Skip to main content
important

This is a contributors guide and NOT a user guide. Please visit these docs if you are using or evaluating SuperTokens.

Disable anti-csrf checks in header based auth

Status

This is just a proposal so far, it hasn't been accepted and needs further discussion.

Status:
proposed
Deciders:
rishabhpoddar, porcellus
Proposed by:
porcellus
Created:
2022-10-25

Context and Problem Statement#

We can disable anti-csrf checks in header based auth, because we already have extra headers to make sure it's not csrf.

Considered Options#

  • Leave in place
  • Disable

Decision Outcome#

Disable, since it simplifies usage.

Which frontend SDK do you use?
supertokens-web-js / mobile
supertokens-auth-react