Hi,
The session object we create in the GW for this request is on the user (const subjectClaimName = “sub”),
But in Tyk we use a policy to manage a collection of tyk’s generated keys (manage Rate-limit, Quota and ACL), so in a similar manager we will manage the jwts. All the users of a certain client_id will share the same policy, i.e same Rate-limit, Quota and ACL.
This is the place in the code tyk/mw_openid.go at 90fab7335a3eb16091b2fb4298523f4454ad33e0 · TykTechnologies/tyk · GitHub, feel free to verify that.