๐Ÿ‘‹The Enterprise GraphQL Conf is back! Explore the concept of a GraphQL powered Data Mesh
>
๐Ÿ‘‹GraphQL & the Data Mesh at Enterprise GraphQL Confโ€™21
>
logo
learn / graphql / hasura

Rules for Custom JWT Claims

Github logo Edit on GitHub

Custom claims inside the JWT are used to tell Hasura about the role of the caller, so that Hasura may enforce the necessary authorization rules to decide what the caller can and cannot do. In the Auth0 dashboard, navigate to Rules.

Click on the + Create Rule button. In the next screen, select the Empty rule template.

Name the rule as hasura-jwt-claims.

Add the following script to the rule.

function (user, context, callback) {
  const namespace = "https://hasura.io/jwt/claims";
  context.accessToken[namespace] =
    {
      'x-hasura-default-role': 'user',
      // do some custom logic to decide allowed roles
      'x-hasura-allowed-roles': ['user'],
      'x-hasura-user-id': user.user_id
    };
  callback(null, user, context);
}

Custom JWT Claims Rule

Close

Get Started with GraphQL Now

Hasura Cloud gives you a fully managed, production ready GraphQL API as a service to help you build modern apps faster.
Previous
Create Auth0 App
Next
Connect Hasura with Auth0
Ready to get started?
Start for free on Hasura Cloud or you could contact our sales team for a detailed walk-through on how Hasura may benefit your business.
Stay in the know
Sign up for full access to our community highlights, new features, and occasional baby animal gifs! Oh, and we have a strict no-spam rule. โœŒ๏ธ