Skip to main content

firebase_admin/auth/id_token/
claims.rs

1//! Claim shapes for Firebase ID tokens.
2
3use serde::{Deserialize, Serialize};
4
5/// The decoded and verified claims of a Firebase ID token.
6///
7/// See <https://firebase.google.com/docs/auth/admin/verify-id-tokens> for the
8/// authoritative claim reference.
9#[derive(Debug, Clone, Serialize, Deserialize)]
10pub struct IdTokenClaims {
11    /// The token issuer, expected to be `https://securetoken.google.com/<project-id>`.
12    pub iss: String,
13    /// The intended audience, expected to equal the Firebase project ID.
14    pub aud: String,
15    /// Issued-at time, in seconds since the Unix epoch.
16    pub iat: i64,
17    /// Expiration time, in seconds since the Unix epoch.
18    pub exp: i64,
19    /// The time the end user authenticated, in seconds since the Unix epoch.
20    pub auth_time: i64,
21    /// The Firebase user id (UID) this token was issued for.
22    pub sub: String,
23    /// The user's email address, if available.
24    pub email: Option<String>,
25    /// Whether the user's email address has been verified.
26    #[serde(default)]
27    pub email_verified: bool,
28    /// Custom claims attached to the user via `set_custom_user_claims`.
29    #[serde(flatten)]
30    pub custom_claims: serde_json::Map<String, serde_json::Value>,
31}