You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/azure-web-pubsub/concept-client-protocols.md
+8-6Lines changed: 8 additions & 6 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -31,12 +31,14 @@ Here is a general authorization workflow:
31
31
32
32
You could also configure additional properties for the client connection when generating the access token by specifying special claims inside the JWT token:
33
33
34
-
| Property | Claim type | Claim value | Notes |
35
-
| --- | ---| --- |
36
-
| The `userId` that the client connection belongs to |`sub`| `{userId}`` | It is the [user](./key-concepts.md#terms) this connection belongs to. You could use `SendToUser` to send messages to the connections belonging to this user |
37
-
| The lifetime of the token |`exp`| the expiration time of the token ||
38
-
| The [permissions](#permissions) the client connection initially has |`role`| List of roles as listed in [permissions](#permissions)||
39
-
| The initial groups that the client connection joins once it connects to Azure Web PubSub |`group`| List of groups the client joins initially ||
34
+
| Description | Claim type | Claim value | Notes |
35
+
| --- | ---| --- | -- |
36
+
| The `userId` for the client connection |`sub`| the userId | Only one `sub` claim is allowed |
37
+
| The lifetime of the token |`exp`| the expiration time | The `exp` (expiration time) claim identifies the expiration time on or after which the token MUST NOT be accepted for processing. |
38
+
| The [permissions](#permissions) the client connection initially has |`role`| the role value defined in [permissions](#permissions)| Specify mulitple `role` claims if the client has multiple permissions |
39
+
| The initial groups that the client connection joins once it connects to Azure Web PubSub |`group`|`{groupToJoin}`| Sepcify multiple `group` claims if the client joins multiple groups|
40
+
41
+
You could also add custom claims into the access token, and these values are preserved as the `claims` property in [connect upstream request body](./reference-cloud-events.md#system-connect-event).
40
42
41
43
[Server SDKs](./howto-generate-client-access-url.md#generate-from-service-sdk) provides APIs to generate the access token for the clients.
0 commit comments