[email protected]
. cbsecurity.validator
. So if the global validator is something other than jwt but your module REQUIRES JWT validation, then just add it in your ModuleConfig.cfc
authorization
header using the bearer token approachcbsecurity.customAuthHeader
rc
variable with the same name as cbsecurity.customAuthHeader
permissions
element or your secure
annotations have context, then we will treat those as the scopes/permissions to check the user/token must have at validation.authorization
header or custom header x-auth-token
or incoming rc[ 'x-auth-token' ]
sub
) claim and try to retrieve the user it representsprc.jwt_token
and the payload in prc.jwt_payload
prc.oCurrentUser
or the variable of your choice via the cbsecurity.prcUserVariable
setting.