Hey, when setting custom claims in the access toke...
# support-questions
j
Hey, when setting custom claims in the access token where is the best place to do that? Using refreshPOST override, or make it a side effect in an api call which is called by the frontend as part of the login process? I've been reading through the docs and I can see a few examples of doing it for a /login route but just struggling to understand is that overriding a login route provided ootb by supertokens or is it in addition to the normal flows?
r
The best place would be to override the createNewSession function in the session.init config
j
Is there an example somewhere in the docs for that?
j
Whats the difference between thirdpartyemailpassword vs emailpassword?
Out of interest, and thanks!
Not sure how I missed this, obvious in hindsight
r
Thirdpartyemailpassword has social login + email password login