SuperTokens
Powered by JAIRF v1.0.0 by Jentic · open methodology at /the-headless-index/methodology
Scorecard detail
SuperTokens is open-source auth with a Core service exposing a REST API plus backend SDKs in Node, Python, Go, and Java. The architecture splits between the Core service and the framework drivers, which keeps the protocol layer self-host friendly. Strong developer mindshare on Hacker News and YC alumni groups.
signals (6)
- +AI review appliedReviewer: Editorial review on 2026-05-20
- −OpenAPI specNot found across 17 probe paths
- −GraphQL endpointNot discovered (5 probes; project-scoped endpoints require a real project ID)
- +SDKs maintained12 (dotnet, go, java, javascript, python, swift, typescript); top by stars: supertokens/supertokens-node (329 stars)
- +SDK recency2 of 12 SDK repos pushed within 30 days (most recent SDK commit: 2026-05-06)
- +npm weekly downloads130.9k across published packages; top: supertokens-node @ 64.4k/week
cite (2)
- github.sdks@2026-05-20
- ai_review_browser.sdks@2026-05-20
User flows, sessions, MFA, social login, passwordless, and roles are all programmable via the Core API. Self-hosted deployments expose the same surface as the managed Cloud. CLI tooling is limited but the SDK-first model is consistent across languages.
signals (9)
- +AI review appliedReviewer: Editorial review on 2026-05-20
- −API operations exposedNo OpenAPI spec; operations count unknown
- ·Docs pages crawled0 pages (crawler: none)
- ·Auth schemes documentedAuth documentation page not reached by crawler
- ·Setup / quickstart docsNot reached by crawler
- ·Billing docsNot reached by crawler
- ·Teams / org docsNot reached by crawler
- ·CLI docsNot reached by crawler
- ·Schema / data model docsNot reached by crawler
cite (1)
- github.sdks@2026-05-20
No first-party SuperTokens MCP server has been published. Community wrappers exist for agentic flows; the official posture remains focused on the identity-as-code use case.
signals (4)
- +AI review appliedReviewer: Editorial review on 2026-05-20
- +Official MCP serverhttps://github.com/supertokens/mcp-plugin (0 stars, last commit 285 days ago)
- −Community MCP serversNone found
- +Agent-friendly SDKs6 TS/JS SDKs available; top: supertokens-node (64.4k/week downloads)
cite (1)
- mcp.found@2026-05-20
Core REST API is documented in detail; the open-source codebase in supertokens/supertokens-core is the implicit schema reference. No canonical OpenAPI URL is prominently exposed.
signals (3)
- +AI review appliedReviewer: Editorial review on 2026-05-20
- −OpenAPINot discovered across 17 standard probe paths
- −GraphQL introspectionNo GraphQL endpoint discovered (5 probes; some vendors use project-scoped endpoints that require a real project handle)
cite (1)
- openapi.discovered@2026-05-20
Override functions in the SDK serve as webhook-ish hooks for identity events. A dedicated webhook delivery product is less central than the SDK override pattern. The eventing story is more code-driven than configuration-driven.
signals (2)
- +AI review appliedReviewer: Editorial review on 2026-05-20
- ·Webhook docs pageNot reached by crawler within budget (0 pages crawled). Cannot confirm whether vendor offers webhooks.
cite (1)
- ai_review_browser.webhooks@2026-05-20
This vendor does not publish a public OpenAPI specification. JAIRF cannot be computed. The Headless Index score and editorial verdict carry the readiness assessment.
No public OpenAPI specification discovered during collection
Powered by JAIRF v1.0.0 by Jentic
Band rationale:C band: scores 40-75 range
Show SuperTokens's score on your site.
Drop a live badge into your README, footer, or marketing page. It updates automatically when we re-score, and every embed is a dofollow link back here.