Can I migrate from AWS cognito to Supertokens without any user level downtime? Is there any guide to refer to? Also, for node implementation can I make it work on es5? Or do I need es6 only?

Hi, I just wanted to know about how we can integrate supertokens with SAML. For eg. We are providing Google provider for third party auth. So if we want to provide our app as a custom application in Google workspace SSO. How will I be able to configure it with supertokens third party auth. Even if I get a minimum information from your side , it would be really helpful.

I'm having some trouble routing the user from the signup form to the

passwordless

phone number input after sign up. I'm overriding emailpassword's

signUpPOST

function by calling: -

signUp

(/recipe/emailpassword) -

createNewSession

(/recipe/session)

signUpPOST: async function (input) {
    let signup = await signUp(
        email,
        password,
        input.userContext
    );

    if (signup.status === 'OK') {
        // Create database user
        ...

        // Create session
        return createNewSession(
            input.options.res,
            signup.user.id,
            undefined,
            undefined,
            input.userContext
        );
    }
}

I'm unsure if the

input

variables I'm passing here are correct, or if there is another recipe function I should be calling. The session and user seem to be created properly, but the frontend requires a manual refresh in order to reach the

passwordless

Second factor auth (phone number input page). Without a manual refresh, the frontend says to sign in instead since the email is already in use.

Hey guys, awesome project, love it I 've been debugging this for a few hours. What could be the reason that I don't have

sRefreshToken

cookie. What would be useful information I can provide?

Any reason why CORS would fail with

Access to fetch at 'http://localhost:3000/v1/auth/signin' from origin 'http://localhost:4200' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'.

cors:

app.enableCors({
    origin: "http://localhost:4200",
    allowedHeaders: ["content-type", ...supertokens.getAllCORSHeaders()],
    credentials: true,
  });

backend config:

{
  config: {
    appInfo: {
      appName: 'app',
      apiDomain: 'http://localhost:3000',
      websiteDomain: 'http://localhost:4200',
      apiBasePath: '/v1/auth',
      websiteBasePath: '/auth'
    },
    connectionURI: 'http://auth:3567',
    apiKey: 'supersecret'
  }
}

frontend config:

apiBasePath: "/v1/auth"
apiDomain: "http://localhost:3000"
appName: "app"
websiteBasePath: "/auth"
websiteDomain: "http://localhost:4200"

EDIT: using nestjs

Hey, I'm trying to setup Apollo graphql + Nest.js by following the guide, and I manage to get the session info on a controller using the Auth guard and Session param decorator (from the guide) but not on a resolver. I tried (with inspiration from the graphql integration guide) to use a CanActivate guard and access the session with

GqlExecutionContext.create(context)

and also tried injecting the session param to the resolver with

export const User = createParamDecorator(
  (data: unknown, ctx: ExecutionContext) => {
    const x = GqlExecutionContext.create(ctx);
    const context = x.getContext();
    return context.session;
  },
);

with no success and couldn't find any code example that combines graphql + nest

how mongodb schema looks like with supertokens?

For some reason I can't call

/auth/signout

. Getting unauthorized errors. How exactly does that happen? 🤔

My session keeps expiring I tried adding the frontend SDK to all of my pages but it doesn't seem to work

i want to use supertokens_python with websockets in fastapi. is there a verify_session that works for a websocket route?