Skip to main content
important

This is a contributors guide and NOT a user guide. Please visit these docs if you are using or evaluating SuperTokens.

Core

This is a http microservice written in Java and is responsible for interfacing with the db and providing a set of APIs (CDI spec) that the backend SDK can use. The primary purpose of this SDK is to:

  • Reading / writing to the db
  • A lot of the "core" logic
    • For example, how the session tokens are created
    • The db query logic to make sure that there are no duplicate userIds being created
    • Cronjobs to remove sessions that have expired.
    • Storing and verifying password hashes (and salt).
  • Provide an in memory db (using SQLite) that implements the plugin interface - so that users can quickly get started without actually connecting it to a db. This also helps with testing.

For the various operations need to interface with the db, and that is done via an interface called the plugin interface.

Which frontend SDK do you use?
supertokens-web-js / mobile
supertokens-auth-react