What is SuperTokens?
SuperTokens is the most secure solution for user session management – enabling robust prevention and detection of attacks.
SuperTokens mitigates against all types of attacks (XSS, MITM, session fixation, CSRF, etc) and is unique in its ability to reliably detect session theft (as per the official OAuth 2.0 specifications in RFC 6819). The library has solved the scalability, race conditions, and failure issues usually associated with this.
It can be rapidly integrated within a few days.

What is user session management?
Digital services (eg: Facebook, slack etc) store authentication tokens on the user’s device – enabling the user to access the service without needing to use their login credentials on every API request. Session management is the system through which these tokens are created, stored and validated.

Whats the problem?
A stolen token can provide significant access to a user’s account and these tokens are far more susceptible to theft than passwords (they have a much higher frequency of transit and are stored on the frontend). Session management is incredibly important and several notable hacks have occurred as a result of token theft (Docker Hub ~200k accounts compromised, Facebook 50-90M accounts compromised). Many companies implement a very basic session management flow due to the pressure of product timelines with security becoming a low order priority.

Additional Info

Founder(s)Advait Ruia
Bootstrapped or Raised?Bootstrapped
Team Size10
Year Founded2019
Company TaglineThe new standard for session management
HiringYes