Hi! In the docs there is "access token payload", "...
# support-questions-legacyn
nitedani
02/18/2023, 3:47 PMHi! In the docs there is "access token payload", "jwt" and "When using SuperTokens our default session management solution will suffice for most use cases. You do not need to use JWTs unless you want to." Is the access token not a jwt by default? It's unclear to me. Then, is the payload some custom format?
r
rp_st
02/18/2023, 3:49 PMHey @nitedani
rp_st
02/18/2023, 3:49 PMThe access token is a stateless session cookie
rp_st
02/18/2023, 3:50 PMBut it’s a valid JWT
n
nitedani
02/18/2023, 3:50 PMso the claims are synced by supertokens for me?
r
rp_st
02/18/2023, 3:50 PMBy supertokens
n
nitedani
02/18/2023, 3:50 PMits not transferred in the payload
r
rp_st
02/18/2023, 3:50 PMIt is
rp_st
02/18/2023, 3:50 PMThe custom payload you add is added to our access token and to the JWT (if you have enabled the JWT feature)
n
nitedani
02/18/2023, 3:54 PMI can modify the access token payload and store custom state in it. How is it stateless? To me it seems it works just like a jwt.
r
rp_st
02/18/2023, 3:55 PMYea it is similar to a JWT. When i said stateless, i meant that the verification of it is stateless.
n
nitedani
02/18/2023, 3:58 PMI see. So the JWT part in the docs for if I wanted to parse/verify the access token with my custom logic, for example in an external service
r
rp_st
02/18/2023, 3:59 PMCorrect.
rp_st
02/18/2023, 3:59 PMIf you don't have any external service, you don't need to worry about the JWT stuff and can ignore that entire docs section.
3 Views