Skip to main content

This is a contributors guide and NOT a user guide. Please visit these docs if you are using or evaluating SuperTokens.

Use a standard JWT verification lib on the BE


This is just a proposal so far, it hasn't been accepted and needs further discussion.

rishabhpoddar, porcellus
Proposed by:

Context and Problem Statement#

Since our access tokens will match standard JWTs, we can switch to using a jwt verification library with key caching instead of our own implementation.

Considered Options#

  • Keep using our own implementation
  • Switch to an external library

Decision Outcome#

We should switch to an external library

  • Our code gets smaller
  • We use the same method we will recommend to people if they aren't using our SDKs
  • The JWKs endpoint we use is the one exposed by the Core, since the one provided by the backend SDK could be disabled.
Looking for older versions of the documentation?
Which UI do you use?
Custom UI
Pre built UI