Will the "Sub" claim in Auth0 JWT always be unique?
I just have a quick question Auth0. I looked at everything, but the more I look, the more embarrassed.
In the JWT payload that Auth0 gives me when I log in, there is a Sub requirement similar to this "sub": "facebook | 123456789".
I'm just wondering if sub will always be unique and if I can use it as a kind of foreign key in my database to link users to different tables.
source to share
Sub, short for subject, in this case is the user id for the normalized user profile representing the user in Auth0.
Here facebook | 123456789 is a connection strategy (a social connection like facebook in your example), supplied with a facebook id for the user (which came from facebook). However, keep in mind that when setting up facebook when setting up a connection, you are actually setting up a connection to a specific Facebook app (app id and app secret that you set up in Auth0 for this connection strategy). In short, for a single facebook type connection strategy defined in social connections in Auth0 Dashboard - then yes, it would be unique and could be the correlation identifier of a separate data store with rich information about that user profile, etc.
Just keep in mind if you were to create another separate app defined on Facebook and then set up a new Facebook to Facebook connection and also log in with the same user - they will almost certainly get a different sub since the facebook user will be different. For example, it could be facebook | 987654321 etc.
source to share