hey team, I changed some custom claims in the access token payload, since then, I dont seem to get the

Session.doesSessionExist()

to be true. I've added an array to one of the custom claim. Not sure if thats supported

Hey @rp_st I am getting a 500 internal server error if the authtoken is expired. So it should give a needs refresh response instead. I have two different services, in one it is working fine, but it is giving 500 error in one.

Hey, I have run into the infamous Safari itp blocker. I trying to get a password less flow with otp codes working in a iframed environtment under a page that we don't control the domain on. So we cant serve out content from the correct domain. I have switched to the header

tokenTransferMethod: "header"

flow instead of the cookie based one as suggested. Everything works fine in chrome and firefox, the

authorization

header gets set with the expected value and the backend is able to authenticate the request. But in safari no header is provided, which causes the flow to not work. The consome call for the otp works fine and we get a response from the server containing all the expected tokens. But the following request to the api does not contain anything and returns with a 401. After digging around a bit it in https://github.com/supertokens/supertokens-website/blob/master/lib/ts/fetch.ts it looks like even when using the header mode all the tokens still gets stored as cookies by the client and this will then also fail because of itp. But setting values in localstorage/session should still work, with some limitations, but it should get the flow running as expected for the current session at least. So is there a way to totally disable cookies and only store all the tokens in local storage when header mode is active?

Hey , i am currently implementing the email password recipe, and it works perfectly locally, but as soon as i deploy it , i get 401 status on the /auth/session/refresh route

I got this error while calling send otp api { "status": "FAILED", "message": "Invalid type for url. Expected str or httpx.URL, got : None" }

I am developing at sveltekit/capacitor app... in android everything works ok with regrds to supertokens authentication... but in ios devices, I get a successfull sign-in with a success response from server, but then the once I try to authenticate using the

Session

I get:

No session exists

error. Any ideas?

@rp_st how can i upgrade supertokens core with minimal downtime?

@rp_st I have several google accounts. once I select google account when i am using login with google, I can't choose other google account anymore when I am trying to login again. is there any way to fix this?

Hi, do I have this good? https://pastebin.com/MPb1c0r2 When user click in button (email verification), open this page (Nextjs). At first, the page is blank (before useEffect so user may not see it.). useEffect run consumeVerificationCode to check if the verification code is expired or invalid and if the verification code is expired or invalid user should see screen version with button (status: "error"). The button send email for new code. But if code is ok, user'll get page version for status: "success".

For people searching a web3 auth solution with supertokens take a look (react + tailwind + RainbowKit) https://www.loom.com/share/119036b7719449459ff8d247d6032f89