Hi everyone. We're currently reviewing Supertokens and Auth0 for our use case but I am not sure if Supertokens can satisfy our needs so I thought to ask here. We're building an integration platform e.g. like Zapier. For example, our user wants to connect (aka authenticate) their typeform and slack accounts with us so that they can send a slack message whenever a typeform receives a new submission. We need to authenticate those services and store the access_tokens securely so that we can make API requests on behalf of our users. Is that something that Supertokens can help us with? More specifically, can I add as many OAuth IdP as we want + securely store access/refresh tokens? Thanks

HI everyone, I am new to supertoken and docker, I am trying to follow this instruction to host the core with docker - https://supertokens.com/docs/emailpassword/quick-setup/database-setup/mysql I have a mysql server running at port 3306 and my ip address is 192.168.1.207, I run the docker command with my env variables, and I got an error saying that "Socket fail to connect to host:192.168.1.207, port:3306. Connection refused". What is wrong here? Thank for your help~

hi, when i create a user , the primary user flag is getting set as false , but i need it to bet set as true by default to enable account linking from different social logins

Once client Application send token (generated by SuperToken) to backend API, how backend API will validate the token

Hey there, I've a question. is there a way to enforce user re-login remotely?

Hi! Can we create users without setting a password for them with the emailpassword recipe? And expect them to create their password after email verification?

Hello folks, We are building an open-source platform (http://github.com/agenta-ai/agenta) where we want to include features for authentication. Each of our users hosts our platform in their own instances. We were thinking of using supertokens for authentication. One idea we had is to have one central supertokens core instance hosted by us that is shared by all users of our platform (meaning each user hosts their own instance of agenta, and their agenta backend calls supertokens core hosted by us). This would allow us to measure the real number of our users. Now, the challenge is that means that the supertokens core that we host will be openly available to all the internet without API keys. The question is: what security risks does this present? I understood that the supertokens core provides an endpoint for session creation. However, the backend itself is the one that verifies this session internally. So, if my understanding is correct, even if some attacker used supertokens core to create a session, they won't be able to user this session token in a users backend. Is this correct?

Is it a bug, when the user metadata in the dashboard is empty, but it is in the db. Or just not implemented yet because of beta

I am getting this 500 internal server error - custom ui, nestjs backend

Is is possible for Frontend(Next js) to get the user meta data ?