[Open this suggestion in Promptless to view citations and reasoning
process](https://app.gopromptless.ai/change-history/ea7c7471-778d-42ea-9845-fa380f013560)
Documents the new `is_restricted` and `restricted_reason` JWT claims
introduced for the onboarding/restricted users feature. Updates the JWT
documentation to explain these fields in the claims section, adds them
to the example payload, documents the restricted user token structure,
and adds the `include_restricted` JWKS parameter for manual token
verification.
### Trigger Events
<details>
<summary><a
href="e400985754...de0f937f46">stack-auth/stack-auth
commit (dev): de0f937 [CHANGELOG] - 2026.01.21</a></summary>
<br>
**Promptless Research** (1 webpage, 1 GitHub PR)
- [Read webpage from
github.com](e400985754...de0f937f46)
- [Reviewed
stack-auth/stack-auth#1069](https://github.com/stack-auth/stack-auth/pull/1069)
**Agent Response**
> I've completed my analysis of the changelog entry and created the
necessary documentation update.
>
> ## Summary
>
> After reviewing the changelog entry for **2026.01.21**, I identified:
>
> ### Already Covered by Existing Suggestions
> The payment-related items were already documented by existing
suggestions:
> - **Payments Settings page** → covered by the "Document payment
settings" suggestion
> - **Subscription renewal emails** → covered by the "Document payment
email templates" suggestion
> - **Invoice visibility** → covered by the "Document invoice listing
feature" suggestion
>
> ### New Documentation Created
> I created a new suggestion to address the remaining item: **"Updated
JWT documentation to include `isRestricted` and `restrictedReason`"**
>
> The suggestion updates the JWT Tokens documentation with:
> - **New claims documentation**: Added `is_restricted` (boolean) and
`restricted_reason` (nullable object with `type` field) to the Stack
Auth Specific Claims section
> - **Updated example payload**: Added the new fields to the example JWT
payload
> - **Restricted user tokens**: Documented how restricted user tokens
differ (`:restricted` audience suffix)
> - **JWKS parameter**: Added documentation for the
`include_restricted=true` parameter in the Manual JWT Verification
section
>
> These fields were introduced in PR #1069 "Onboarding app & restricted
users" to support the new onboarding flow where users who haven't
completed requirements (like email verification) are marked as
"restricted."
</details>
---
**Help us improve Promptless** — If this suggestion missed the mark,
please [share quick
feedback](https://app.gopromptless.ai/change-history/ea7c7471-778d-42ea-9845-fa380f013560?openFeedback=1).
*If you want Promptless to make further changes on this PR, feel free to
leave a comment tagging Promptless (It won't show up in the user drop
down but Promptless will get it!)*
---------
Co-authored-by: promptless[bot] <179508745+promptless[bot]@users.noreply.github.com>
Co-authored-by: Madison <madison.w.kennedy@gmail.com>
59b834ae4b