ContextQMD
Back to Medusa

{metadata.title}

www/apps/resources/app/commerce-modules/user/module-options/page.mdx

2.14.24.3 KB
Original Source

import { Table } from "docs-ui"

export const metadata = { title: User Module Options, }

{metadata.title}

In this guide, you'll learn about the options you can pass to the User Module.

Options Example

ts
module.exports = defineConfig({
  // ...
  modules: [
    {
      resolve: "@medusajs/medusa/user",
      options: {
        jwt_secret: process.env.JWT_SECRET,
        jwt_public_key: process.env.JWT_PUBLIC_KEY,
        valid_duration: 60 * 60 * 24, // 24 hours
        jwt_options: {
          algorithm: process.env.JWT_ALGORITHM || "RS256",
          issuer: process.env.JWT_ISSUER || "medusa",
        },
        jwt_verify_options: {
          algorithms: [process.env.JWT_ALGORITHM || "RS256"],
          issuer: process.env.JWT_ISSUER || "medusa",
        },
      },
    },
  ],
})

Environment Variables

Make sure to add the necessary environment variables for the above options to your .env file:

bash
JWT_SECRET=supersecret
# Optional: For asymmetric key validation
JWT_PUBLIC_KEY=your_public_key_here
JWT_ALGORITHM=RS256
JWT_ISSUER=medusa

All Options

<Table> <Table.Header> <Table.Row> <Table.HeaderCell>Option</Table.HeaderCell> <Table.HeaderCell>Description</Table.HeaderCell> <Table.HeaderCell className="w-[15%]">Required</Table.HeaderCell> <Table.HeaderCell className="w-[15%]">Default</Table.HeaderCell> </Table.Row> </Table.Header> <Table.Body> <Table.Row> <Table.Cell> 
  `jwt_secret`
  
  </Table.Cell>
  <Table.Cell>
  
  A string indicating the secret used to sign the invite tokens.
  
  </Table.Cell>
  <Table.Cell>
  
  Yes
  
  </Table.Cell>
  <Table.Cell>
  
  \-
  
  </Table.Cell>
</Table.Row>
<Table.Row>
  <Table.Cell>
  
  `jwt_public_key`
  
  </Table.Cell>
  <Table.Cell>
  
  A string indicating the public key used to verify JWT tokens when using asymmetric validation. Only used when the JWT secret is a private key for asymmetric signing.

  Learn more in the [Asymmetric Encryption](!docs!/learn/configurations/medusa-config/asymmetric-encryption) guide.
  
  </Table.Cell>
  <Table.Cell>
  
  No
  
  </Table.Cell>
  <Table.Cell>
  
  \-
  
  </Table.Cell>
</Table.Row>
<Table.Row>
  <Table.Cell>
  
  `valid_duration`
  
  </Table.Cell>
  <Table.Cell>
  
  A number indicating the duration in seconds that an invite token is valid. This is used to set the expiration time for invite tokens.
  
  </Table.Cell>
  <Table.Cell>
  
  No
  
  </Table.Cell>
  <Table.Cell>
  
  `86400` seconds (`1` day)
  
  </Table.Cell>
</Table.Row>
<Table.Row>
  <Table.Cell>
  
  `jwt_options`
  
  </Table.Cell>
  <Table.Cell>
  
  An object containing options for signing JWT tokens when using asymmetric signing with a private/public key pair. Accepts any options from [jsonwebtoken's SignOptions](https://github.com/auth0/node-jsonwebtoken#usage), such as `algorithm`. If `expiresIn` is provided here, it will be used as a fallback if `valid_duration` is not set.

  Learn more in the [Asymmetric Encryption](!docs!/learn/configurations/medusa-config/asymmetric-encryption) guide.
  
  </Table.Cell>
  <Table.Cell>
  
  No
  
  </Table.Cell>
  <Table.Cell>
  
  `{}`
  
  </Table.Cell>
</Table.Row>
<Table.Row>
  <Table.Cell>
  
  `jwt_verify_options`
  
  </Table.Cell>
  <Table.Cell>
  
  An object containing options for verifying JWT tokens when using asymmetric validation with a private/public key pair. Accepts any options from [jsonwebtoken's VerifyOptions](https://github.com/auth0/node-jsonwebtoken#jwtverifytoken-secretorpublickey-options-callback), such as `algorithms`. If not provided, the `jwt_options` will be used for verification.

  Learn more in the [Asymmetric Encryption](!docs!/learn/configurations/medusa-config/asymmetric-encryption) guide.
  
  </Table.Cell>
  <Table.Cell>
  
  No
  
  </Table.Cell>
  <Table.Cell>
  
  Value of `jwt_options`
  
  </Table.Cell>
</Table.Row>

</Table.Body>

</Table>