Hey, i have a auth web set up with react and i want to redirect upon successful sign in to a different url (my app) The auth web and the app web are in the same subdomain so i have like for example https://auth.my.subdomain.com and https://app.my.subdomain.com I tried using getRedirectionURL

getRedirectionURL: async (context) => {
                if (context.action === "SUCCESS") {
                    let redirectUrl = context.redirectToPath

                    if (redirectUrl !== undefined) {
                        console.log("yoo redirected path");
                        console.log(redirectUrl)
                        // we are navigating back to where the user was before they authenticated
                        return redirectUrl
                    }
                }
                return undefined;
            },

I call the sign in with redirectToPath in the url like so https://auth.my.subdomain.com/auth?redirectToPath=https://www.app.my.subdomain.com and i get that the context.redirectToPath is empty and it just redirects me to the home page of my auth web instead to my web app. When i tried setting the web app url hardcoded in the return of getRedirectionURL it works like a charm and redirected me to the web app. Any idea if this is possible? or only paths are allowed to be redirected to? (Thanks for the help so far you have given me)

Hi, is supertokens HIPPA compliant? We are looking at several companies and Auth0 i/ Microsoft are the only ones that seem to provide a Business Associate Agreement and PCI compliant environments.

Hi, I am trying to integrate Supertokens with echo-labstack. I followed this example https://github.com/supertokens/supertokens-golang/blob/master/examples/with-labstack-echo/main.go. Echo advocates to return errors from your Handlers, which will then be handled by their HTTP Error Handler (which you can customize). This works fine until I introduce the session.VerifySession in my middleware, as per the example (wrap it to turn it into a echo.MiddlewareFunc). As soon as I use this middleware on my routes, they always return

200

(empty body), no matter how may errors I return from my handlers. As soon as I remove the session.VerifySession echo'fied middleware, I get the actual errors. It seems as if the session.VerifySession middleware is swallowing the echo error and just returning a

200

instead. Anybody any idea what could be causing this?

Hi, I am stuggling to find how to refresh the session using the header transfer method , by manually doing XHR Requests to the /auth/ endpoints. It seems the that refreshed token is sent using cookies instead of response headers. Currently I am trying with the following POST: What am I doing wrong?

api.post('/auth/session/refresh', 
           null,
           {
             headers: {
               Rid: "session",
               Authorization: "Bearer "+ refreshToken,
               "St-Auth-mode": "header", 
            }
          });

Hello, we are pretty new to SuperTokens and I am exploring its capabilities. We are trying to implement 2 ways of communication with SuperTokens. 1. Our frontend to our backend. (Should be fine) 2. Third party to our backend. Right now, I am trying to implement the 2nd one, I tried to use the emailpassword way to do it to test. Basically I created a signin function to send post request with the email and password to the Middleware, get the response and set up the cookies (access, front and refresh token), same for signout and signup. The problem I am having is that whenever the access token expired (refresh token is still alive), it won't generate new access token (even though I sent a request to the /auth/session/refresh). Another question is there a suggested way to implement third party to our backend communication authentication with SuperTokens?

Are there any known service problems right now? Authentication on our website has started throwing 500 and 405 errors. Can't figure out why.

Getting this error:

TypeError: this.response.status is not a function

, used to work fine but now this.

Hi, I'm experiencing a problem with the get_user_by_id method from supertokens_python.recipe.thirdparty.syncio. When I access this API route, I get the error message "Initialisation not done. Did you forget to call Supertokens.init". But the rest of the app is working fine (also with login/ logout etc., acccessing the session). Is there something I need to change for the API view?

@method_decorator(verify_session(), name='dispatch')
class UserIsThirdParty(APIView):

    def get(self, request: HttpRequest):
        session: SessionContainer = request.supertokens

        user_id = session.get_user_id()

        user = get_user_by_id(user_id)
        ...

I am running supertoken using self-hosted core. I want to run both my auth server (nestjs) and auth core using docker-compose. The issue is I am not able to pass the connectionURI of the core to the server. my authcore service is named -

authCore

so I tried passing

authCore:3567

but this doesn't work I see following error -

Error: Please provide a valid domain name
    at normaliseURLDomainOrThrowError (/app/node_modules/supertokens-node/lib/build/normalisedURLDo

    at new NormalisedURLDomain (/app/node_modules/supertokens-node/lib/build/normalisedURLDomain.js

    at /app/node_modules/supertokens-node/lib/build/supertokens.js:350:39
    at Array.map (<anonymous>)
    at new SuperTokens (/app/node_modules/supertokens-node/lib/build/supertokens.js:348:24)
    at Function.init (/app/node_modules/supertokens-node/lib/build/supertokens.js:372:36)
    at new SupertokensService (/app/src/auth/supertokens/supertokens.service.ts:15:17)
    at Injector.instantiateClass (/app/node_modules/@nestjs/core/injector/injector.js:358:19)
    at callback (/app/node_modules/@nestjs/core/injector/injector.js:59:45)
    at Injector.resolveConstructorParams (/app/node_modules/@nestjs/core/injector/injector.js:139:2

I just started getting these error messages:

No instance of EmailPassword found.