Skip to main content
important

This is a contributors guide and NOT a user guide. Please visit these docs if you are using or evaluating SuperTokens.

Use the JWT recipe to create id-tokens

Status

This is just a proposal so far, it hasn't been accepted and needs further discussion.

Status:
proposed
Deciders:
rishabhpoddar, porcellus
Proposed by:
porcellus
Created:
2023-05-11

Context and Problem Statement#

We need to create id tokens

Considered Options#

  • Add them into oauth2 endpoints
  • Add a specific id token endpoint into oauth2
  • Use the existing JWT recipe

Decision Outcome#

Chosen option: Use the existing JWT recipe

  • Simplifies the OAuth2 recipe
  • There is nothing we need to validate/store about the id tokens
  • The overhead of multiple calls should be OK, since these are not often used operations + calls to the Core should be very quick

Pros and Cons of the Options#

Add them into oauth2 endpoints#

  • No new endpoint needed
  • Single request call for each operation
  • Bloats the response of those endpoints
  • Add a specific id token endpoint into oauth2#

  • No response body bloat
  • Requires adding a new endpoint
  • Multiple request calls per operation
  • Use the existing JWT recipe#

  • No response body bloat
  • No new endpoint needed
  • Simplifies the new recipe
  • Multiple request calls per operation