remove user data from jwt, add user id into query param

JulienVerbrugge · JulienVerbrugge · commit 7b695ebf4df6 · 2025-04-28T17:38:09.000+02:00
diff --git a/content/extensions/ui-extensions.md b/content/extensions/ui-extensions.md
@@ -227,6 +227,7 @@ To help identify the  **iframe** caller (insecure) and context, several paramete
 For example, when `url` is `https://customerwebsite.com/iframe/`, the called URL is `https://customerwebite.com/iframe/?position=pim.product.tab&user[username]=julia`
 
 For all positions, parameters relative to the connected user and the extension position are sent:
+- `user[id]`
 - `user[username]`
 - `user[email]`
 - `user[ui_locale]`
@@ -372,17 +373,13 @@ The JWT token consists of three main parts: the header, the body (payload), and
   "iat": 1743410036.116152,
   "exp": 1743413636.116162,
   "userId": "1",
-  "userEmail": "user1@example.com",
-  "username": "user1"
 }
 ```
 
 * ```jti``` The unique identifier for the token.
 * ```iat``` The issued at time.
 * ```exp``` The expiration time of the token.
 * ```userId``` The PIM user identifier (in this case, ```1```).
-* ```userEmail``` The PIM user email (in this case, ```user1@example.com```).
-* ```username``` The PIM user name (in this case, ```user1```).
 
 
 *A signature*
