> - Are you using our supertokens-auth-react package on the frontend or supertokens-website? We are planning to but haven't explored it yet. > - After logging in, would those users be redirected to a different sub domain or stay within their own sub domain? Would stay within their own subdomain

Alright. So you would need to do the following: - On the frontend, you would have to set the

websiteDomain

to whatever the current sub domain is. This would restrict the session to work only within that sub domain. - On the backend, you can set the

websiteDomain

value to your top level domain, but you would have to define the

GetResetPasswordURL

(https://pkg.go.dev/github.com/supertokens/supertokens-golang@v0.3.0/recipe/emailpassword/epmodels#TypeInputResetPasswordUsingTokenFeature) and

GetEmailVerificationURL

(https://pkg.go.dev/github.com/supertokens/supertokens-golang@v0.3.0/recipe/emailpassword/epmodels#TypeInputEmailVerificationFeature) functions to return the right sub domain URL depending on who is trying to reset their password or verify their email (a regular user or a brand)

These changes should be enough to get your use case to work!

Thanks @User The backend changes looks hacky though.

Yeaa. That’s cause we don’t have full multi tenancy support yet.

Yeah I personally would also love to see multi tenancy support 👍

It’s on our road map. Should be in a few months

Thanks! That's great.

a small nitpick but I've been wondering why this happens I use the image

supertokens/supertokens-postgresql:3.6

with docker-compose that

depends_on

a

db

service defined in the

docker-compose.yml

now I normally run my containers in detached mode (

docker-compose up -d

) so that whenever I turn off my pc, they just run again automatically in the background when I turn the pc back on however, the supertokens container doesn't auto-start for some reason and I'm not quite sure how to debug this, I can reproduce it by just doing: 1.

docker-compose up -d

on the project that uses supertokens 2. check running containers

docker ps

3. restart docker desktop 4. check running containers again

docker ps

5. everything else started again except for the supertokens image any idea why that'd happen?

Hmmm. Strange. Can you try and do this without making it dependent on the db?

Cause the container will wait for a db to be available and won’t keep restarting

let me try

@User nope, still gone

Interesting.. can you please open an issue about this in the supertokens-core repo highlighting the steps to reproduce?

sure

Thanks

here https://github.com/supertokens/supertokens-core/issues/346

Thanks!

I have to add signup/signin with google in the nextjs based web app. I have my own UI for login and backend is using managed service. I think I need to use

/signinup

endpoint of this(https://app.swaggerhub.com/apis/supertokens/FDI/1.10.3#/ThirdPartyEmailPassword%20Recipe). Can someone pls explain what is

redirectURI, code, clientId and authCodeResponse

in the request body?

Yea, sure: -

redirectURI

is the full URL (domain + path) that is registered on google as your app's callback URL. -

code

is the code query param that is sent from google to your app after google redirects the user to the callback URL -

clientId

and

authCodeResponse

can be ignored since they are used for an OAuth flow for mobile apps.

So you would need to send:

{
  redirectURI: "...",
  code: "..", // sent by google as a query param 
  thirdPartyId: "google"
}

Thank you for the quick reply👍 . I will try and check.

Hey! Is there a testing strategy with hapi server injection (I am testing scope of user for different routes) and supertokens? I am using sessionManagement. Do I have to copy sAccessToken, sRefreshToken, sIdRefreshToken from

const res = await server.inject({
      method: 'POST',
      url: '/login',
      payload: loginData,
    });

or there is a way to do it with sessionManagement on each injection?

Yea. You will have to copy the sAccessToken and sIdRefreshToken

There isn’t anything for testing unfortunately.

You could make an issue about it, and we will have a look soon

Thanks!

Hey - just beginning to integrate supertokens into my vue.js app, and having some confusion about how to use the supertokens-website SDK properly. I was able to find the SDK reference, but it lacks details / context / examples about it's contents, and how to use it. Is there some recipe for non-react custom implementations that can help guide me? Also, I've integrated the supertokens-node express setup according to the react recipe demo, so I assume the supertokens-website SDK will communicate with the supertokens-node module on my backend automatically by hitting routes that are registered by the ST express middleware? Thanks in advance. Would be awesome to see a recipe on the site for supertokens-website vanilla implementations. Edit: scheduled call through website since there are additional, deeper questions I have 🙂

> I was able to find the SDK reference, but it lacks details / context / examples about it's contents, and how to use it. Is there some recipe for non-react custom implementations that can help guide me? Yea. So the supertokens-website SDK only providers session management related functions. The guides for that can be found here: https://supertokens.io/docs/session/quick-setup/frontend (Plain JavaScript section) For login functionality, you will have to build your own UI, and call the APIs exposed by our backend SDK using

fetch

/

axios

. The API spec is here: https://app.swaggerhub.com/apis/supertokens/FDI > so I assume the supertokens-website SDK will communicate with the supertokens-node module on my backend automatically by hitting routes that are registered by the ST express middleware? Yes. But since supertokens-website is for sessions only, it will only hit the session recipe's routes. > Would be awesome to see a recipe on the site for supertokens-website vanilla implementations. Coming soon!!

Where can I find the signing secret that supertokens core uses so I can use it in my API to verify JWTs sent to it? I am using postgREST, and it supports using an external services JWTs but it needs to have the signing secret.