Welcome to the Kinde community.
P
K
A
A
A
Access token with org_name but no org_code.
Hello,
I received an access token in which the org_name is set but not the org_code. This occurred after the organization was deleted. This seems inconsistent, should they not be both set, or none of them ?
Data in thread
Access token
eyJhbGciOiJSUzI1NiIsImtpZCI6IjYwOjczOmE0OjhjOjlmOjY3OjdhOjhjOjQ1OjllOjcyOmZmOjZhOjEyOjNiOjcwIiwidHlwIjoiSldUIn0.eyJhdWQiOltdLCJhenAiOiI5NTgwZmRhYWU5NWM0Y2JkOTVlMTg4ZDdjZTFjOGViOCIsImVtYWlsIjoibm9lLmNoYXJtZXRAYWxsZWdvcmlhLmlvIiwiZXhwIjoxNzI2MjQzMTcxLCJpYXQiOjE3MjYxNTY3NzAsImlzcyI6Imh0dHBzOi8vYWxsZWdvcmlhLWxvY2FsLmV1LmtpbmRlLmNvbSIsImp0aSI6IjY0YWFiNTk2LWZkZGItNGFjNS1hM2E4LTUwYzk2NzkxOTQwZiIsIm9yZ19uYW1lIjoiTG9naW4iLCJwZXJtaXNzaW9ucyI6W10sInNjcCI6WyJvcGVuaWQiLCJwcm9maWxlIiwiZW1haWwiLCJvZmZsaW5lIl0sInN1YiI6ImtwX2U2MDYxOTJkOThmMTRhZjQ5OTMxMmE5MTk3YWFmZmQ3In0.WQ3p6dpdsZ_SKZpX9sY2QbUcaBaDSrxbDTt2AVSDz5kWlc5UqZCCqEhoZJE4lOwRDRBFYVZySSaTE9Xre-t5w0b7ijxg8clGMUOZQ5-zUsutMunLQBemIGbSBvlTQVDuRn8PWPJC5Mg-zPTKsYOsTkJ5Iw1nTXMopom0NzdWNQVFCZSOl_mEgOyA0-nzEHAw_D77WNB8sQNQPIUgmuowH25k6WDsI1x08myA-wqrMm9Mw647fkfTzEkw0QGOg-xQY3brTFvv50y9vG7phYnH3wS9FTIlbuqQYSao43wCvdWdZ_4xjOk3AjzuKpbAZKACDW--Tsog_s119o-6ZBYf0g
Here we can see that there is an org_name claim with value Login. This was a test organization deleted. The token was fetched by refresh.
{
"aud": [],
"azp": "9580fdaae95c4cbd95e188d7ce1c8eb8",
"email": "noe.charmet@allegoria.io",
"exp": 1726243171,
"iat": 1726156770,
"iss": "<a target="_blank" rel="noopener noreferrer" href="https://allegoria-local.eu.kinde.com">https://allegoria-local.eu.kinde.com</a>",
"jti": "64aab596-fddb-4ac5-a3a8-50c96791940f",
"org_name": "Login",
"permissions": [],
"scp": [
"openid",
"profile",
"email",
"offline"
],
"sub": "kp_e606192d98f14af499312a9197aaffd7"
}Thanks, so you are using our JS SDK. The team is looking into it as it seems the cache needs to be invalidated
Indeed, I’m using
https://github.com/kinde-oss/kinde-auth-react
But it’s really a thin wrapper around the JS SDK from the looks. So I guess token related issues would be there.
For more details calling the login function did not seem to be sufficient for a proper reresh. There is no mechanism in the SDK permitting to force a full refresh otherwise.
sorry for the delay. A fix went out today that so that org_name isn’t shown when the user doesn’t have access to the org - either from the org being deleted or the user getting disassociated with the org.
Able to let us know if you see this again?