You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
if someone is using another auth provider and supertokens (in cookie mode), and if in a request they add the other provider's token, and it sends back a 401, this will cause an infinite refresh loop if they are doing the other provider's auth in that API that is sending a 401.
This is a developer error mostly cause their API should not return a 401 or cause they are using the other provider's access token even if a supertokens' session exists.
We decided that we will add a limit on how many refreshes are done - 3 at max.
The text was updated successfully, but these errors were encountered:
if someone is using another auth provider and supertokens (in cookie mode), and if in a request they add the other provider's token, and it sends back a 401, this will cause an infinite refresh loop if they are doing the other provider's auth in that API that is sending a 401.
This is a developer error mostly cause their API should not return a 401 or cause they are using the other provider's access token even if a supertokens' session exists.
We decided that we will add a limit on how many refreshes are done - 3 at max.
The text was updated successfully, but these errors were encountered: