Access Token Blacklisting
Once this feature is enabled, each session verification attempt will result in a database call. This will make sure that if session revocation has taken place, access tokens on the front end will be stop working immediately.
On enabling this feature there will be a database call for each session verification attempt. This may slow down all of your API calls.
You can enable this feature by setting the value in the core config:
- With Docker
- Without Docker
docker run \
-p 3567:3567 \
-e ACCESS_TOKEN_BLACKLISTING=true \
# You need to add the following to the config.yaml file.
# The file path can be found by running the "supertokens --help" command
- Once updated, please make sure to restart the backend API layer which uses our backend SDK.
- For managed service, this values can be updated by visiting our dashboard.