Skip to content

Document JWT claim requirements for selfhosted OAuth applications#936

Open
ppiegaze wants to merge 1 commit intomike/ext-authz-external-identity-v2from
mike/jwt-claim-requirements-v2
Open

Document JWT claim requirements for selfhosted OAuth applications#936
ppiegaze wants to merge 1 commit intomike/ext-authz-external-identity-v2from
mike/jwt-claim-requirements-v2

Conversation

@ppiegaze
Copy link
Copy Markdown
Collaborator

@ppiegaze ppiegaze commented Apr 22, 2026

Summary

  • Add warning about sub claim being critical for all OAuth apps (including service-to-service, operator, EAGER)
  • Document specific x-user-subject header not found error when sub is missing from client credentials tokens

Stacked on #935. Adapted from mike/jwt-claim-requirements (#890). Most content from the original PR was already incorporated in the Entra ID auth rewrite (#933).

Test plan

  • Warning callout renders correctly in Subject claim requirements section

🤖 Generated with Claude Code

@ppiegaze @claude
Document JWT claim requirements for selfhosted OAuth applications
c92eabf 
Adapted from mike/jwt-claim-requirements: adds warning about sub claim
being critical for all OAuth apps, with specific x-user-subject error
message. Most content from the original PR was already incorporated in
the Entra ID auth rewrite (mike/selfhosted-auth-docs-v2).

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@ppiegaze ppiegaze mentioned this pull request Apr 22, 2026
Closed
@cloudflare-workers-and-pages
Copy link
Copy Markdown

cloudflare-workers-and-pages Bot commented Apr 22, 2026

Deploying docs with  Cloudflare Pages  Cloudflare Pages

Latest commit: c92eabf
Status: ✅  Deploy successful!
Preview URL: https://2f43c20a.docs-dog.pages.dev
Branch Preview URL: https://mike-jwt-claim-requirements-2hsa.docs-dog.pages.dev

View logs

@ppiegaze ppiegaze added self-hosted Self-hosted docs. Do not merge do-not-merge PR is ready for review, but should not be merged just yet labels Apr 23, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@EngHabu EngHabu Awaiting requested review from EngHabu EngHabu is a code owner

@cosmicBboy cosmicBboy Awaiting requested review from cosmicBboy cosmicBboy is a code owner

@kumare3 kumare3 Awaiting requested review from kumare3 kumare3 is a code owner

@samhita-alla samhita-alla Awaiting requested review from samhita-alla samhita-alla is a code owner

Assignees

No one assigned

Labels

do-not-merge PR is ready for review, but should not be merged just yet self-hosted Self-hosted docs. Do not merge

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@ppiegaze