How consistent is `aggregateVerifier` field of getUserInfo()?

antonio · October 22, 2023, 7:27am

Hi all,

Our platform utilizes the aggregateVerifier to keep track of the user’s logged in method. From the JWT we can decode for keys like tkey-auth0-email-passwordless-lrc or tkey-google-lrc that allow us to determine the auth method.

We did notice that on mainnet the passwordless key for example is tkey-auth0-email-passwordless-cyan. This sitll works for us as we can use regex on “passwordless” or something to determine this was logged in via email passwordless.

My question is, how reliable are these keys and will a regex method like what we did be consistent enough in the future as well?

vjgee · October 22, 2023, 2:48pm

@antonio Thanks for your recent communication.

Your request has been forwarded to our Dev team and we will get back with further updates.

antonio · October 25, 2023, 4:44am

hey @vjgee. Is there an update here?

shahbaz · October 27, 2023, 2:55am

Hi @antonio

These are reliable as these are our default verifiers that will not change. But to determine the auth method, you can look for the typeOfLogin field from the getUserInfo function.

system · November 10, 2023, 2:55am

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.