Skip to main content
important

This is a contributors guide and NOT a user guide. Please visit these docs if you are using or evaluating SuperTokens.

Validation of AdditionalConfig of a provider config in the core

Status

This is just a proposal so far, it hasn't been accepted and needs further discussion.

Status:
proposed
Deciders:
rishabhpoddar, sattvikc
Proposed by:
sattvikc
Created:
2022-12-08

Context and Problem Statement#

Should the additionalConfig (provider specific) (such as hd for google workspaces, keyId, teamId etc for apple) validated in core, while adding or updating them?

Considered Options#

  • Yes, Validate in core
  • No provider specific validation in core

Decision Outcome#

Chosen option: Yes, Validate in core, because

  • Reduces run time error by ensuring that the correct config is added to the database
  • No major drawback of this approach

Pros and Cons of the Options#

Yes, Validate in core#

This means that the core will validate the provider specific additionalConfig, before saving in the database. Also, adding a noVerify flag to the core API to let the user skip the validation.

  • Reduces run time error by ensuring that the correct config is added to the database
  • If core is not upgraded, configs for newly supported providers will not be validated. This is equivalent to the other option under consideration and doesn't prove to be a major disadvantage

    • No provider specific validation in core#

  • Lesser development effort
  • Likely to cause more run time errors due to invalid configs stored in the core
    • Which frontend SDK do you use?
    supertokens-web-js / mobile
    supertokens-auth-react