go-sdk icon indicating copy to clipboard operation
go-sdk copied to clipboard
Published 1 month ago verified publisher icon modelcontextprotocol

Proposal: add TokenInfo.UserID

Open jba opened this issue 3 months ago • 2 comments

Add a UserID field of type string to auth.TokenInfo. A TokenVerifier may set this field to a non-empty value if it knows how to find the user ID in the token.

If present, the user ID can be used to increase security. See, for example, #586. Instead of calling GetUserID as suggested in that proposal, code would call TokenInfoFromContext and then access the UserID field.

/cc @findleyr

jba avatar Oct 16 '25 20:10 jba

Thanks, this sounds like a better alternative to #586.

findleyr avatar Oct 16 '25 21:10 findleyr

I agree

younaman avatar Oct 28 '25 15:10 younaman