Skip to content
rw3iss Auth

AuthenticatedUser

AuthenticatedUser

Defined in: @rw3iss/auth-shared/src/jwt/principals.ts

Human user. Set on req.user (NestJS) after a user access token validates.

Properties

appCode?

optional appCode?: string

Defined in: @rw3iss/auth-shared/src/jwt/principals.ts


appId?

optional appId?: string

Defined in: @rw3iss/auth-shared/src/jwt/principals.ts

App scoping (AUDIT 8.3).


authProvider?

optional authProvider?: string

Defined in: @rw3iss/auth-shared/src/jwt/principals.ts


displayName?

optional displayName?: string

Defined in: @rw3iss/auth-shared/src/jwt/principals.ts


email

email: string

Defined in: @rw3iss/auth-shared/src/jwt/principals.ts


firstName?

optional firstName?: string

Defined in: @rw3iss/auth-shared/src/jwt/principals.ts


id

id: string

Defined in: @rw3iss/auth-shared/src/jwt/principals.ts

User id (from uid JWT claim / id /me payload).


impersonatorEmail?

optional impersonatorEmail?: string

Defined in: @rw3iss/auth-shared/src/jwt/principals.ts


impersonatorUserId?

optional impersonatorUserId?: string

Defined in: @rw3iss/auth-shared/src/jwt/principals.ts

Impersonation stamps (AUDIT C7). Present when the token was minted by an admin acting as this user; the SDK can branch on this to surface a “you are impersonating” indicator.


jti?

optional jti?: string

Defined in: @rw3iss/auth-shared/src/jwt/principals.ts

JWT ID — used for per-request revocation checks when enabled.


kind

kind: "user"

Defined in: @rw3iss/auth-shared/src/jwt/principals.ts


lastName?

optional lastName?: string

Defined in: @rw3iss/auth-shared/src/jwt/principals.ts


orgId?

optional orgId?: string

Defined in: @rw3iss/auth-shared/src/jwt/principals.ts

Org context — present when the token was minted with an org scope.


orgName?

optional orgName?: string

Defined in: @rw3iss/auth-shared/src/jwt/principals.ts


orgSlug?

optional orgSlug?: string

Defined in: @rw3iss/auth-shared/src/jwt/principals.ts


permissions

permissions: string[]

Defined in: @rw3iss/auth-shared/src/jwt/principals.ts

Permission codes (resource:action format, e.g. releases:create).


roles

roles: string[]

Defined in: @rw3iss/auth-shared/src/jwt/principals.ts

Role codes (e.g. system_admin, org_admin, seller).


sessionId?

optional sessionId?: string

Defined in: @rw3iss/auth-shared/src/jwt/principals.ts