0
Fork 0
mirror of https://github.com/logto-io/logto.git synced 2024-12-16 20:26:19 -05:00
logto/.changeset/spicy-cameras-sleep.md

17 lines
565 B
Markdown
Raw Normal View History

---
"@logto/console": minor
"@logto/core": minor
---
add access deny method to the custom token claims script
Introduce a new `api` parameter to the custom token claims script. This parameter is used to provide more access control context over the token exchange process.
Use `api.denyAccess()` to reject the token exchange request. Use this method to implement your own access control logics.
```javascript
const getCustomJwtClaims: async ({ api }) => {
// Reject the token request, with a custom error message
return api.denyAccess('Access denied');
}
```