# help

Alex Tuca

10/25/2022, 2:27 PM
Hi, everybody! I am trying to implement @cerbos/grpc in my Express.js server using auxData to pass the JWT, but every way I check I still need to pass the principal data since I get the principal ID not having at least 1 rune otherwise. Am I interpreting the AuxData section from the documentation wrong that I could pass the JWT directly and not have to decode the token beforehand or do I need to use a specific syntax?

Charith (Cerbos)

10/25/2022, 2:32 PM
Hi. Principal ID is a mandatory field because we use it for audit logging and so on. If your policy rules only ever use the data from the auxData JWT then use a made-up value for the principal ID.