Skip to main content

Caddy User Identity

When the plugin successfully validates a JWT token, the plugin passes the user identity identifier back to the Caddy server.

By default, the identity passed to Caddy is email address. However, it could be changed with set user identity Caddyfile directive.

{
security {
authorization policy mypolicy {
set user identity id
set user identity subject
set user identity email
}
}
}

If email is being set, but a JWT token does not contain an email address, then the plugin uses subject for identity.