Skip to content
Vendidit Auth

Interface: DecodedAccessToken

Interface: DecodedAccessToken

Defined in: auth-client/src/core/types.ts:42

Decoded access-token claims. We DO NOT verify the signature on the client — that’s the server’s job. Decoding is purely for UX: showing the user their email, gating UI on roles/permissions, knowing when to preemptively refresh. Trusting these claims for authorization is incorrect; the SDK never does.

Properties

app_code?

optional app_code?: string

Defined in: auth-client/src/core/types.ts:75

app_id?

optional app_id?: string

Defined in: auth-client/src/core/types.ts:74

aud

aud: string | string[]

Defined in: auth-client/src/core/types.ts:50

Audience.

auth_provider?

optional auth_provider?: string

Defined in: auth-client/src/core/types.ts:72

display_name?

optional display_name?: string

Defined in: auth-client/src/core/types.ts:63

email

email: string

Defined in: auth-client/src/core/types.ts:60

exp

exp: number

Defined in: auth-client/src/core/types.ts:54

Expiry (unix seconds).

first_name?

optional first_name?: string

Defined in: auth-client/src/core/types.ts:61

iat

iat: number

Defined in: auth-client/src/core/types.ts:52

Issued-at (unix seconds).

imp_email?

optional imp_email?: string

Defined in: auth-client/src/core/types.ts:78

imp_uid?

optional imp_uid?: string

Defined in: auth-client/src/core/types.ts:77

Impersonation stamps (AUDIT C7 — see auth-server claims.go).

iss

iss: string

Defined in: auth-client/src/core/types.ts:48

Issuer.

jti

jti: string

Defined in: auth-client/src/core/types.ts:46

Token id.

last_name?

optional last_name?: string

Defined in: auth-client/src/core/types.ts:62

nbf?

optional nbf?: number

Defined in: auth-client/src/core/types.ts:56

Not-before (unix seconds).

org_id?

optional org_id?: string

Defined in: auth-client/src/core/types.ts:64

org_name?

optional org_name?: string

Defined in: auth-client/src/core/types.ts:66

org_slug?

optional org_slug?: string

Defined in: auth-client/src/core/types.ts:65

permissions?

optional permissions?: string[]

Defined in: auth-client/src/core/types.ts:68

remember_me?

optional remember_me?: boolean

Defined in: auth-client/src/core/types.ts:71

roles?

optional roles?: string[]

Defined in: auth-client/src/core/types.ts:67

session_id?

optional session_id?: string

Defined in: auth-client/src/core/types.ts:70

sub

sub: string

Defined in: auth-client/src/core/types.ts:44

Subject (user id).

token_type?

optional token_type?: string

Defined in: auth-client/src/core/types.ts:69

tv?

optional tv?: number

Defined in: auth-client/src/core/types.ts:73

uid

uid: string

Defined in: auth-client/src/core/types.ts:59

Mirrors server’s TokenClaims.