https://www.ory.sh/ logo
Join Slack
Powered by
<@U04UQ68083H> are these claims correct for google...
# ory-copilot
c
@chilly-king-10285 are these claims correct for google
Copy code
local claims = {
  email_verified: false,
} + std.extVar('claims');

{
  identity: {
    traits: {
      first_name: claims.given_name,
      [if 'email' in claims && claims.email_verified then 'email' else null]: claims.email,
      [if 'family_name' in claims then 'last_name' else null]: claims.family_name,
      [if 'hd' in claims && claims.email_verified then 'hd' else null]: claims.hd,
      [if 'picture' in claims then "picture" else null]: claims.picture,
    },
  },
}
c
A message from kapa.ai
The provided Jsonnet code snippet is mostly correct for Google, but there are a few things to note: 1. The 
email_verified
field is set to 
false
by default. This means that if the 
email_verified
field is not provided in the claims, it will default to 
false
. This is a good practice to ensure that unverified emails are not used. 2. The 
email
field is only set if it exists in the claims and 
email_verified
is 
true
. This is also a good practice to prevent unverified emails from being used. 3. The 
first_name
field is set to the value of 
given_name
in the claims. This is correct if the 
given_name
claim is provided by Google. 4. The 
last_name
field is set to the value of 
family_name
in the claims if it exists. This is correct if the 
family_name
claim is provided by Google. 5. The 
hd
field is only set if it exists in the claims and 
email_verified
is 
true
. The 
hd
claim is the hosted Google Workspace domain of the user and is only used when the user has a Google Workspace account. 6. The 
picture
field is set to the value of 
picture
in the claims if it exists. This is correct if the 
picture
claim is provided by Google. However, it's important to note that you should not save secrets such as API keys, credentials, or personal data directly in Jsonnet code snippets. Jsonnet code snippets used for data mapping aren't stored in an encrypted format in Ory Network. For more information, refer to the [Ory documentation](https://www.ory.sh/docs/kratos/social-signin/google#additional-configuration).
2 Views
Open in Slack
PreviousNext
Powered by