How to Validate Multiple Values of a Custom Claim in a JWT Policy

Julkaisupäivä: Aug 4, 2025

Tehtävä

GOAL

Validate multiple values of a Custom Claim in a JWT Policy

Vaiheet

1. If claims are in the format of arrays as below and want to validate that both values are present

"groups": [
    "group1",
    "group2"
  ]

You can set the custom claim validation

key	Value
groups	#[vars.claimSet.groups == ['group1', 'group2']]

2. If claims can be in either values

"scp": [
   "default"
]

"scp": [
   "openid"
]

You can set the custom claim validation

Key	Value
scp	#[ vars.claimSet.scp == ['default'] or vars.claimSet.scp ==['openid']]

3. If claims should be one or more values of all those contained in the array. For example we want to match all those which contain default or openid or both. All the below examples should be true:

a

"scp": [
   "default",
   "value1",
   "value2"
]

"scp": [
   "value3",
   "openid",
   "value4",
   "value5"
]

"scp": [
   "value6",
   "openid",
   "default",
   "value7"
]

You can set the custom claim validation

Key	Value
scp	#[ %dw 2.0 output application/json import * from dw::core::Arrays --- vars.claimSet.scp some (($ == "default") or ($ == "openid"))]

Disclaimer: This solution provides a suggestion that should be considered in conjunction with your specific use-case and requirements and does not represent a complete solution for all circumstances.

Knowledge-artikkelin numero

001116911

Ratkaisiko tämä artikkeli ongelmasi?

Anna palautetta, jotta voimme kehittyä!

How to Validate Multiple Values of a Custom Claim in a JWT Policy

GOAL

General Information

Required Cookies

Functional Cookies

Advertising Cookies

General Information

Required Cookies

Functional Cookies

Advertising Cookies

Cookie List