https://cerbos.dev logo
Title
p

Peter Franzen

03/09/2023, 6:38 PM
Is there a recommended Resource policy condition for determining that a valid JWT was provided? I need to make a policy that doesn't have any Role conditions and only looks at the JWT since the Principals won't have any Roles defined
c

Charith (Cerbos)

03/09/2023, 6:45 PM
If you provide a key set, Cerbos will verify the JWT automatically: https://docs.cerbos.dev/cerbos/latest/configuration/auxdata.html There's no function to do that explicitly though.