Skip to content

@nogoo9/no-crd / index / hasRequiredRole

Function: hasRequiredRole()

hasRequiredRole(jwtPayload, requiredRole?, jsonPathExpr?): boolean

Defined in: src/k8s/auth.ts:587

Checks if the JWT payload contains the required role. Supports checking standard roles arrays or strings, and always allows admins.

Parameters

jwtPayload

unknown

Decrypted JWT payload dictionary.

requiredRole?

string

The required role string (e.g., "mcp-reader"). If undefined, returns true.

jsonPathExpr?

string = "$.realm_access.roles"

JSONPath expression specifying where the roles claim resides. Defaults to "$.realm_access.roles".

Returns

boolean

true if role is present/valid, false otherwise.