Loading

How to Validate Multiple Values of a Custom Claim in a JWT Policy

Fecha de publicación: Aug 4, 2025
Tarea

GOAL

Validate multiple values of a Custom Claim in a JWT Policy
Pasos
1. If claims are in the format of arrays as below and want to validate that both values are present 
"groups": [
    "group1",
    "group2"
  ]
You can set the custom claim validation
keyValue
groups#[vars.claimSet.groups == ['group1', 'group2']]

2. If claims can be in either values 
"scp": [
   "default"
]
or 
"scp": [
   "openid"
]
You can set the custom claim validation
KeyValue
scp#[ vars.claimSet.scp == ['default'] or vars.claimSet.scp ==['openid']]


3. If claims should be one or more values of all those contained in the array. For example we want to match all those which contain default or openid or both. All the below examples should be true:

a 
"scp": [
   "default",
   "value1",
   "value2"
]
b 
"scp": [
   "value3",
   "openid",
   "value4",
   "value5"
]

c 
"scp": [
   "value6",
   "openid",
   "default",
   "value7"
]
You can set the custom claim validation
KeyValue
scp#[ %dw 2.0     output application/json     import * from dw::core::Arrays     ---     vars.claimSet.scp some (($ == "default") or ($ == "openid"))]


Disclaimer: This solution provides a suggestion that should be considered in conjunction with your specific use-case and requirements and does not represent a complete solution for all circumstances.
 
Número del artículo de conocimiento

001116911

 
Cargando
Salesforce Help | Article