Skip to content

feat(auth): add TypeScript types for documented JWT claims fields #1802

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

feat(auth): add TypeScript types for documented JWT claims fields #1802

wants to merge 1 commit into from
+44 −1

Conversation

@SumitKumar-17
Copy link

@SumitKumar-17 SumitKumar-17 commented Oct 24, 2025
edited
Loading

  • Added type safety for email, phone, user_metadata, app_metadata, is_anonymous, etc.
  • Provides autocomplete and type safety for all documented JWT claims fields
  • getClaims() method now returns properly typed JwtPayload with documented fields

Fixes #1584

🔍 Description

What changed?

Why was this change needed?

Closes #(issue_number)

📸 Screenshots/Examples

🔄 Breaking changes

  • This PR contains no breaking changes

📋 Checklist

  • I have read the Contributing Guidelines
  • My PR title follows the conventional commit format: <type>(<scope>): <description>
  • I have run npx nx format to ensure consistent code formatting
  • I have added tests for new functionality (if applicable)
  • I have updated documentation (if applicable)

📝 Additional notes

@SumitKumar-17
feat(auth): add TypeScript types for documented JWT claims fields
905f6a3 
- Added type safety for email, phone, user_metadata, app_metadata,
is_anonymous, etc.
- Provides autocomplete and type safety for all documented JWT claims
fields
- getClaims() method now returns properly typed JwtPayload with
documented fields

Fixes supabase#1584
@SumitKumar-17 SumitKumar-17 requested review from a team as code owners October 24, 2025 21:06
@mrbjjackson
Copy link

mrbjjackson commented Oct 24, 2025

@SumitKumar-17 I'm not sure if this is the correct place to point this out but I'm just looking at your commit - I see you've added an "id" field. I'm not sure where this would come from. It's not mentioned in the docs as far as I can see - rather the claims object uses the "sub" parameter for the user's uuid.

@coveralls
Copy link

coveralls commented Oct 29, 2025

Coverage Status

coverage: 95.455% (-0.5%) from 95.987%
when pulling 905f6a3 on SumitKumar-17:feat/typescript-jwt-claims
into 46abe0d on supabase:master.

@mandarini mandarini added the auth-js Related to the auth-js library. label Oct 30, 2025
@mandarini mandarini mentioned this pull request Oct 30, 2025
Open
@mandarini
Copy link
Contributor

mandarini commented Nov 4, 2025

Hi @SumitKumar-17 ! Thank you for this PR. I discussed it why my team and we think this PR has a few incorrect claims added (e.g.: id, created_at, updated_at, phone_confirmed_at, etc...). We would recommend you use the following doc as the source of truth for the claims: https://supabase.com/docs/guides/auth/jwt-fields

One caveat here is that a user may use a custom access token hook so there's no guarantee the claims will exist (other than the required ones), so they should all be marked as optional.

Do you think you're able to make these changes? If not, let me know and we can help!

@mandarini mandarini self-assigned this Nov 4, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@mandarini mandarini

Labels

auth-js Related to the auth-js library.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Provide TypeScript types for documented JWT claims fields (email, phone, user_metadata, etc.)

4 participants

@SumitKumar-17 @mrbjjackson @coveralls @mandarini