`. The trigger now behaves the same as "pre access token creation" * added `ctx.v1.claims` to "complement tokens" flow * added `ctx.v1.grants` to "complement tokens" flow * document `ctx.v1.getUser()` in "complement tokens" flow * feat(actions): add getUser() and grant * map user grants * map claims * feat(actions): claims in complement token ctx * docs(actions): add new fields of complement token * docs(actions): additions to complement token * docs(actions): correct field names
60 lines
2.2 KiB
Markdown
60 lines
2.2 KiB
Markdown
---
|
|
title: Complement Token Flow
|
|
---
|
|
|
|
This flow is executed during the creation of tokens and token introspection.
|
|
|
|
## Pre Userinfo creation
|
|
|
|
This trigger is called before userinfo are set in the token or response.
|
|
|
|
### Parameters of Pre Userinfo creation
|
|
|
|
- `ctx`
|
|
The first parameter contains the following fields:
|
|
- `v1`
|
|
- `claims` [*Claims*](./objects#claims)
|
|
- `getUser()` [*User*](./objects#user)
|
|
- `user`
|
|
- `getMetadata()` [*metadataResult*](./objects#metadata-result)
|
|
- `grants` [*UserGrantList*](./objects#user-grant-list)
|
|
- `api`
|
|
The second parameter contains the following fields:
|
|
- `v1`
|
|
- `userinfo`
|
|
This function is deprecated, please use `api.v1.claims`
|
|
- `setClaim(string, Any)`
|
|
Sets any value if the key is not already present. If it's already present there is a message added to `urn:zitadel:iam:action:${action.name}:log`
|
|
- `claims`
|
|
- `setClaim(string, Any)`
|
|
Sets any value if the key is not already present. If it's already present there is a message added to `urn:zitadel:iam:action:${action.name}:log`
|
|
- `user`
|
|
- `setMetadata(string, Any)`
|
|
Key of the metadata and any value
|
|
|
|
## Pre access token creation
|
|
|
|
This trigger is called before the claims are set in the access token and the token type is `jwt`.
|
|
|
|
### Parameters of Pre access token creation
|
|
|
|
- `ctx`
|
|
The first parameter contains the following fields:
|
|
- `v1`
|
|
- `claims` [*Claims*](./objects#claims)
|
|
- `getUser()` [*User*](./objects#user)
|
|
- `user`
|
|
- `getMetadata()` [*metadataResult*](./objects#metadata-result)
|
|
- `grants` [*UserGrantList*](./objects#user-grant-list)
|
|
- `api`
|
|
The second parameter contains the following fields:
|
|
- `v1`
|
|
- `claims`
|
|
- `setClaim(string, Any)`
|
|
Sets any value if the key is not already present. If it's already present there is a message added to `urn:zitadel:iam:action:${action.name}:log`
|
|
- `appendLogIntoClaims(string)`
|
|
Appends the entry into the claim `urn:zitadel:action:{action.name}:log` the value of the claim is an Array of *string*
|
|
- `user`
|
|
- `setMetadata(string, Any)`
|
|
Key of the metadata and any value
|