I’m thinking about the best way to change the users session object permanently so the changes are also reflected and available in custom services/scripts.
As I didnt find anything in this direction in the Wiki, I assume I would have to hook into user.session.post.post_process
and decode the JWT, then add my fields and rebuild the JWT and sign it with the help of the APP_KEY (?).
The idea behind is to enrich the session info during login with some user-IDs not related to DF. This way they dont have to be fetched everytime in the custom services when making calls towards external REST services which need those IDs rather than the users email. So ultimately, it would save one rather frequent API call.
I know I could utilize DFs “customs” for this but that would also cause an additional DB call, right ?
Is manipulating the JWT directly the best approach or did I miss sth and its much easier?