Can I use the "sub" from a claim to store as the unique user id in the database?

neha.pandey · March 4, 2021, 12:49pm

Hi,

I am creating an SPA(Angular 10) that would get the access token from OKTA using Okat-Auth-JS, as we want to use Material login form.

We then want to save the user data received after logging into the database.
We’re using Couchbase and we need a unique identifier to be used to create the document key stored in the db.

My question is, would it be a good practice to use the “sub” from the claims to achieve this, or is it good practice to store the value of “sub” in the database.

Request you to please help me out with it.

Fuzzard · March 5, 2021, 6:32pm

the ID token sub claim is hard-coded to always contain the okta user id and it can safely be used for storing a list of ids tied to each user accessing the Angular app

neha.pandey · March 6, 2021, 2:44pm

@Fuzzard ,

Thank you for responding.

Just to double check that I’m getting it right, storing the “sub” in DB and using it as the userId throughout the application(SPA, multiple microservices) is acceptable and is not a security hazard?

Post		Replies	Views
Maping custom data to user authenticated by okta Questions	4	3443	June 17, 2020
Trying to get a unique ID for authenticated users OAuth/OIDC nodejs , reactjs	4	12926	February 15, 2018
Token error - 400 sub system claim cant be evaluated OAuth/OIDC api	8	8015	July 27, 2021
Can I trust the access token sub claim for identifying user? Questions	6	13518	February 4, 2022
How may I access the value of the`sub` claim in the ID Token from admin portal? Questions	2	5518	July 15, 2019

Can I use the "sub" from a claim to store as the unique user id in the database?

Related topics