When using _auth.isAdmin() the validing is based on the backoffice session instead of JWT auth user. This causes a conflict between app and backoffice.
Ex: Let's assume the logged user in backoffice is of the admin group but the user logged with JWT auth is of the people group. When i use the resource _auth.isAdmin() that will return true instand false (it should be correct). In resume the backoffice session always replace the JWT Auth Claims when using _auth.isAdmin()
When using
_auth.isAdmin()the validing is based on the backoffice session instead of JWT auth user. This causes a conflict between app and backoffice.Ex: Let's assume the logged user in backoffice is of the admin group but the user logged with JWT auth is of the people group. When i use the resource
_auth.isAdmin()that will return true instand false (it should be correct). In resume the backoffice session always replace the JWT Auth Claims when using_auth.isAdmin()