Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

JWT returned by Sessions.CreateSessionTokenAsync lacks azp claim #19

Open
jfoshee opened this issue Jan 29, 2025 · 0 comments
Open

JWT returned by Sessions.CreateSessionTokenAsync lacks azp claim #19

jfoshee opened this issue Jan 29, 2025 · 0 comments

Comments

@jfoshee
Copy link

jfoshee commented Jan 29, 2025

When creating a Session Token using Sessions.CreateSessionTokenAsync, the JWT returned does not have an azp (authorized parties) claim.

This is likely because there is no Origin header associated with the request.

It's desirable for tokens to have the azp claim so that the application's backend can verify tokens in a consistent way.

Would it be possible to provide a way to specify the Origin as part of this request?
Or easily set common headers when constructing the ClerkBackendApi?

At this time, it seems I would need to implement ISpeakeasyHttpClient to accomplish this.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@jfoshee