POC: Switch Authentication Provider to Frontegg

Open victor-enogwe opened this issue 4 months ago • 1 comments

Goal

Demonstrate a proof-of-concept (POC) migration from SuperTokens to Frontegg for authentication/session management, as part of the broader provider switch initiative (Switch Authentication Provider: Research, Selection, and Migration).

Integrate Frontegg's authentication & session management module into a branch
Replicate core auth flows:
- Sign up and login (email/password, social if available)
- Idle session timeout configuration (simulate >24hr inactivity and verify session refresh/expiry mechanics)
- Session revocation and concurrent session limit tests
Ensure to keep the old supertokens setup files.
Compare session reliability and developer ergonomics to current SuperTokens integration
Document any SDK, dashboard, or config changes vs expectations from research
Note any blockers for migration (e.g., user data export, password hashing, custom roles/RBAC edge cases)
Deploy POC to staging

Frontegg integration builds and runs on a test deployment
All primary auth/session flows work (happy paths, session refresh, inactivity logout, role assignment)
Idle session timeout works as configured (24h+ inactivity is tested, no silent refresh bug)
Session revocation and session self-management (portal or API) function as expected
Documentation covers setup, key config, results of idle session and concurrency tests

For full migration, see research/selection notes and cost analysis in parent epic.

Nov 11 '25 00:11 victor-enogwe

Pushed back after auth/session got working in #1227

Nov 17 '25 01:11 tyler-dane