Access token blacklisting
- Access token blacklisting allows immediate logout of the user using that session, regardless of the access token's lifetime, effectively the access token is invalidated.
- Enabling this feature does not take up any extra database space, but will result in a performance penalty due to a database query for each API call that requires authentication.
Usage
To enable access token blacklisting in SuperTokens, it must be enabled in the core.
docker run \
-p 3567:3567 \
-e ACCESS_TOKEN_BLACKLISTING=true \
-d supertokens/supertokens-<db name>
# You need to add the following to the config.yaml file.
# The file path can be found by running the "supertokens --help" command
access_token_blacklisting: true