import SuperTokens from 'supertokens-website'; let payload = await SuperTokens.getJWTPayloadSecurely();
let payload = await supertokens.getJWTPayloadSecurely();
Promise<JSON object> or throws an error in case reading failed.
- This does not read from the access token, since that is in
httpOnlycookie. Instead, it reads from another token that contains a copy of the payload in the access token.
- This is not a security issue since the access token payload by itself is not enough to grant access to an API.