Sign up for Hasura Newsletter

Setup Hasura JWT Parsing

Usually with Firebase Auth and Hasura we can use the standard JWK url as described here.

However, with Firebase Session cookies they need a different format which we'll have to add manually. Hopefully in the future this can improve.

  1. In login.tsx add console.log(cookie) after const cookie = await admin.auth().createSessionCookie(idToken, { expiresIn }); and go through the login process to get the cookie JWT token

  2. Open and paste your JWT in.

  3. In the decoded headers section, note the kid: property. Take the value of that, open, and find the public certificate that matches.

  4. We now build our Hasura JWT secret config

{"type":"RS256", "key": "<Firebase public cert from previous step>", "audience": "<firebase project id>", "issuer": "<firebase project id>", "claims_map": {"x-hasura-allowed-roles": ["user"], "x-hasura-default-role": "user", "x-hasura-user-id": {"path":"$.sub"} }}

By default, we assign a logged-in user the role of user using the claims map feature.

Save this config for an upcoming step.

Did you find this page helpful?
Start with GraphQL on Hasura for Free
  • ArrowBuild apps and APIs 10x faster
  • ArrowBuilt-in authorization and caching
  • Arrow8x more performant than hand-rolled APIs
footer illustration
Brand logo
© 2024 Hasura Inc. All rights reserved