SuperTokens is an open source authentication solution offering features like: Different types of login: Email / password, Passwordless (OTP or Magic link based).

SuperTokens.com

Hey I'm trying to find out a bit more information about how JWT expiry with regards to the refresh token flow. Is all of this seamless so that I'll end up getting new JWT updated every ~1 hour with the refresh flow happening implicitly in the backend?

For context, I'm trying to figure out how to properly handle subscriptions with Hasura where the token is only passed during the initial Websocket handshake

Yea. It is seamless. You get a new JWT automatically due to refreshing.

Thanks <@498057949541826571>! Can I control how long the access token is valid for? I'd like to do some experiments with much shorter lived tokens so that I can verify the correct behavior for cleaning up websocket connections once a new JWT is available

Yes. See this please: https://supertokens.com/docs/session/common-customizations/sessions/change-session-timeout