Hi, I am trying to implement SSO between two rails websites with different domain names, e.g. a.com and b.com . Is SuperTokens the right tool for me? We want a phone-password login. Do I just use the

with-phone-password

react example code on each site, or do I need another site like c.com to let the user redirect to for authentication? And how do configure to let it know which domains should share the same session? Sorry I'm quite confused.

Hello, I want to know if supertokens support disabling private signup like https://docs.propelauth.com/overview/disable-public-signups

Hi everyone, nice to meet you all. I am trying to get the User Management Dashboard working via Docker. I can get the UI running and I get a screen that requires me to key in the API Key but when viewing the User Management screen it says Server Error: Failed to load user list. I check the browsers console and it tells me that there is an error on loading some content "http://:15000/auth/dashboard/api/users/count". And when I browse the link it shows Unauthorised access. Does anyone have any idea why this is the case?

How to login using flutter sdk?

Can I migrate from AWS cognito to Supertokens without any user level downtime? Is there any guide to refer to? Also, for node implementation can I make it work on es5? Or do I need es6 only?

Hi, I just wanted to know about how we can integrate supertokens with SAML. For eg. We are providing Google provider for third party auth. So if we want to provide our app as a custom application in Google workspace SSO. How will I be able to configure it with supertokens third party auth. Even if I get a minimum information from your side , it would be really helpful.

How exactly does the doesSessionExist work?

I tried setting some data using merge access token payload on the backend and then useSessionContxt to get the payload on the frontend. I am able to set the data properly on the backend but when I try to get it on the frontend it is always an empty object {}. Any idea why?

If SuperTokens Core is being hosted locally, is there a way to enforce that calls to it can only come from

localhost

? (That is, only the local web app can make calls to it and no one else.) I know we have the API keys. But theoretically, enforcing that only

localhost

is allowed would add additional safety, right? 🤔

How do the

supertokens-node

verifySession

and

Session.getSession

functions behave in case the session is expired? Do they check this? or will they return `null`/`undefined` in such an scenario?