Which frontend SDK do you use?

supertokens-web-js / mobile

supertokens-auth-react

Access Token Blacklisting

Once this feature is enabled, each session verification attempt will result in a database call. This will make sure that if session revocation has taken place, access tokens on the front end will be stop working immediately.

caution

On enabling this feature there will be a database call for each session verification attempt. This may slow down all of your API calls.

You can enable this feature by setting the value in the core config:

With Docker

 docker run \
    -p 3567:3567 \
    -e ACCESS_TOKEN_BLACKLISTING=true \ 
    -d registry.supertokens.io/supertokens/supertokens-<db_name>

Without Docker

# You need to add the following to the config.yaml file.
# The file path can be found by running the "supertokens --help" command

access_token_blacklisting: true

important

• Once updated, please make sure to restart the backend API layer which uses our backend SDK.
• For managed service, this values can be updated by visiting our dashboard.