important
This is a contributors guide and NOT a user guide. Please visit these docs if you are using or evaluating SuperTokens.
supertokens-auth-reactDeprecate JWT option once the access token is a proper JWT itself
Status
This is just a proposal so far, it hasn't been accepted and needs further discussion.
- Status:
- proposed
- Deciders:
- rishabhpoddar, porcellus
- Proposed by:
- porcellus
- Created:
- 2022-10-25
- Last updated:
- 2023-01-02
Context and Problem Statement#
We want to make our access token into a valid JWT. So, in the future the jwt setting will be "replaced" with just setting the auth mode to header. We need to decide a deprecation/migration path.
Considered Options#
- Add deprecation warning if the jwt setting is turned on.
- Keep the jwt option.
Decision Outcome#
Once we make the entire access token into a JWT:
- Add deprecation warning with a migration link and set
exposeAccessTokenToFrontendInCookieBasedAuthto true. See here - Add a function to the FE to access the entire access token as a string.
Until then: the auth mode and jwt options are entirely independent, the jwt can be accessed through the access token payload in both auth modes.