Once client Application send token (generated by SuperToken) to backend API, how backend API will validate the token

Hey @rp_st for older version of supertoken node - 12.x.x , do we have multitenancy as the recipe ? const Multitenancy = require("supertokens-node/recipe/multitenancy"); I couldn't find this file. Its throwing an error.

Hi! Can we create users without setting a password for them with the emailpassword recipe? And expect them to create their password after email verification?

Hello folks, We are building an open-source platform (http://github.com/agenta-ai/agenta) where we want to include features for authentication. Each of our users hosts our platform in their own instances. We were thinking of using supertokens for authentication. One idea we had is to have one central supertokens core instance hosted by us that is shared by all users of our platform (meaning each user hosts their own instance of agenta, and their agenta backend calls supertokens core hosted by us). This would allow us to measure the real number of our users. Now, the challenge is that means that the supertokens core that we host will be openly available to all the internet without API keys. The question is: what security risks does this present? I understood that the supertokens core provides an endpoint for session creation. However, the backend itself is the one that verifies this session internally. So, if my understanding is correct, even if some attacker used supertokens core to create a session, they won't be able to user this session token in a users backend. Is this correct?

Hi, i'm having an issue in flutter while migrating sessions from firebase auth, the migration works fine, the new session cookie is set, but when navigating to the next page and making an API call,

SuperTokens.getAccessToken()

returns null. Any ideas on why the session would be lost ?

/email/exists endpoint fails for social media accounts. it seems that it only works for email account. any ideas how to impprove (override) it to support social accounts as well?

Hey everyone. I'm trying to connect a Unity (game engine) client app with SuperTokens. Is there any documentation, examples or quick start guides on how to use C# on the frontend to authenticate with SuperTokens ?

Getting invalid api when curling to create a dashboard user with supertokens server -> curl --location --request POST 'Server link' \ --header 'rid: dashboard' \ --header 'api-key: ' \ --header 'Content-Type: application/json' \ --data-raw '{"email": "","password": ""}'

hi, is it expected that using Supertokens with next.js disables static optimization entirely? Our entire app is protected, so we get this error in the Vercel logs:

Warning: You have opted-out of Automatic Static Optimization due to `getInitialProps` in `pages/_app`. This does not opt-out pages with `getStaticProps`

This causes some strange downstream issues for us, because now everything in our client needs to get rendered via serverless functions

thirdPartySignInAndUp

gives me the following error. CORS configuration should be good as it works fine for normal sign in/up with credentials. Any ideas?