Skip to main content

Reading JWT payload claims


Using JWTs is optional and is only required if you want to integrate with another service that relies on JWTs or if you want to integrate with a backend framework that we do not support yet

On the backend#

Method 1) After session verification#

let { verifySession } = require("supertokens-node/recipe/session/framework/express");
app.get("/getJWT", verifySession(), async (req, res) => {
    let session = req.session;
    let role = session.getAccessTokenPayload()["role"];

Method 2) Without session verification#

let Session = require("supertokens-node/recipe/session");
// we first get all the sessionHandles (string[]) for a userlet sessionHandles = Session.getAllSessionHandlesForUser(userId);
// we update all the session's Access Token payloads for this usersessionHandles.forEach(async (handle) => {      let role = (await Session.getSessionInformation(handle)).accessTokenPayload["role"];})

On the frontend#

Step 1: Wrap the component in which you want to get the info with ThirdPartyEmailPasswordAuth#

import { ThirdPartyEmailPasswordAuth } from 'supertokens-auth-react/recipe/thirdpartyemailpassword';
render() {     return (           <ThirdPartyEmailPasswordAuth>                  <Dashboard />           </ThirdPartyEmailPasswordAuth>     );}

Step 2: This is how to use the session context in a component:#

import React from "react";import { useSessionContext } from 'supertokens-auth-react/recipe/session'; 
// Your dashboard componentfunction Dashboard(props) {    let {userId, accessTokenPayload} = useSessionContext();
    let role = accessTokenPayload.role;}