Can anyone tell me how can i renew session?? Problem : When the access token expires my backend api throws 401 so i want to renew user session / or regenerate accessToken instead of redirecting to logout

Set up issue. With dashboard curling. Why do I either get this error. This is the curl - curl --location --request POST 'url' \--header 'rid: dashboard' \--header 'api-key: apikey' \--header 'Content-Type: application/json' \--data-raw '{"email": "example@gmail.com","password": "pass"}'

The third party provider google seems to be missing from the backend configs. I am getting this error message while using google third party login What could be the issue? @rp_st please guide

hi @rp_st I test endpoints via postman. For this, I need to refresh tokens at regular intervals. Is there a token for postman that does not require refresh?

Implementing a refresh token flow as explained in https://supertokens.com/docs/session/common-customizations/sessions/ssr#3-implementing-the-refresh-session-flow-refresh-session-pagr causes the whole web app to 'flash' every time a token is refreshed, because we navigate to the /refresh-session page (using Remix in my example). Is there a way to refresh the token on the server during the request instead of redirecting to a front-end page that needs to do an API call and redirect back?

Once client Application send token (generated by SuperToken) to backend API, how backend API will validate the token

hey @rp_st i am getting a wierd behaviour, when i revoking all session for a user , authGuard is still able to allow the request.

I have a question about the Dashboard - is it safe and meant to be deployed in a production? I'm currently using a self-hosted instance, and what sparked this question for me is that self-hosted doesn't require sending the

api-key

header, thus allowing anyone who has access to the supertokens instance to create a new user/change password etc. My assumption is that supertokens instance should not be exposed to the world, and communicated only with via backend. Is that correct?

hey i am using thirdpartypasswordless and the user can signin using there phone or email and as per requirement we want to get the user input values in frontend state so please tell how can we get this?

@rp_st i sign in email or password using emailpassword recipe.if password wrong how to block login some time attempts in supertoken?