BtrzAuth v1.2.0 BtrzAuth.Plug.VerifyAudiences View Source

Looks for and validates that the passed audiences are present in the private data under conn.private.user_aud saved by BtrzAuth.Plug.VerifyToken (the order of the plugs is very important!)

If the audiences are invalid, the pipeline will be halted and the conn.resp_body with:

%{
  "error" => "unauthorized",
  "reason" => "audiences_not_verified"
}

Options:

  • audiences - list of atom audiences to verify. Please use the ones found on BtrzAuth.Audiences.valid_audiences

Example

plug BtrzAuth.Plug.VerifyAudiences, audiences: [:CUSTOMER]

Link to this section Summary

Link to this section Functions