fix: use NES user id for cli amplitude events by facundo-herodevs · Pull Request #526 · herodevs/cli

facundo-herodevs · 2026-03-24T18:04:50Z

Summary

This PR updates CLI analytics so Amplitude uses the NES user ID as the canonical user_id, matching the identifier used downstream by eol-api.

Updated CLI analytics identity resolution to use nes.identity from the JWT instead of relying on sub.
Normalized nes.identity so it works whether the claim is returned as a string or number.
Kept the existing behavior of not falling back to sub when nes.identity is missing.
Simplified the analytics identity flow in analytics.svc.ts by removing unnecessary intermediate mapping.
Removed the temporary auth_sub handling from the CLI after confirming the real access token used by the CLI does not include a sub claim.

Amplitude events emitted by the CLI now use the same canonical user identifier as eol-api.
CLI analytics no longer depend on Keycloak sub for user identification.
The implementation is smaller and more explicit about the source of truth for user_id.

fix: use NES user id for cli amplitude events

c5d0e60

facundo-herodevs requested a review from a team as a code owner March 24, 2026 18:04

jeremymwells approved these changes Mar 24, 2026

View reviewed changes

v3nant approved these changes Mar 24, 2026

View reviewed changes

facundo-herodevs merged commit e25556b into main Mar 25, 2026
12 checks passed

facundo-herodevs deleted the 664-fix-identity-id branch March 25, 2026 12:11