I am Building a School management web app. My question is - Can i use one supertoken core for following things 1. Managing Normal User Login (already using third-party password less login) 2. Staff Role Based Login eg. Teachers, Developers, Support team etc. 3. Student login If yes can anyone share docs for the same.

Hey guys, which functions would i have to mock out (via jest) to write an integration test for a user signing in -> to unverified email. I use the SessionAuth component, so some pointers would be great. (This component seems to be the one handling the redirection, but unsure of which functions to mock out from super tokens to make the component believe i'm an unverified logged in user)

Hey everyone. Is there a page in documentation explaining how exactly ST uses those

front-token

and

access-token

, which it returns in the header after sign-in ? Not quite sure what this

front-token

is for. Thanks.

@rp_st hello, I was using the supertoken 3.14 version it was working fine then switched to latest version it broke down and i am getting this error recently org.postgresql.util.PSQLException: ERROR: column "use_static_key" of relation "session_info" does not exist

Hello, I couldn't figure this issue or seen it mentioned anywhere. I'm using ST with docker and want to change the default session token validity duration. I've set the env variables to these example values:

REFRESH_TOKEN_VALIDITY: 1200

ACCESS_TOKEN_VALIDITY: 600

It seems like these values are in minutes (and not seconds), because the session is revoked (refresh token is invalidated) after 1200 minutes (20h) However, when trying to manually create or refresh a session by manually calling the ST core (

/recipe/session

or

/recipe/session/refresh

endpoints), the generated tokens validity times are in seconds. (refresh token is invalidated invalidated after 1200 seconds) Is this a bug? Or am I missing something?

Hi @rp_st , I have a problem with getting 502 error for POST /session/refresh, so i want to resolve this problem, can you help me?

Hey guys, I have CSRF related question. We are using passwordless auth on our Python Django backend (we use Django Rest Framework). From Django CSRF settings I have configured the following:

python
CSRF_TRUSTED_ORIGINS=[domain_names]
CSRF_COOKIE_SECURE = True

The issue we are getting is that POST requests we are getting this response:

json
{
    "detail": "CSRF Failed: CSRF token missing."
}

HI everyone, I am new to supertoken and docker, I am trying to follow this instruction to host the core with docker - https://supertokens.com/docs/emailpassword/quick-setup/database-setup/mysql I have a mysql server running at port 3306 and my ip address is 192.168.1.207, I run the docker command with my env variables, and I got an error saying that "Socket fail to connect to host:192.168.1.207, port:3306. Connection refused". What is wrong here? Thank for your help~

hi there, I have an issue with my tenant...not sure what might cause it: Error: SuperTokens core threw an error for a POST request to path: '/692da2df-dca9-48aa-8556-9be2a082fa7f/recipe/user/password/reset/token/consume' with status code: 400 and message: AppId or tenantId not found => Tenant with the following connectionURIDomain, appId and tenantId combination not found: the error only happens when trying to reset a users password, all other auth functions seem to work

I'm running a Supertokens managed instance in production (on my Flask Python backend, which is hosted on Google Cloudrun). Since it's inconvenient to access the dashboard URL through cloudrun, I found I can run my backend locally (with production flags set) and then access the production dashboard at http://localhost:8000/auth/dashboard Is this recommended / might this interfere with the instance running on prod? (e.g. if limited connections to the Supertokens instance is permitted at once)