During the lifecycle of a request you will be able to access the data you have configured to be stored in the JWT by accessing req.user. The user object is automatically appeneded to the request for you.

Definining Token Data

You can specify what data gets encoded to the Cookie/JWT-Token by setting saveToJWT property on fields within your auth collection.

1import type { CollectionConfig } from 'payload'
2
3export const Users: CollectionConfig = {
slug: 'users',
auth: true,
fields: [
  {
    // will be stored in the JWT
    saveToJWT: true,
    type: 'select',
    name: 'role',
    options: [
      'super-admin',
      'user',
    ]
  },
  {
    // the entire object will be stored in the JWT
    // tab fields can do the same thing!
    saveToJWT: true,
    type: 'group',
    name: 'group1',
    fields: [
      {
        type: 'text',
        name: 'includeField',
      },
      {
        // will be omitted from the JWT
        saveToJWT: false,
        type: 'text',
        name: 'omitField',
      },
    ]
  },
  {
    type: 'group',
    name: 'group2',
    fields: [
      {
        // will be stored in the JWT
        // but stored at the top level
        saveToJWT: true,
        type: 'text',
        name: 'includeField',
      },
      {
        type: 'text',
        name: 'omitField',
      },
    ]
  },
]
54}

Using Token Data

This is especially helpful when writing Hooks and Access Control that depend on user defined fields.

1import type { CollectionConfig } from 'payload'
2
3export const Invoices: CollectionConfig = {
slug: 'invoices',
access: {
  read: ({ req, data }) => {
    if (!req?.user) return false
    if ({ req.user?.role === 'super-admin'}) {
      return true
    }
    return data.owner === req.user.id
  }
}
fields: [
  {
    name: 'owner',
    relationTo: 'users'
  },
  // ... other fields
],
21}

Deploy your entire stack in one place with Payload Cloud.

Microsoft chose Payload to tell the world about AI.

Token Data

Definining Token Data

Using Token Data

Versions

On this page