Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Will the "Sub" claim in an Auth0 JWT always be unique?

Tags:

jwt

auth0

I just have a quick Auth0 question. I've looked all over, but the more I look the more confused I get.

In the payload of the JWT that Auth0 gives me when I log in there is a Sub claim that look like this "sub": "facebook|123456789".

I'm just curious if sub will always be unique and if I can use it as a sort of foreign key in my database to link users to different tables.

like image 552
Alex Avatar asked Apr 15 '17 17:04

Alex

People also ask

What is sub claim in JWT?

Generally, when we talk about a claim in the context of a JWT, we are referring to the name (or key). For example, the following JSON object contains three claims ( sub , name , admin ): { "sub": "1234567890", "name": "John Doe", "admin": true }

Is every JWT token unique?

In general, JWT is actually replacing the combination of username and password. What it means, instead of keep sending username and password for each request for a restricted resources, the server will return a unique token after verifying the the credentials is correct on the first time the user login.

How can I get sub from JWT token?

If the userID is in the "sub" claim, you can receive it in the following way using this library: Long userID = Long. parseLong(Jwts. parser() .

What are the three types of claims used in JWT?

JWT Claims The value of a claim can be any JSON object. There are three types of claims: "registered," "public," and "private." You can find the list of registered and public claims in the official IANA Registry. You can also add any other custom claim to a JWT; these are known as "private claims."

1 Answers

The sub, short for subject, in this case is the User Id for the normalised user profile representing the user in Auth0.

Here, facebook|123456789 is the connection strategy (social connection of type facebook in your example) piped with the facebook ID for the user (which came from facebook). However, bear in mind, that with facebook, when you set up a Connection, you are actually setting up connection to a particular Facebook App - (the App ID and App Secret that you configure in Auth0 for that connection strategy). Long story short, for a single connection strategy of type facebook, defined under social connections in Auth0 Dashboard - then yes, this would be unique and could be a correlating identifier to a separate datastore with enriched info about that user profile etc.

Just bear in mind, if you were to create another separate App defined in Facebook, then setup a new Auth0 facebook connection to that facebook app, and login with same user - they would almost certainly receive a different sub since the facebook userId would be different. For example, it might be facebook|987654321 etc

like image 125
arcseldon Avatar answered Sep 21 '22 15:09

arcseldon
Sign in to Comment

Related questions

Any possible way of single sign on service with django rest framework?
Authorize via JWT Token
Get principal in Spring Boot resource server from JWT token
Create JWT token without signature?
How do I generate an auth token using JWT for Google firebase?
Is Firebase Auth's local (persisted auth state) secure and safe from XSS and CSRF for browsers?
Why not store JWT in global variable?
How to validate JWT using UTC-time using .NET Core
How Ingress support JWT Authentication?
Flask and React - Handling tokens after Spotify Authorization
Authenticating tokens from multiple sources (e.g Cognito and Azure)
Django Rest Framework JWT
How to test a REST service that uses JWT in SoapUI?
Request Header missing authorisation - Codeigniter rest
Why is the signature part of a jwt token always different, even when created with the same values?
How to decode JWE token in Angular
SailsJS - using sails.io.js with JWT
JJWT Tokens. How do I set timeout?
NodeJs jsonwebtoken calculate "iat" and "exp"
User registration for API/SPA

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!