Skip to main content
important

This is a contributors guide and NOT a user guide. Please visit these docs if you are using or evaluating SuperTokens.

How to attach the auth mode preference to requests

Status

This is just a proposal so far, it hasn't been accepted and needs further discussion.

Status:
proposed
Deciders:
rishabhpoddar, porcellus
Proposed by:
porcellus
Created:
2022-10-25

Context and Problem Statement#

We have to add the auth method choice (header or cookies) to requests.

Considered Options#

  • Reuse the rid header
  • New header
  • Cookie

Decision Outcome#

New header: st-auth-method values: header | cookie

Pros and Cons of the Options#

Reuse the rid#

  • No new config
  • Harder to communicate
  • The naming can be confusing
  • New header#

  • May require addition config/changing existing configs (e.g.: AWS, cors in some cases)
  • Easy to explain
  • Simple
  • Cookie#

  • We can't use cookies in all situations
  • Harder to use manually