I have a question though. How to know which user is accessing the API from the JWT token? I can see there is a field named "username" in the JWT body. Should I rely on that to map the authenticated user to the DB I have? Also how can I support roles and granted authorities?
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
Thanks for this. Much appreciated.
I have a question though. How to know which user is accessing the API from the JWT token? I can see there is a field named "username" in the JWT body. Should I rely on that to map the authenticated user to the DB I have? Also how can I support roles and granted authorities?