Skip to main content

This is a contributors guide and NOT a user guide. Please visit these docs if you are using or evaluating SuperTokens.

How to attach the auth mode preference to requests


This is just a proposal so far, it hasn't been accepted and needs further discussion.

rishabhpoddar, porcellus
Proposed by:

Context and Problem Statement#

We have to add the auth method choice (header or cookies) to requests.

Considered Options#

  • Reuse the rid header
  • New header
  • Cookie

Decision Outcome#

New header: st-auth-method values: header | cookie

Pros and Cons of the Options#

Reuse the rid#

  • No new config
  • Harder to communicate
  • The naming can be confusing
  • New header#

  • May require addition config/changing existing configs (e.g.: AWS, cors in some cases)
  • Easy to explain
  • Simple
  • Cookie#

  • We can't use cookies in all situations
  • Harder to use manually
  • Looking for older versions of the documentation?
    Which UI do you use?
    Custom UI
    Pre built UI