This is a contributors guide and NOT a user guide. Please visit these docs if you are using or evaluating SuperTokens.
This is just a proposal so far, it hasn't been accepted and needs further discussion.
Since our access tokens will match standard JWTs, we can switch to using a jwt verification library with key caching instead of our own implementation.
- Keep using our own implementation
- Switch to an external library
We should switch to an external library
- Our code gets smaller
- We use the same method we will recommend to people if they aren't using our SDKs
- The JWKs endpoint we use is the one exposed by the Core, since the one provided by the backend SDK could be disabled.