Session token does not contain sub claim

Technical Q&A

Topic summary

A developer is unable to retrieve the “sub” claim (customer ID) from session tokens when building a Customer Account UI Extension, despite following official documentation.

Configuration attempted:

  • Added read_customers scope to app’s TOML file
  • Enabled api_access and network_access in extension’s TOML capabilities
  • Used useApi hook from @shopify/ui-extensions-react/customer-account to fetch session token

Issue:
When decoding the retrieved token with jwt.io, the “sub” claim is missing, contrary to what the official documentation indicates should be present. The developer has already redeployed and reinstalled the app multiple times without resolution.

Status: The issue remains unresolved with no responses yet. An image showing the decoded token structure is included to illustrate the missing claim.

Summarized with AI on October 27. AI used: claude-sonnet-4-5-20250929.
1

Hey,

Developing Customer Account UI Extension using official docs and I cannot get “sub” claim in session token. Before I receive standard “redeploy & reinstall it” response - done it multiple times already, did not make any difference.

I have specified “read_customers” scopes in app’s TOML file:

...
[access_scopes]
scopes = "read_customers"
...

I have specified below configuration in extension’s TOML file:

...
[extensions.capabilities]
api_access = true
network_access = true
...

And when executing below snippet:

...
import { useApi } from "@shopify/ui-extensions-react/customer-account";

const { sessionToken } = useApi();
sessionToken.get().then(token => console.log("Token:", token));
...

and decoding with jwt.io, it does not contain “sub” claim that should contain customer’s ID as described in docs here and here.

TristanGlt_0-1748844514430.png
TristanGlt_0-1748844514430.png325×527 18.2 KB

1 Like