Hello everyone, I am a little confused. Is it already possible to use multiple tenant? Or is this just coming?

Hi. Are you aware of any configurations that can be made on our end to help reduce the chance of password reset emails ending up in the spam/junk folder?

How much damage can I do if I delete a user by going into the supertokens database and deleting his entries manually from the

all_auth_recipe_users

,

emailpassword_users

, and maybe probably also form the

session_info

table. Yes for the next time I probably have the backend function implemented in some way or another so I don't have to do it manually, but do you see currently anything wrong with that approach?

ah, I found https://github.com/supertokens/supertokens-core/issues/529 So there is no JVM SDK. It sounds like we would need to add 2 processes to our app, the core microservice (jvm) + an api server (say, golang for least memory usage?)

Hi everyone, I'm currently trying to figure out a way to either mock or integrate supertoken into my backend e2e tests. I would like to have roles and permissions mechanics taken into account whenever I test an endpoint. Any ideas or even implementation examples on a repo ? thanks in advance

Is there any way to manually change a user's email verification status? I saw the docs weren't written yet so I thought I'd ask here for guidance

Hi, do I need have frontend and backend in docker? Now I have backend and SuperTokens in docker compose and frontend in another repository and I have cors error: Access to fetch at 'http://localhost/auth/session/refresh' from origin 'http://localhost:3000' has been blocked by CORS policy: Request header field st-auth-mode is not allowed by Access-Control-Allow-Headers in preflight response. My settings: app.enableCors({ origin: [

${process.env.WEB_DOMAIN}

], allowedHeaders: ['content-type', ...supertokens.getAllCORSHeaders()], methods: ['GET', 'PATCH', 'POST', 'DELETE'], credentials: true, }); app.useGlobalFilters(new AuthFilter()); //appInfo apiBasePath: '/auth', websiteBasePath: '', WEB_DOMAIN = http://localhost:3000 Sorry for a lot of questions 😅

does anyone know if there will be further support for php specifically laravel?

Organization support

Can I use verifySession in a way that the route is also accessible by users without a session? I thought

verifySession({ sessionRequired: false })

would do the trick, but requests without a session get a 401. This is a problem for me, because I'm using https://telefunc.com for client <> server communication. The tool uses one route, whereas some requests need data from a possible existing session and some don't. Is there maybe another way without using verifySession?