Hi Team, We are getting a KeyError 'access_token' on our Flask backend when fetching profile info via Google: supertokens_python/recipe/thirdparty/providers/google.py in get_profile_info at line 58 We think it is likely that the signup API is being called twice and returning a 500 response from Google the second time, which means that the auth_code_response does not have the 'access_token' key, and instead returns the following error: { error: 'invalid_grant', error_description: 'Bad Request' } We have looked at this thread https://discord.com/channels/603466164219281420/1113510798736752692 and its related GH issue (https://github.com/supertokens/supertokens-auth-react/issues/707) but haven't been able to come up with a solution. We also cannot reliably reproduce this error. Could we get some support / should the API be catching this to avoid the KeyError? Thank you in advance!

Getting this error on Google login success. Though login is happening fine.

Error: No access, refresh token, API key or refresh handler callback is set.
    at OAuth2Client.getRequestMetadataAsync (/Users/hitesh/dev/jwt_supertokens_hasura/node_modules/google-auth-library/build/src/auth/oauth2client.js:272:19)
    at OAuth2Client.requestAsync (/Users/hitesh/dev/jwt_supertokens_hasura/node_modules/google-auth-library/build/src/auth/oauth2client.js:371:34)
    at OAuth2Client.request (/Users/hitesh/dev/jwt_supertokens_hasura/node_modules/google-auth-library/build/src/auth/oauth2client.js:365:25)
    at createAPIRequestAsync (/Users/hitesh/dev/jwt_supertokens_hasura/node_modules/googleapis-common/build/src/apirequest.js:273:31)
    at createAPIRequest (/Users/hitesh/dev/jwt_supertokens_hasura/node_modules/googleapis-common/build/src/apirequest.js:49:9)
    at Resource$Userinfo.get (/Users/hitesh/dev/jwt_supertokens_hasura/node_modules/googleapis/build/src/apis/oauth2/v2.js:104:58)
    at Object.<anonymous> (/Users/hitesh/dev/jwt_supertokens_hasura/dist/supertokens_config.js:117:57)
    at Generator.next (<anonymous>)
    at fulfilled (/Users/hitesh/dev/jwt_supertokens_hasura/dist/supertokens_config.js:5:58)
    at process.processTicksAndRejections (node:internal/process/task_queues:95:5)

Any suggestions?

Hello, I just integrate supertokens in my django app (backend). I well received tokens on my frontend (simulated with Insomnia). Next step is to integrate supertokens authentication on django authentication backend. Do you have some documentation about that?

Hey guys, I am getting the error:

jwt issued in future

. Now I have recently moved to another timezone, so that might be it. It only happens locally on my Hasura instance. Hence, I wondered, is there some kind of

allowed_skew

property that Supertokens has? Thanks!

Hey guys, I have CSRF related question. We are using passwordless auth on our Python Django backend (we use Django Rest Framework). From Django CSRF settings I have configured the following:

python
CSRF_TRUSTED_ORIGINS=[domain_names]
CSRF_COOKIE_SECURE = True

The issue we are getting is that POST requests we are getting this response:

json
{
    "detail": "CSRF Failed: CSRF token missing."
}

Hi, is it possible to run supertokens-core with sqlite database? I found this message from before: https://discord.com/channels/603466164219281420/1067986309248995430/1068195011298082876 but there is no direct answer (or probably I don't understand something). In dockerhub I found only recent images for mysql, postgresql and mongo. Docs also doesn't describe how to run with sqlite. My usecase is: I'm creating small app for ~500 users and app is using sqlite as its main datastore, because traffic is so small that it is sufficient. I would like to avoid running postgresql server only for supertokens. Instead of that I would like to use sqlite. I found this in google https://supertokens.com/docs/community/configuration/database/sqlite but this options are not mentioned here https://supertokens.com/docs/community/configuration/core so I'm not sure where I should put this configuration. Is there some additional documentation I missed? 🙂

Hi guys, I changed my supertoken cookies (e.g. sFrontToken) to see how supertokens deals with it :-). I get now a  "Failed to execute 'atob' on 'Window'" exception, which is fine as the token is for sure corrupt. How can I programmatically resolve this situation? Calling e.g. Session.signOut() isn't callable as it will also throw the "Failed to execute 'atob' on 'Window'" exception. Any clue? Maybe I miss some callable function within the frontend which can force the deletion of all supertoken cookies. Thanks!

Has anyone used supertokens with Vue and SpringBoot?

Hi, I'm using multi tenants and wanted to share the session accros sub domains. So i referred here; https://supertokens.com/docs/emailpassword/common-customizations/sessions/share-sessions-across-sub-domains But the example there uses the prebuilt UI (

supertokens-auth-react

), and i'm using my custom UI (

supertokens-web-js

) How can i accomplish sharing session across domains with the custom UI? Thank you

I've got a super weird problem trying to implement Supertokens in a NextJS app for the first time. Using a NestJS backend and everything appears to be configured properly but when I try to sign up with Nest it hits my NestJS backend and then returns a 404. If I hit the exact same URL from the failed network request using CURL it works just fine eg:

http://localhost:3000/api/auth/signup/email/exists?email={email}

returns the expected result. If I visit the email exists URL directly in the browser it also prints the expected JSON. For some reason though the fetch that's getting triggered from the Next app always returns 404 🤔 Its not a CORS error... just a 404 as if the endpoint doesn't exist. I can log and see it hitting the supertokens middleware in all cases