How is the sIdRefreshToken used? Is it essential? Docs don’t give much detail

Hi, I am using FastAPI with supertokens. And would like to store users in my own DB. I am using Email passwordless social recipe and would like to capture the event when the user signs in so that I can check if I have the corresponding user in my database and if not create one. Can anyone point me to the relevant docs please. Thanks.

Hi, I want to appned a redirect Url in the magicLink based on the url from which user has come for authentication , so how can i get that extra parameter from the frontend so that i can alter the magicLink. we are using both FE and BE supertoken sdk. For appending url in the magic link i will be using the sendRawEmail function and override it, but url that is to be appended is not fix, it should depend on some value that will be coming from frontend. so how can i pass from frontend and get at backend. I am using THIRDPARTY_PASSWORDLESS

Just wanted to confirm somthing. I see supertokens has CSRF built in by default. I personally use this with my Next.JS (app dir) application and external Express.JS API. Both share the same connection uri. I am essentially then allowing users to configure stuff on a dashboard (via the Next.JS application), which typically calls the built in Next.JS API, which then may call my external API. Basically, I am wondering if my external Express.JS API would also be protected from CSRF attacks by default, assuming configs are correct.

ERROR [ExceptionsHandler] Received response with status 401 and body

How can I get the user email from its session on a backend? E.g. the email that the user used for either passwordless, login/password or social login.

Hii everyone, I have three apps running on https, and self hosted supertokens core that too running on https api.example.com example.com app.example.com I can login to example.com, it works. But when I go to app.example.com, I can see the cookies being attached to the http req, but api.example.com throws unauthorised. I have no idea what to do now. This is what I see on app.example.com

is there somewhere that explains what an MAU is? Does MAU mean total users signed up? If it is monthy active users, then does that mean if user

Bob

logs in three times that counts as 1 MAU?

Hi i got this error. Which package should i install

Hi, I notice that super tokens for reset password is returning an email link with the same query parameters twice: {domain}?token=...&rid=....token=....&rid=.... I thought it was my mistake with me overriding the email template, but it actually happens with the normal default template as well