Skip to main content
important

This is a contributors guide and NOT a user guide. Please visit these docs if you are using or evaluating SuperTokens.

Deprecate JWT option once the access token is a proper JWT itself

Status

This is just a proposal so far, it hasn't been accepted and needs further discussion.

Status:
proposed
Deciders:
rishabhpoddar, porcellus
Proposed by:
porcellus
Created:
2022-10-25

Context and Problem Statement#

We want to make our access token into a valid JWT. So, in the future the jwt setting will be "replaced" with just setting the auth mode to header. We need to decide a deprecation/migration path.

Considered Options#

  • Add deprecation warning and throw an error if the jwt setting is turned on.
  • Keep the jwt option.

Decision Outcome#

Once we make the entire access token into a JWT:

  • Add deprecation warning and throw an error if the jwt setting is turned with a migration link.
  • Add a function to the FE to access the entire access token as a string.

Until then: the auth mode and jwt options are entirely independent, the jwt can be accessed through the access token payload in both auth modes.

Which frontend SDK do you use?
supertokens-web-js / mobile
supertokens-auth-react