no, only

401 unauthorized

A sample refresh API call looks like this:

curl 'https://localhost:3000/auth/session/refresh' \
  -X 'POST' \
  -H 'rid: session' \
  -H 'Cookie: sRefreshToken=ATa8vaSYm3PvteMeAnAuAE3a8tV0WlQDArCkhVmnkVIPthrHsdDpymIEssv%2BKXn5OSABMc%2Fw5zofn9Q%2BjKEs53rSf5A%2Bobxr7%2BBqTR9qOQO%2Bu8f7IozxMuY1KfwDiMKYOZRYjOW7BT5RE9E1kuOvcigqog5hNvyp1mYqF9VgO4Oho1mhX0s%2BjL5RV7ZdLN3RKqVrZQVm35Cy%2FqUvG7e7zhtMYX5AMSecA8OnZ7X%2By4VVnf7opkmy4L5UiWgmvUuVGZJ0OJwYRSCYpKyzYhso1LVFiTA6hXeStghiXaDMsNtgnXqktbk8JXnD4npOe3dVm3hlBZvOd0ol7beCoNvDaKFEgCEemZjBCL8BdsMtQ%2BYL2OOsiySBua57gumIhXIOp2AKb7tBIo15vqgB.02eddfb35c1e47b62defad9fd2a0517ece5b8e744df214916eb534cf289e0306.V2; sIdRefreshToken=0db5d679-7a7f-4d06-9cec-f3778aa0b2f7'

Also, are you trying to refresh the session in the backend?

or from the frontend?

I'm trying to do it at SSR, so its neither frontend or backend

at frontend refreshing works perfectly

So you want to do a refresh only from the frontend, and never from the web server

If you see that the access token has expired during SSR, you should send a "loading" screen to the frontend

which will manually refresh the session, and then reload the page

ANd you can manually refresh the session on the frontend via

await Session.attemptRefreshingSession()

See nextJS SSR guide for reference: https://supertokens.io/docs/thirdpartyemailpassword/nextjs/session-verification/in-ssr (if this helps..)

hm, yes, but at the moment I don't know how to do it properly... on NUXT, (not next) the asyncData push me immediatelly at error page if something goes wrong at ssr :/

Yea i know Nuxt. haha... but since we don't have a guide for that, I sent you next's ssr guide 😅

How do you do session verification during SSR?

im passing the header with cookies to backend and its doing a verification

are you using

verifySession

function in the backend?

yes

So you should instead use

getSession

like shown in the nExt JS guide like above

and catch try referesh token errors and send the loading page as a reply

which should then manually refresh the session and reload the page -> this time the new access token will be sent and your backend SSR will succeed.

ok, will try to do it, thank you for your time, will write if I'll have more questions

Sure! I'll be happy to help 🙂

have a nice christmas 🙂

to you too! :))

I need help understanding my express server not registering API's i.e. signup & sign in etc Cannot POST /auth/signup

Did you follow the backend quick setup guide?

yeah

Which recipe are you using?

email & password login