@ -33,7 +33,7 @@ The JWT token must hold following properties in the payload.
* `role` - role identifier (`student`, `supervisor`, ...), needed for the registration, have no effect on authentication (optional)
* `role` - role identifier (`student`, `supervisor`, ...), needed for the registration, have no effect on authentication (optional)
* `instanceId` - ID of an instance where the user should be registered if missing (optional)
* `instanceId` - ID of an instance where the user should be registered if missing (optional)
Actually, the token is loaded into [UserData](https://github.com/ReCodEx/api/blob/master/app/helpers/ExternalLogin/UserData.php) structure. For more details, se its declared properties for other optional JWT items.
Actually, the token is loaded into [UserData](https://github.com/ReCodEx/api/blob/master/app/helpers/ExternalLogin/UserData.php) structure. For more details, see its declared properties.
The token must be signed using a secret string that is shared between ReCodEx and external authentication service. Core-api holds this string in `jwtSecret` property of the authenticator configuration.
The token must be signed using a secret string that is shared between ReCodEx and external authentication service. Core-api holds this string in `jwtSecret` property of the authenticator configuration.