Understood. Is there a way to disable that feature in Hasura and do token validation within the API itself? The end effect will be the same that if a user calls an API which needs a session but the user has not provided one, they will get a 401 error