Infrastructure/logto
0
Fork 0
mirror of https://github.com/logto-io/logto.git synced 2024-12-16 20:26:19 -05:00
Code Issues Activity
logto/.changeset/spicy-cameras-sleep.md
simeng-li b837efead6
feat(console,core): remove custom token claims api context dev guard (#6553) 
* feat(console,core): remove custom jwt api context dev guard

remove custom jwt api context dev guard

* fix(console,schemas,phrases): fix custom jwt token request phrases

fix custom jwt token request phrases

* chore: return denyAccess
return denyAccess
2024-09-09 16:57:44 +08:00

565 B
Raw Blame History

@logto/console @logto/core
minor minor

add access deny method to the custom token claims script

Introduce a new api parameter to the custom token claims script. This parameter is used to provide more access control context over the token exchange process. Use api.denyAccess() to reject the token exchange request. Use this method to implement your own access control logics.

const getCustomJwtClaims: async ({ api }) => {
  // Reject the token request, with a custom error message
  return api.denyAccess('Access denied');
}