Good afternoon! I'm looking at using Okta with the ST Passwordless recipe. I'm using a PKCE flow without a client secret, and getting this error

Please provide the oktaDomain in the additionalConfig of the Okta provider.

. Is this flow detailed somewhere in the docs that I can reference?

Hi guys, are there any endpoint that only verifies the email&password, returns user information but doesn't create a new session token? I'm working on backend and want to write a function which needs to verify the user with email and password (accepted as query parameters) but not the Bearer header. Currently I'm doing it with

/auth/signin

, but it creates session tokens every time I run it. Is there a better solution?

Is there a way to auto set primary user on sign-up? Otherwise I override signInUp on backend and call createPrimaryUser

Hi, I am associating the roles to a user after the session has already been created, I am trying to manually add the roles and permissions to a session using in the following way in consume override function: def override_passwordless_apis(original_implementation: APIInterface): original_consume_code_post = original_implementation.consume_code_post async def consume_code_post(pre_auth_session_id: str, user_input_code: Union[str, None], device_id: Union[str, None], link_code: Union[str, None], api_options: APIOptions, user_context: Dict[str, Any]): res = await add_role_to_user("public",userid_field, role_name) await session.fetch_and_set_claim(UserRoleClaim) How to get session object inside this signup overide function

Folks, if there any way to expire the previous email verification link when the new link is generated by clicking on 'Resend Verification Email'?

Hi, I am trying to trouleshoot why one user is not receiving passwordless login emails, while others do not seem to be experiencing the issue. I've ran a message trace in Exchange and don't see the email ever hitting exchange for this user. I'm using the default email delivery service behavior. Is there some way to see the logs for this?

Are there any foreseeable issues load balancing between 3 exact replicates of an application? 3 Frontends 3 API's, 3 SuperTokens Auth servers, 1 database.

Good morning from Sweden! I am using a setup of supertokens consisting of passwordless (phone verified login) and sessions. My stack also consists of Nest.js and Hasura. I've implemented JWTs according to your documentation, and it has mostly worked really well. However, there's one issue. Every now and then, all the JWTs generated and sent for verification to Hasura are treated as invalid. When this happens, the only solution I've found is to restart the Hasura instance so that it refetches the JWK via the jwk_url. Once this is done, it starts working again. It seems that this issue coincides with either an update of the JWK in our backend or a change in our backend deployment to use a newer version. I am assuming that Hasura remains unaware and doesn't attempt to refetch a new valid JWK. I'm unsure if there's an error in my implementation or if this is a bug. Any help would be appreciated.

Hi all, I've noticed that the response times for our python server endpoints using supertokens sessions were longer than expected. So I timed each part of our verify middleware and saw that

verify_session()

was taking around 200~300ms, taking up a majority of the response time. Is this normal? How long is

verify_session()

usually expected to take? I would like to know if there are ways to get this time way down. Here's the snippet:

start = time.time() * 1000
session_recipe = SessionRecipe.get_instance()
supertokens_session = await session_recipe.verify_session(
    request=base_req,
    anti_csrf_check=True,
    session_required=True,
    check_database=False,
    override_global_claim_validators=None,
    user_context=None,
)
end = time.time() * 1000

Team, we would like to implement username/password + social logins using managed supertokens. However our app is a react app packaged as a DESKTOP APP (e.g. Electron or Tauri based). Do we have any examples / documentations for this scenario?