mirror of
https://github.com/logto-io/logto.git
synced 2024-12-16 20:26:19 -05:00
b837efead6
* feat(console,core): remove custom jwt api context dev guard remove custom jwt api context dev guard * fix(console,schemas,phrases): fix custom jwt token request phrases fix custom jwt token request phrases * chore: return denyAccess return denyAccess
16 lines
565 B
Markdown
16 lines
565 B
Markdown
---
|
|
"@logto/console": minor
|
|
"@logto/core": minor
|
|
---
|
|
|
|
add access deny method to the custom token claims script
|
|
|
|
Introduce a new `api` parameter to the custom token claims script. This parameter is used to provide more access control context over the token exchange process.
|
|
Use `api.denyAccess()` to reject the token exchange request. Use this method to implement your own access control logics.
|
|
|
|
```javascript
|
|
const getCustomJwtClaims: async ({ api }) => {
|
|
// Reject the token request, with a custom error message
|
|
return api.denyAccess('Access denied');
|
|
}
|
|
```
|