API: Stable

A minimal representation of a security principal.

data class SecurityPrincipal(
    val username: String,
    val role: Role,
    val firstName: String,
    val lastName: String,
    val uid: Long,
    val email: String?,
    val twoFactorAuthentication: Boolean?,
    val principalType: String?,
    val serviceAgreementAccepted: Boolean?,
    val organization: String?,

More information can be gathered from an auth service, using the username as a key.

username: String The unique username of this security principal.

This is usually suitable for display in UIs.

role: Role The role of the security principal
firstName: String The first name of the security principal. Can be empty.
lastName: String The last name of the security principal. Can be empty.
uid: Long A numeric unique identifier for this principal. The username is the preferred unique identifier.
email: String? The email of the user
twoFactorAuthentication: Boolean? A boolean flag indicating if the user has 2FA enabled for their user.

If the token does not contain this information (old tokens generated before field’s introduction) then this will be set to true. This is done to avoid breaking extended tokens. This behavior will should change in a future update.

All new tokens should contain this information explicitly.

principalType: String?
serviceAgreementAccepted: Boolean? A boolean indicating if the service agreement has been accepted
organization: String?