Skip to main content
important

This is a contributors guide and NOT a user guide. Please visit these docs if you are using or evaluating SuperTokens.

Handling statically and dynamically configured clients list for each provider

Status

This is just a proposal so far, it hasn't been accepted and needs further discussion.

Status:
proposed
Deciders:
rishabhpoddar, sattvikc
Proposed by:
sattvikc
Created:
2022-12-08

Context and Problem Statement#

For each provider, we allow a list of clients to be configured. Each client refers to the credentials to be used with a particular clientType, such as web, mobile, etc.

When a provider is declared statically in the code and also add in the core, we now have two lists of clients. How do we consolidate it?

Considered Options#

  • Use the clients list from the core
  • Merge the static list and the list from the core using clientType

Decision Outcome#

Chosen option: Merge the static list and the list from the core using clientType, because

  • When a same set of client configs are used across sevaral tenants, it can be statically declared and not added in the core.
  • Easy to override the client config, if it needs to be changed for a particular tenant and/or for a particular clientType.

Pros and Cons of the Options#

Use the clients list from the core#

In this approach, we just ignore the clients list in the static config and just use the list from the core.

  • Clients list must be duplicated in core for each tenant, even if using the same set of client configs across several tenants.

    • Merge the static list and the list from the core using clientType#

    In this approach, we start with the static clients list and do the following:

    For each client config in the core, we check if there is a client config with the same clientType in the static list. If there is, we replace the entire client object with the one coming from the core. If there is no client config with the same clientType, we add the client config from the core to the list.

  • Can declare unchanging clients list in the code and add the changing ones in the core
  • We may end up with extra clients from the static list, which may not be used by a particular tenant

    • Example

    if the static config has following clients:

    {
      thirdPartyId: "google",
      clients: [
        {
          clientType: "web",
          clientId: "clientid1",
          clientSecret: "clientsecret1"
        },
        {
          clientType: "mobile",
          clientId: "clientid2",
          clientSecret: "clientsecret2"
        },
      ]
    }

    and the core has the following clients, for a particular tenant:

    {
      thirdPartyId: "google",
      clients: [
        {
          clientType: "web",
          clientId: "clientid_tenant1",
          clientSecret: "clientsecret_tenant1"
        },
      ]
    }

    The consolidated clients list use would be:

    {
      thirdPartyId: "google",
      clients: [
        {
          clientType: "web",
          clientId: "clientid_tenant1",
          clientSecret: "clientsecret_tenant1"
        },
        {
          clientType: "mobile",
          clientId: "clientid2",
          clientSecret: "clientsecret2"
        },
      ]
    }
    Which frontend SDK do you use?
    supertokens-web-js / mobile
    supertokens-auth-react