add clientId into the service client JWTs.

Authress · Mar 5, 2024 · 14e62e6 · 14e62e6
1 parent f790778
commit 14e62e6
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 0 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -3,6 +3,7 @@ This is the changelog for [Authress SDK](readme.md).
 
 ## 2.3 ##
 * Improve support for collectionConfiguration to skip `accessToAllSubResources` check when using `INCLUDE_NESTED` in the query.
+* Add explicit `clientId` into the generate service token JWT.
 
 ## 2.2 ##
 * Fix `Invite` to use the correct `InviteStatement` type for `Invite` statements.

diff --git a/src/serviceClientTokenProvider.js b/src/serviceClientTokenProvider.js
@@ -30,6 +30,7 @@ module.exports = function(accessKey, authressCustomDomain) {
       aud: decodedAccessKey.audience,
       iss: getIssuer(authressCustomDomain || useFallbackAuthressCustomDomain && fallbackAuthressCustomDomain || `${accountId}.api.authress.io`, decodedAccessKey),
       sub: decodedAccessKey.clientId,
+      client_id: decodedAccessKey.clientId,
       iat: now,
       // valid for 24 hours
       exp: now + 60 * 60 * 24,