docs: README.md

kjdev · Mar 25, 2024 · 76bfc04 · 76bfc04
1 parent d231d88
commit 76bfc04
Showing 1 changed file with 34 additions and 0 deletions.
diff --git a/README.md b/README.md
@@ -95,6 +95,7 @@ location / {
 - [auth\_jwt\_require](#auth_jwt_require)
 - [auth\_jwt\_require\_claim](#auth_jwt_require_claim)
 - [auth\_jwt\_require\_header](#auth_jwt_require_header)
+- [auth\_jwt\_allow\_nested](#auth_jwt_allow_nested)
 
 <a name="auth_jwt"></a>
 ```
@@ -434,6 +435,39 @@ Specifies a requirement for header in jwt token.
 All possibilities of this directive are the same as for
 [auth\_jwt\_require\_claim](#auth_jwt_require_claim) above.
 
+<a name="auth_jwt_allow_nested"></a>
+```
+Syntax: auth_jwt_allow_nested [delimiter=string] [quote=string];
+Default: -
+Context: http
+```
+Allow access to nested claim/heders in jwt token.
+
+The optional `delimiter` parameter sets the nesting delimiter
+(default value is `.`).
+
+The optional `quote` parameter sets the quote character for the key
+(default value is `"`).
+
+> Examples:
+> ```
+> auth_jwt_allow_nested;
+> server {
+>   auth_jwt_require_claim grants.access eq allow;
+>   auth_jwt_require_claim '"grants.key"' eq dot;
+> }
+> ```
+>
+> JWT payload:
+> ```
+> {
+>   "grants": {
+>     "access": "allow"
+>   },
+>   "grants.key": "dot"
+> }
+> ```
+
 ### Embedded Variables
 
 The module supports embedded variables: