Replaces Auth0 and AWS Cognito with a self-hosted, database-agnostic authentication engine. Features session management with rotating refresh tokens to prevent token theft and mitigate XSS attacks.
Tech Stack
JavaBackend & Auth
Why supertokens-core?
• Prevents session hijacking via token rotation
• No vendor lock-in for user data
• Low latency due to local hosting
Limitations
• Requires managing database infrastructure
• Java dependency for the core service
• UI customization requires frontend work
3/6/2026
Last Update
644
Forks
153
Issues
Other
License
Financial Leak Detected
Stop the "SaaS Tax"
Your team could be burning cash. Switching to supertokens-core instantly boosts your runway.
