I was looking for a very similar use case, with a couple exceptions:
- I know my auth method accessor
- I have multiple aliases from the same auth method accessor tied to a single entity
- When using {{identity.entity.aliases.auth_jwt_abcdef12.metadata.meta_key}} it returns the value from the first alias in the entity’s alias map, not the value from the alias that generated the token.
- I figured a workaround would be something similar to what OP has suggested, making a policy templating value available where {{token.meta.meta_key}} could be referenced safely assuming all auth methods were managed solely by the administration team or measures were taken using
allowed_parametersin a delegation model.
Anyway it doesn’t seem like it’s available, and it would certainly fill at least two use cases.