Hey guys, what is the reason that Apple has a redirect to

/api/auth/callback/apple

and the others to

/auth/callback/google

for example? (notice the

/api

)

Hey I have a issue with my capacitor ios app again. Here is the debug log from the phone. It logs in normally and cannot hold session somehow. Any ideas?

This may be a bit of a basic question, but in some cases the supertokens instance is not found even though I initialize Supertokens as the first thing in the app. Now I am trying to get the user count in a request handler, and it is saying that Supertokens is not initialized :/

await supertokens.getUserCount()

Is there an easy way to implement guest accounts? Ie generate a token without signup and then convert to a signed up user later?

Hi team I'm running into a new CORS error we haven't had in the past. The CORS configuration is now blocking requests between our api (express) and client (react) with the error message: "Access to fetch at 'https://vms-api.macleanengineering.com/auth/signin' from origin 'https://vms.macleanengineering.com/' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled." We've set out cors configuration according to the user/password user guide so I'm starting here. Here's our current cours config: app.use(cors( { origin: ['https://vms.macleanengineering.com/'], allowedHeaders: ["content-type", ...supertokens.getAllCORSHeaders()], credentials: true, } ));

Is there any chance a function could be added that returns the session found on the server instead of (or in addition to) adding it to the

request

object? (Talking about

Node.js

here.) I'm playing around with

Svelte Kit

. And it seems like they don't give us access to any data tacked onto the request object. I'm trying to figure out if there's a more functional way to get the session instead. 🤔

What is the difference between overriding an api vs overriding a function? For example consumeCode as a function vs consumeCodePost as an api? What are the intended use cases for each option?

I am developing chrome extension using supertokens I am validating user logged in or not using aAccessToken which are in website cookies but when I get the 401 then I am trying using sRefreshToken but I am getting 401 for that as well although it is valid.How can I solve? This is the curl curl 'https://test-api.paperguide.ai/auth/session/refresh' \ -X 'POST' \ -H 'accept: application/json, text/plain, */*' \ -H 'accept-language: en-GB,en-US;q=0.9,en;q=0.8' \ -H 'authorization: Bearer "c/qMoWsRTj8kLHaXFXpgaI3qdxjTRZFzKm3vE5csc98g4935GpyG11ypg0P8m6UreXv7p0s5nZuaZj8RD2AxnkoI7H6kxuB3umWBJZu1fU75Kd/JHJfhWjzDhf9YMk4PrseQQ1%2BjacQhOIkHF%2BYdqek8nwY9eOEHHrj84wFmB2jO2%2BDJO367o8xHsbk%2BCVVXa60w0bMaYq4lCEWzPxCz%2BVsJcQ7v0hlN6wZ2AS4RGJ9sRviSJVz%2B1ziaYIvG0R8FWNBujV5G%2BhvYh4jkFqmpQ9pItTj8DmtNfCJfF0NTZDG%2B3B8GepNxcCMr%2BST1ka4ysiEDO0kEgT9Q1OaMbOdJ0GDz1krISf3FjjvyZ%2BnLN/FrTvWOBTQE2gqtDuFAxwRIatVBuYBEAB7HM9De.9a6cd961329546b23617792476960a90f205ed1d3c89eee69548953b1127b463.V2"' \ -H 'content-length: 0' \ -H 'content-type: application/x-www-form-urlencoded' \ -H 'origin: https://www.plasmo.com' \ -H 'priority: u=1, i' \ -H 'referer: https://www.plasmo.com/' \ -H 'sec-ch-ua: "Not/A)Brand";v="8", "Chromium";v="126", "Google Chrome";v="126"' \ -H 'sec-ch-ua-mobile: ?0' \ -H 'sec-ch-ua-platform: "Linux"' \ -H 'sec-fetch-dest: empty' \ -H 'sec-fetch-mode: cors' \ -H 'sec-fetch-site: cross-site' \ -H 'user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36'

Hi all, we put together some scripts to migrate users (along with userid mapping, roles and metadata) from one supertokens deployment to another. Hope it can be useful to some of you 🙂 https://github.com/Solgt/supertokens-migration

Hey, i'm using Fastify with supertokens, and i'm setup swagger & swagger-ui for my API. Wanted to know if is there a way to add the supertokens routes to my swagger documentation ?