Introducing SuperTokens: The Open-Source Auth Alternative That Is Easy to Self-Host

Introducing SuperTokens: The Open-Source Auth Alternative That Is Easy to Self-Host

Ashutosh Mishra's photo
Ashutosh Mishra
·Mar 30, 2022·

5 min read

Subscribe to my newsletter and never miss my upcoming articles

Listen to this article

Table of contents

Authentication and building a secure connection between two parties to pass information freely and securely have always been a part of human history. From secret code languages, specific sounds to modern identification numbers like Aadhar, all are efforts of the human mind to authenticate the right party.

This effort to authenticate the right person continued even after the invention of the web and we saw the rise of passwords, OTPs, biometrics, etc. as the different options to authenticate the user on the web.

As the internet evolved and the need for authentication raised even more, various user auth products like Firebase and AuthO came into play to make the process of authenticating users on the web smoother. The latest addition to the list of such excellent user auth products is SuperTokens.

What is SuperTokens?

homepage.png

  • SuperTokens is an open source user authentication alternative to AuthO, Firebase, AWS Cognito, etc. that is easy to self host and implement.

  • It provides a superfast and seamless implementation process for developers to quickly setup their authentication.

  • From the last few months, SuperTokens has been growing continuously not only with its product but also in its popularity and adoption.

  • In this month alone, it has achieved 5k stars on GitHub, been trending on GitHub in the Java category, and was featured by Fireship as one of the 10 very promising open source projects.

Features of SuperTokens

1. Open Source

This… pic.twitter.com/58SIkKsUV8

— SuperTokens (@supertokensio) January 29, 2022

Believe it or not, having open source technologies in your project is an added advantage, both for you and the developer community in general.

Open source projects are more secure, trustworthy, flexible, and less expensive than proprietary software.

I think, fundamentally, open source does tend to be more stable software. It's the right way to do things - Linus Torvalds

Apart from that, you always have the option to modify the open source software according to your need, the one which you lack in the proprietary world.

2. Customizable Frontend Themes

SuperTokens provides a fully customizable frontend UI with 4 default themes-

  • Default Theme

signin-default.png

  • Dark Theme

signin-dark.png

  • Hydrogen Theme

signin-hydrogen.png

  • Helium Theme

signin-helium.png

3. Quick Implementation

In today's fast paced world, having speed is a great necessity. This is one of the most amazing benefits of using SuperTokens. You don't have to wait for hours setting up your auth. 9 out of 10 developers finish their setup in under 45 minutes. I personally have implemented the email password login in under 10 minutes for my last project.

4. Multiple Recipes

According to SuperTokens, "A recipe is one independent auth module that can be consumed "as is". It can be consumed by users in their app, or by other recipes."

For example, the session recipe can be used as is in an app to provide its session management, but it is also used by other recipes (like email password / third party / email verification) (Source: SuperTokens)

Currently, SuperTokens offers 5 different recipes:

  1. Passwordless
  2. Email Password + Social Login
  3. Only Email Password Login
  4. Only Social Login
  5. Only Session Management

5. Self Host or Managed Service

You can self host SuperTokens auth entirely with Docker or without Docker(binary installation) using MySQL, PostgreSQL, or MongoDB as the database(SuperTokens don't offer login functionality with MongoDB yet, only session management).

The other option is using the SuperTokens Managed Service. To exploit this option, you have to first create a development environment.

  1. To do so, first sign up to SuperTokens.
  2. Select your region and follow the instructions until you land on your main dashboard. Here, you will be shown your connectionURI and API key.
  3. Connect your connectionURI and API key to your backend and follow the steps required to setup your favorite recipe.

Current SuperTokens recipes

1. Passwordless

passwordless.png

  • ✅ Sign in / up with OTP or/and magic link via SMS or email
  • ✅ Secure session management
  • ✅ Customise email or SMS
  • ✅ Integrate with your own email / SMS sending service

2. Email Password + Social Login

thirdpartyemailpassword.png

  • ✅ Sign-up / Sign-in with email and password or with OAuth 2.0 providers (Like Google, Facebook, etc.)
  • ✅ Forgot password flow using email
  • ✅ Secure session management
  • ✅ Email verification

3. Only Email Password Login

onlyemaillogin.png

  • ✅ Sign-up / Sign-in with email ID and password
  • ✅ Forgot password flow using email
  • ✅ Secure session management
  • ✅ Email verification

4. Only Social Login

onlysociallogin.png

  • ✅ Sign-up / Sign-in with OAuth 2.0 providers (Like Google, Facebook, etc.)
  • ✅ Secure session management
  • ✅ Email verification

5. Only Session Management

onlysessionmanagmenet.png

  • ✅ Session management (access token + rotating refresh tokens)
  • ✅ Read / Add / Edit user roles in your APIs and the frontend
  • ✅ Protect website routes that need authentication
  • ✅ Sign out feature
  • ✅ Ban / Unban users and revoke sessions

How SuperTokens work?

  1. SuperTokens has a frontend, backend, and core. These three communicate with each other to implement the complete authentication.

one.png

  1. SuperTokens frontend provides you prebuilt UI for various recipes which you can add to your website.

two.png

  1. Backend SDK adds authentication APIs to your backend. E.g: Sign in, Sign up. The Backend SDK is within your API layer.

three.png

  1. Frontend SDK calls the APIs exposed by the Backend SDK.

four.png

  1. SuperTokens core is a separate instance that contains the core logic for the auth. You can either run it at your own server or host it with SuperTokens.

five.png

  1. Backend SDK calls the core to persist user data.

six.png

Upcoming Features

This is just the beginning of the journey and SuperTokens as a product will improve a lot in the coming months and bring many more amazing features to the product.

If you liked what SuperTokens is doing and want to help the product grow, consider upvoting for the features you like on the Product Roadmap page and you will be notified once the feature goes live.

Currently, SuperTokens is also working on the 2-factor authentication feature.

Need more Updates?

If you became a SuperTokens fan after reading this blog post and want to know more about the product, checkout SuperTokens.com

Checkout current recipes here and give SuperTokens a star on GitHub.

For any other questions or queries, visit our Discord server

 
Share this