Hi. I have implemented custom UI but standard flow password reset solution. Everything seems to be working except for the last part, where I call function submitNewPassword({ formFields: [ { id: 'password', value: newPassword } ] }). it gives me this error "Error: No instance of EmailPassword found. Make sure to call the EmailPassword.init method." Can enyone help me with this issue?

Hi, for some reason some of the node typescript definitions doesn't work for me. Here is a small repro showing how I experience the middleware and errorHandler properties not being linked properly https://stackblitz.com/edit/typescript-qopxcd?file=index.ts

Hi, is it possible to verify session in nextjs global middleware?

Hey, there is a way to append ST tables to existing database? I used prisma ORM and im not sure how can i update my migration to append ST tables

hey all! Quick question: I'm running the example docker compose file found here (https://supertokens.com/docs/thirdparty/pre-built-ui/setup/core/with-docker) and I'm running into an error where SuperTokens crashes on startup because it cannot connect to the db, only because the db looks like it hasn't finished starting yet. Any ideas?

Hi, im 20 minutes old to Super Token. Important question for me is - how do I implement consent (u know - opt to agree to being contacted stuff). I started on Auth0, seems need to pay $$$ for consent management plugins to get this startup basic job done. Pointers please?

Db connection issue

Consent screen

I want to use supertokens with a Java app - is there a convenient way to go about that?

I can host a seperate node/python/go app if needed on another domain, but im not sure that solves all my problems

the backend api would be supporting a react native app (so token auth)

related question - the readme for supertokens-react-native just links to the here https://supertokens.com/docs/guides but i dont see any react native docs

Hi! The Dashboard is pretty cool, but I have a question about how it is intended to be used. It is served by the backend, and the backend is protected by CORS. It looks like the Dashboard is intended to be accessed directly via the browser, and not through an API call. However, if I access directly from my browser, then no origin is provided with the request, which means that it gets rejected by CORS. I tested by disabling CORS, and can access the Dashboard as expected. I'm not sure how to resolve this issue because I can't seem to find a way to disable CORS just for that single route (unless I am misunderstanding how the configuration works). Here is my CORS config, **which is general to all routes due to the use of `app.use(middleware())`**:

SuperTokens.init(SuperTokensInitConfig);
admin.initializeApp();

const app = express();

const whitelist: string[] = [
  websiteDomain,
  'http://localhost:4201',
  'http://localhost:4202',
  'http://localhost:4203',
  ... etc.
];

app.use(cors({
  origin: function(origin, callback) {
    if (origin && whitelist.indexOf(origin) !== -1) {
      callback(null, true);
    } else {
      callback(new Error(`Origin ${origin} not permitted due to CORS policy`));
    }
  },
  allowedHeaders: ['content-type', ...SuperTokens.getAllCORSHeaders()],
  credentials: true,
}));

app.use(middleware());
app.use(errorHandler());

export default app;

Cors issue in dashboard

Using with Java

React native setup

Gday folks, trying to investigate a multitenant implementation with NextJS. The idea is to provide each customer a subdomain, eg; e297d6a3-9e0e-4b9b-a658-05acd3caf539.website.com Which can later be changed to a.website.com if the user would like. I'd like to support the concept that registered users may be a part of more than one subdomain. For example: a.website.com and b.website.com So if the user accesses a.website.com/auth, it allows them to login if they were added by an administrator to the backend. Similarly, if they tried to access b.website.com/auth, it'd allow them to login. However if they tried to login to c.website.com, a website they're not a part of, it would not let them in. I took a look at the examples you have on Github but this part kind of ruled it out unless I am misunderstanding:

the subdomain for each user is extracted from their email provider, ex. for user@abc.com, abc would be the subdomain.

As in this case, they may be using example@gmail.com, which would have access to a.website.com and b.website.com, instead of gmail.website.com

Hi, I try to get auth url for github provider using

getAuthorisationURLWithQueryParamsAndSetState

and pass down the

authorisationURL

param. But the response url did not include the

authorisationURL

I passed, and I did not have a pre-set

authorisationURL

in my backend. Anyone knows why?

Social login auth url issue

Hi! I just came across an edge case. I'm not sure if I should just ignore it, or deal with it, but I get the sense that I should deal with it. I have not used my app for a while, as I have had other concerns the past several weeks. Now as I open my app, SuperTokens is detecting that there is an active session, so my

versionSession()

returns true, with a user ID. However, that User does not exist. It must have been deleted. So the problem seems to be: when a User gets deleted on the backend, if the user still has a cookie, the app can get "stuck" or go into an erroneous state. The obvious workaround is to just delete the cookie. I can do that because I understand enough about how this works. My users would never understand, and they would be very confused, and telling them to delete their cookie is not a great option. I can't imagine how a user would get into this state, but now I know that this is a possible state, and therefore I think I need to deal with it. Note that now that you are offering a User Dashboard, this type of case is more likely to occur! Do you have any advice?

Session behaviour ob deleted user

Sorry, I'm probably just not seeing this in the docs... but when using a social login (for example Google), how can I get the user's name (or other data) as provided by Google?

Hi! I'm trying to test the Passwordless (SuperTokens 4.2) recipe on Postman, but I get a 400 response: "Please provide exactly one of email or phoneNumber". I've followed the example on https://supertokens.com/docs/passwordless/testing/testing-with-postman. What could I be doing wrong?

When override

signInUpPOST

on backend for github oauth, is it possible to get the user info (like github avatar url) from response of

originalImplementation.signInUpPOST

?

When my backend returns an error 500, my entire frontend goes down because Supertoken ask me to wrap the entire app in SuperTokensWrapper which doesn't see to handle errors properly... How can I avoid that?

Is it possible to authenticate sessions using NextJS Server Side without having to import supertokens-node in getServerSideProps?

How can i add prismaService to this initFunction, i try to add this service to constructor, but this solution not working :/

Hey, can i get user email on the client side, withouth having to call an api on the server.

Auth without getSession

Using this in js