How To read all claims from user #9947
-
What is the improvement or update you wish to see?Explanation around getting the User Claims from the session. Is there any context that might help us understand?I am currently working with Zitadel. While reading the https://authjs.dev/reference/nextjs docs multiple times, I couldn't find how to read the Zitadel Claims. I did the following: import NextAuth, { NextAuthConfig } from 'next-auth';
import Zitadel from 'next-auth/providers/zitadel';
const zitadelScopes = [
'openid',
'email',
'profile',
'address',
'urn:zitadel:iam:org:project:id:zitadel:aud',
'urn:zitadel:iam:user:resourceowner:org',
'urn:zitadel:iam:org:projects:roles',
'urn:zitadel:iam:user:metadata',
'urn:zitadel:iam:org:id:000000000000000',
].join(' ');
const config = {
session: { strategy: 'jwt' },
providers: [
Zitadel({
authorization: {
params: {
scope: zitadelScopes,
},
},
userinfo: {
params: {
scope: zitadelScopes,
},
},
profile(profile) {
console.log('profile', profile);
return {
...profile, // NOTICE HERE
id: profile.sub,
name: profile.name,
email: profile.email,
image: profile.picture,
};
},
}),
],
} satisfies NextAuthConfig;
export const { handlers, auth, signIn, signOut } = NextAuth(config);Which I late use in my page import { auth, onSignIn, onSignOut } from '@/auth.ts';
import { Button } from '@monoturborepo/ui/src/components/button';
import type { Metadata } from 'next';
export const metadata = {
title: 'Home',
} satisfies Metadata;
export default async function Page() {
const session = await auth();
console.log(session);
// ...
}When printing the {
"user": {
"name": "Alchemist Ubi",
"email": "[email protected]",
"image": "...."
},
"expires": "2024-03-08T12:54:17.319Z"
}I noticed that all the other They are being printed out correctly when I log the // Zitadel Profile Claims
const profile = {
amr: [ 'password', 'pwd' ],
at_hash: '......',
aud: [
'55555555555551@marketing',
'55555555555552@marketing',
'55555555555553'
],
auth_time: 1707256178,
azp: '55555555555551@marketing',
c_hash: 'z9QdhUasdsnV3F2bhiz0smQqyA',
client_id: '.....@marketing',
email: '[email protected]',
email_verified: true,
exp: 1707354987,
family_name: 'Prieto',
gender: 'male',
given_name: 'Yordis',
iat: 1707311787,
iss: 'https://....zitadel.cloud',
locale: 'en',
name: 'Alchemist Ubi',
nickname: 'ubi',
picture: 'https://.....zitadel.cloud/assets/v1/....',
preferred_username: '[email protected]',
sub: '000000000000000',
updated_at: 1707307972,
"urn:zitadel:iam:org:id": '77777777777777',
"urn:zitadel:iam:user:resourceowner:id": '77777777777777',
"urn:zitadel:iam:user:resourceowner:name": 'My Business',
"urn:zitadel:iam:user:resourceowner:primary_domain": 'mybusiness.zitadel.cloud'
}Does the docs page already exist? Please link to it.No response |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 2 replies
-
|
hi @yordis, to pass the claims to the session, you need to use the I suppose you can do something like this: callbacks: {
jwt({ token, trigger, session, account }) {
token.foo = account.foo // or any fields you want
return token
},
session({ session, token }) {
session.foo = token.foo
return session
}
}, |
Beta Was this translation helpful? Give feedback.
-
|
@ThangHuuVu thank you so much for getting back to me! What is the intent of the |
Beta Was this translation helpful? Give feedback.
-
|
hi @yordis, first of all, the Second of all, and to answer your question - the |
Beta Was this translation helpful? Give feedback.
hi @yordis, to pass the claims to the session, you need to use the
jwtcallback andsessioncallback - see the doc here: https://authjs.dev/guides/basics/callbacks#jwt-callbackI suppose you can do something like this: