Docs Pricing Blog Sign In

Policies

JWT Scope Validation Policy

Validates that the JWT token includes specific scopes

Configuration

The configuration shows how to configure the policy in the 'policies.json' document.

{
  "name": "my-jwt-scopes-inbound-policy",
  "policyType": "jwt-scopes-inbound",
  "handler": {
    "export": "JWTScopeValidationInboundPolicy",
    "module": "$import(@zuplo/runtime)",
    "options": {
      "scopes": [
        "read:users",
        "write:projects"
      ]
    }
  }
}

Policy Options

The options for this policy are specified below. All properties are optional unless specifically marked as required.

scopes <string[]> (Required) -
An array of of JWT scopes.

Using the Policy

Read more about how policies work

Previous: Axiomatics Authorization
Next: Access Control List