Oh great. About my original question, will I need to implement a reverse proxy as described here? https://github.com/supertokens/supertokens-core/issues/280

Is this the relevant docs with Hasura? https://hasura.io/docs/latest/graphql/core/deployment/enable-https.html

Let me know if there's docs on your site that explain how reverse proxy's work. I dont understand them

You would need a reverse proxy. Yes.

Do you have any other API backend other than hasura?

Only some serverless functions with Vercel

Give me sometime. I’ll reply in a bit 🙂

@User , you would need to host your own backend that integrates with SuperTokens' backend SDK. This backend could be reachable via a sub domain of your frontend. It would expose all the APIs that are provided by supertokens, which your frontend would use. Then there are three methods for auth with Hasura 1) After a user is logged in, you could extract a JWT from the session and pass that to Hasura for auth. Extracting a JWT is still a feature that's work in progress.. It should be avaialbel in 1-2 weeks from now. 2) You could proxy requests to Hasura via your backend API layer which would use our

verifySession

middleware. 3) You could store the user's session ID on the frontend and pass that to Hasura when you query it. Then Hasura can use a custom auth hook to query SuperTokens' core to check if the session ID is valid or not. ---------------------- Out of these, number (2) is the most secure since it doesn't expose any of the session tokens to the frontend (therby preventing token theft via XSS attacks) (1) is the most popular since it's easy to use. ---------------------- Anyhow, you would need to host an API server which would integrate with SuperTokens' backend SDK.

hjust wanted to say I'm really impressed with super tokens

my biggest complaint with Auth0 specifically was their damn documentation being terrible if not incomplete if not even worse than that at times

Thank you @Deleted User ! 🙏

Hey, it's me again I tried to connect my frontend to the backend now, and i have set apiDomain to 'http://localhost:3000/api/', but it still sends requests to http://localhost:3000/auth/session/refresh is there a way to fix it?

Hey @KitsuneKenshi the apiDomain should not have the path. Instead, set the apiBasePath to “/api/auth” on the frontend and backend.

oh alr

didn't notice that in options, my bad

No worries 🙂

So I started reading the docs and I noticed I cant change the

websiteDomain

in supertokens-website sdk?

Doesnt seem to be available in the reference either https://supertokens.io/docs/website/modules.html

The supertokens-website SDK doesn’t show any login UI. So there is no need for that value for that SDK

Hi guys, Im new here to supertokens

👋. Welcome!

Could some one help me with integrating with sveltekit (SSR version)

Hi rp

or any article on next.js, that also works for me

We have NextJS integration

What kind of auth do you want?

For example, email password with social login?

Or something else?