Skip to main content

This is a contributors guide and NOT a user guide. Please visit these docs if you are using or evaluating SuperTokens.

Offline access can be disabled by overrides on the BE


This is just a proposal so far, it hasn't been accepted and needs further discussion.

rishabhpoddar, porcellus
Proposed by:

Context and Problem Statement#

We need to decide where/how a user can disable the refresh token flow (offline access) for a particular client

Considered Options#

  • Disabled by overrides on the BE
  • Defined during client creation

Decision Outcome#

Chosen option: Disabled by overrides on the BE

  • Simpler
  • We can add this switch later if required

Pros and Cons of the Options#

Disabled by overrides on the BE#

  • Simple
  • We can add a the switch later if required
  • Can be harder to use if the user only wants to disable it for specific clients
  • Defined during client creation#

  • No client DB required in the App (for this purpose)