I am working on a frontend app talking to a supertokens backend and implementing OTP login with phone works like a charm, I wanted to read the JWT in the client so I had to add the session recipe to the backend and also call session.init in my client, this worked also like a charm and I was able to read the JWT. However when I do not log in using phone and OTP, I still want to have a JWT session for anonymous users but the Session.getUserId() returns false Is there anything more to it for session based authentication other than just having Session.Init() in the recipes array in the client and also in the backend? BTW: just wanted to shout out that other than this, using supertokens has been so smooth

On Clearing Cookies or Using incognito Mode in React Native Webview Android, SuperToken Session is expired. Can anyone help me here?

Is there already a solution to using supertokens with tRPC? Thanks in andvance

Hello again I would like to translate the emails that supertokens sends to our customers. I understand that I can change the content as described here: https://supertokens.com/docs/emailpassword/email-delivery/smtp/change-email-content But how do I know into which language I have to translate? I would be happy to get the language that users saw as they register in the browser.

trying to access the dashboard

Hi! The Dashboard is pretty cool, but I have a question about how it is intended to be used. It is served by the backend, and the backend is protected by CORS. It looks like the Dashboard is intended to be accessed directly via the browser, and not through an API call. However, if I access directly from my browser, then no origin is provided with the request, which means that it gets rejected by CORS. I tested by disabling CORS, and can access the Dashboard as expected. I'm not sure how to resolve this issue because I can't seem to find a way to disable CORS just for that single route (unless I am misunderstanding how the configuration works). Here is my CORS config, **which is general to all routes due to the use of `app.use(middleware())`**:

SuperTokens.init(SuperTokensInitConfig);
admin.initializeApp();

const app = express();

const whitelist: string[] = [
  websiteDomain,
  'http://localhost:4201',
  'http://localhost:4202',
  'http://localhost:4203',
  ... etc.
];

app.use(cors({
  origin: function(origin, callback) {
    if (origin && whitelist.indexOf(origin) !== -1) {
      callback(null, true);
    } else {
      callback(new Error(`Origin ${origin} not permitted due to CORS policy`));
    }
  },
  allowedHeaders: ['content-type', ...SuperTokens.getAllCORSHeaders()],
  credentials: true,
}));

app.use(middleware());
app.use(errorHandler());

export default app;

Hi, I want to send magic link in the mail using different website domain. So is there any way in backend to fetch any website domain and send magic link using that particular domain? And also any way to send additional values from frontend to backend middleware API's.

Docs question: I'm using Phoenix framework on Elixir which doesn't have library integration built. Is there a place for docs how to start from zero? I don't promise anything but Appwrite has SDK generator and I've built Elixir generator part for them while trying it. It's not in the MR yet though.

Hi, I'm trying to setup auth with my chrome extension, I've browsed past questions about this problem, and it seems the most straightforward solution is to use jwt with localstorage. But there's a couple things I'm still wondering: - I've tried setting the

cookieSameSite

option to none, and I can see that it is indeed set with the option, however, when launching request from the extension, the cookies are not there, why is that the case ? - If choosing to use the jwt with localstorage approach, does it mean that refresh the session does not work anymore ?

Hi, I use localhost for local development at front and remote server at backend api. So when Im trying to connect that way by social, emailpassword or passwordless I get 401 error for endpoints. I think thats because localhost has another cookies domain and server cant get shared them. And the question is: how can i effectively connect from localhost at front to server at back to organise my local development and to make everything work fine?