Scribd
Upload
58 views

Super Tokens Code Data Reference

This document discusses SuperTokens, an end-to-end and secure session management solution. It is organized into modules called recipes that handle different parts of authentication. Recipes can be added and initialized to implement full authentication and authorization. SuperTokens also supports ReactJS and NestJS. It allows for customization by overriding feature methods. The document also covers session management with SuperTokens across different subdomains or tenants, and integrating roles and permissions.

Uploaded by

aaron
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
58 views

Super Tokens Code Data Reference

This document discusses SuperTokens, an end-to-end and secure session management solution. It is organized into modules called recipes that handle different parts of authentication. Recipes can be added and initialized to implement full authentication and authorization. SuperTokens also supports ReactJS and NestJS. It allows for customization by overriding feature methods. The document also covers session management with SuperTokens across different subdomains or tenants, and integrating roles and permissions.

Uploaded by

aaron
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 3

Super Tokens

Introduction
Frontend and Backend
Session Management
Problems
Supertokens with BoxyHQ
Roles and Permissions

Introduction
→ SuperTokens are the end-to-end and secure session management solution for
web and mobile applications.

→ Easy to implement Authentication and Authorization and it uses cookies that


contain access token and refresh tokens.

→ Super Tokens perform many Authentication in many ways

1. It provides recipes to continue into authentication

a. Recipes - Supertokens are organized into modules that handles the


specific part of overall authentication experience, these modules are
called recipes

2. Adding and initializing these recipes in our application drives us to implement


the whole authentication and authorization.

3. It has support to ReactJS as well as NestJS

→ Easy to integrate, also it provides us to override the feature methods which leads
to customization.

Super Tokens 1
Frontend and Backend
Frontend

Backend

Session Management
Case 1 :

If both scheduler and planner have different session.(one-login-per-subdomain).

Note: Both product have same credentials for login, with different session
means need to logic again for different product.

a) can keep x-tenant-id in accessTokenPayload or in headers


Case 2 : If both scheduler and planner same shared session.(one-login-many-
subdomains)
Approach 1

a. Cannot keep x-tenant-id in accesstokenpayload because both can have


different x-tenant-id for same tenant. But we can keep company/tenant name
in accessTokenpayload and will use that in backend.
Approach 2

Super Tokens 2
a. Scheduler and Planner frontend can fetch it’s tenant_info(x-tenant-id) post
login, and intercept every request and pass x-tenant-id in headers .

Problems
role of tenant in saml jackson

tenant config in supertoken db

usage of hook - replication of previous approach

Supertokens with BoxyHQ


Supertokens with SAML

Roles and Permissions


CASL Integration

Integration With BoxyHQ with SSO

Super Tokens 3

You might also like