docs: fix auth config and rhai examples

- The router config should be `authentication.jwt` rather `authentication.router.jwt` - In Rhai, it is `request[.subgraph].body.extensions`, the examples were missing the `.body` - Fix link to rhai example for forwarding headers
apollographql · Sep 8, 2023 · 46059ee · 46059ee
1 parent b6164b3
commit 46059ee
Showing 1 changed file with 10 additions and 12 deletions.
diff --git a/docs/source/configuration/authn-jwt.mdx b/docs/source/configuration/authn-jwt.mdx
@@ -43,15 +43,14 @@ You enable JWT authentication for your router with the following steps:
 
     ```yaml title="router.yaml"
     authentication:
-      router:
-        jwt:
-          jwks: # This key is required.
+      jwt:
+        jwks: # This key is required.
           - url: https://dev-zzp5enui.us.auth0.com/.well-known/jwks.json
             issuer: <optional name of issuer>
 
-          # These keys are optional. Default values are shown.
-          header_name: Authorization
-          header_value_prefix: Bearer
+        # These keys are optional. Default values are shown.
+        header_name: Authorization
+        header_value_prefix: Bearer
     ```
 
     These options are documented [below](#configuration-options).
@@ -204,7 +203,7 @@ fn process_request(request) {
         status: 401
       };
     }
-    request.subgraph.extensions["claims"] = claims;
+    request.subgraph.body.extensions["claims"] = claims;
 }
 ```
 
@@ -280,10 +279,9 @@ For example, if you use this [router configuration](./overview#yaml-config-file)
 
 ```yaml title="router.yaml"
 authentication:
-  router:
-    jwt:
-      jwks:
-        - url: "file:///etc/router/jwks.json"
+  jwt:
+    jwks:
+      - url: "file:///etc/router/jwks.json"
 
 coprocessor:
   url: http://127.0.0.1:8081
@@ -650,7 +648,7 @@ This matching strategy is necessary because some identity providers (IdPs) don't
 
 ## Forwarding JWTs to subgraphs
 
-Because the Apollo Router handles validating incoming JWTs, you rarely need to pass those JWTs to individual subgraphs in their entirety. Instead, you usually want to [pass JWT _claims_ to subgraphs](#example-forwarding-claims-to-subgraphs) to enable fine-grained access control.
+Because the Apollo Router handles validating incoming JWTs, you rarely need to pass those JWTs to individual subgraphs in their entirety. Instead, you usually want to [pass JWT _claims_ to subgraphs](#example-forwarding-claims-to-subgraphs-as-headers) to enable fine-grained access control.
 
 If you _do_ need to pass entire JWTs to subgraphs, you can do so via the Apollo Router's general-purpose [HTTP header propagation settings](./header-propagation).