SuperTokens is an open source authentication solution offering features like: Different types of login: Email / password, Passwordless (OTP or Magic link based).

SuperTokens.com

Hi everyone, I'm struggling with configuring Supertokens with Hasura claims.

TL;DR: How can I send different claims based on users' roles?

Other than database maintained by Supertokens, I also have my own database with users and roles and my own user-management API to make more flexible track of users' data (user-management API sends requests to supertokens-api when processing authorization stuff). Hasura claims are configured in Supertokens.init() and are same for every user (but I want them to be based on users' roles).

As a workaround, I can decode JWT in user-management API, change Hasura claims and encode new JWT and send it to user. But this seems quite strange, I didn't find any proper way to satisfy my needs.

Any help would be appreciated! 🙂

the place where you add the hasura claims is in the override for `createNewSession`. In that function, you also have access to the userId

From the userId, you can get their roles? And based on that, modify Hasura claims?

Oh I see, that was pretty straightforward. Thanks a lot!