I'm using a custom UI, and I've broken the SuperTokens auth core / api out to a dedicated server ( it does not share the server with my application api ). If I wanted to go about securing the API as a microservice, is there good documentation on that?
The backend api should be able to verify the session coming from the front end, against the separate auth server.
05/06/2023, 4:56 AM
hey @Vaune_ for this, enable JWT based sessions, fetch the JWT on the frontend and add it to the request headers when calling your API.
Your api can then do regular JWT auth
05/06/2023, 4:42 PM
Thanks, will give it a shot!
Where can I get the verify signature when validating on the backend api?