AuthenticatedUser
AuthenticatedUser
Defined in: @rw3iss/auth-shared/src/jwt/principals.ts
Human user. Set on req.user (NestJS) after a user access token validates.
Properties
appCode?
optionalappCode?:string
Defined in: @rw3iss/auth-shared/src/jwt/principals.ts
appId?
optionalappId?:string
Defined in: @rw3iss/auth-shared/src/jwt/principals.ts
App scoping (AUDIT 8.3).
authProvider?
optionalauthProvider?:string
Defined in: @rw3iss/auth-shared/src/jwt/principals.ts
displayName?
optionaldisplayName?:string
Defined in: @rw3iss/auth-shared/src/jwt/principals.ts
email:
string
Defined in: @rw3iss/auth-shared/src/jwt/principals.ts
firstName?
optionalfirstName?:string
Defined in: @rw3iss/auth-shared/src/jwt/principals.ts
id
id:
string
Defined in: @rw3iss/auth-shared/src/jwt/principals.ts
User id (from uid JWT claim / id /me payload).
impersonatorEmail?
optionalimpersonatorEmail?:string
Defined in: @rw3iss/auth-shared/src/jwt/principals.ts
impersonatorUserId?
optionalimpersonatorUserId?:string
Defined in: @rw3iss/auth-shared/src/jwt/principals.ts
Impersonation stamps (AUDIT C7). Present when the token was minted by an admin acting as this user; the SDK can branch on this to surface a “you are impersonating” indicator.
jti?
optionaljti?:string
Defined in: @rw3iss/auth-shared/src/jwt/principals.ts
JWT ID — used for per-request revocation checks when enabled.
kind
kind:
"user"
Defined in: @rw3iss/auth-shared/src/jwt/principals.ts
lastName?
optionallastName?:string
Defined in: @rw3iss/auth-shared/src/jwt/principals.ts
orgId?
optionalorgId?:string
Defined in: @rw3iss/auth-shared/src/jwt/principals.ts
Org context — present when the token was minted with an org scope.
orgName?
optionalorgName?:string
Defined in: @rw3iss/auth-shared/src/jwt/principals.ts
orgSlug?
optionalorgSlug?:string
Defined in: @rw3iss/auth-shared/src/jwt/principals.ts
permissions
permissions:
string[]
Defined in: @rw3iss/auth-shared/src/jwt/principals.ts
Permission codes (resource:action format, e.g. releases:create).
roles
roles:
string[]
Defined in: @rw3iss/auth-shared/src/jwt/principals.ts
Role codes (e.g. system_admin, org_admin, seller).
sessionId?
optionalsessionId?:string
Defined in: @rw3iss/auth-shared/src/jwt/principals.ts