You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
authenticate.example.com is the pomerium-authenticate service, we'll open that in the browser to authenticate, it will be set as iss on the jwt
Programmatic access article mentions JWT claims which is confusing, as end users are not supposed to try and inspect the contents of the token received via programmatic access callbacks.
What's the resolution?
tell users the token received via programmatic access callback is an opaque value (even though its called pomerium_jwt) and they should not try to inspect and/or rely on its values.
reference the User Identity page from that page as a recommended method to inspect user identity.
Page: https://www.pomerium.com/docs/capabilities/programmatic-access#callback-handler
What's incorrect or missing
Programmatic access article mentions JWT claims which is confusing, as end users are not supposed to try and inspect the contents of the token received via programmatic access callbacks.
What's the resolution?
pomerium_jwt
) and they should not try to inspect and/or rely on its values.Based on this conversation: https://pomerium-com.slack.com/archives/C01GU5Z1YA1/p1686066555152789
The text was updated successfully, but these errors were encountered: