TeamFromToken returns the cloud team (`tm` claim) embedded in a cqpd_ token, or "" if absent/malformed. The CLI uses it to target the team-scoped plugin-download / usage endpoints (and premium entitlement) from the token alone — no `cloudquery login`. Read without verifying the signature; cloud stil
(token string)
| 239 | // alone — no `cloudquery login`. Read without verifying the signature; cloud |
| 240 | // still authenticates the token. |
| 241 | func TeamFromToken(token string) string { |
| 242 | _, team := decodeCQPDClaims(token) |
| 243 | return team |
| 244 | } |
| 245 | |
| 246 | // decodeCQPDClaims reads the unverified claims payload of a cqpd_ token. The CLI |
| 247 | // only needs routing/identity hints (api_url, team) to decide where and as whom |