You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
RabbitMQ needs to figure out the username associated to the token so that it can display it in the management ui.
321
-
By default, RabbitMQ will first look for the `sub` claim and if it is not found it uses the `client_id`.
320
+
RabbitMQ The username associated with the token must be available to RabbitMQ so that this username is displayed in the RabbitMQ Management UI.
321
+
By default, RabbitMQ searches for the `sub` claim first, and if it is not found, RabbitMQ uses the `client_id`.
322
322
323
-
Most authorization servers return the user's GUID in the `sub` claim rather than the actual user's username or email address, anything the user can relate to. When the `sub` claim does not carry a *user-friendly username*, you can configure one or several claims to extract the username from the token.
323
+
Most authorization servers return the user's GUID in the `sub` claim instead of the user's username or email address, anything the user can relate to. When the `sub` claim does not carry a *user-friendly username*, you can configure one or several claims to extract the username from the token.
RabbitMQ would first look for the `user_name` claim and if it is not found it looks for `email`. Else it uses its default lookup mechanism which first looks for `sub` and then `client_id`.
333
+
In the example configuration, RabbitMQ searches for the `user_name` claim first and if it is not found, RabbitMQ searches for the `email`. If these are not found, RabbitMQ uses its default lookup mechanism which first looks for `sub` and then `client_id`.
334
334
335
335
### <aid="token-expiration"class="anchor"href="#token-expiration">Token Expiration and Refresh</a>
0 commit comments