So that would throw an error in case of a session refresh is needed. The error should then go straight to the error handling logic here: https://supertokens.com/docs/thirdpartyemailpassword/nestjs/guide#6-add-the-supertokens-error-handler I wonder why it would call the graphql part at all in this case..