Channels
bot-training
community
contributing
general
github-activity
info
introductions
new-releases
random
security
support-questions
welcome-0xdelusion
welcome-aj-ya
welcome-aleksandrc
welcome-alpinjs
welcome-amberlamps1
welcome-andrew-rodriguez
welcome-ankit-choudhary
welcome-anthony-stod-custodio
welcome-call-in
welcome-chwalbox
welcome-claybiokiller
welcome-co7e
welcome-cosmoecwsa
welcome-devdag
welcome-dinso
welcome-drebotelho
welcome-elio
welcome-ernest
welcome-foxbarrington
welcome-fromscratch
welcome-galto4ir
welcome-goetzum
welcome-hay-kot
welcome-himanshu-kukreja
welcome-hossambarakat
welcome-ichikawakazuto
welcome-jahir9991
welcome-jamesl
welcome-jerry123424
welcome-john-oliver
welcome-jonas-alexanderson
welcome-jxyz
welcome-kelvinwop
welcome-kraz
welcome-lancekey
welcome-leoo
welcome-lukeacollins
welcome-m-j-mon
welcome-malik-khoja
welcome-marco
welcome-mardadi
welcome-meshguy
welcome-metamorph
welcome-mike-tectu
welcome-mirzok
welcome-mozomig
welcome-naberyou66_
welcome-nacer
welcome-namratha
welcome-naveenkumar
welcome-nightlight
welcome-nischith
welcome-notankit
welcome-olawumi
welcome-pavan-kumar-reddy-n
welcome-pineappaul
welcome-poothebear
welcome-rick
welcome-samuel-qosenergy
welcome-samuelstroschein
welcome-shubhamgoel23
welcome-shubhamkaushal
welcome-sidebar
welcome-surajsli
welcome-suyash_
welcome-syntaxerror
welcome-tauno
welcome-tawnoz
welcome-teclali
welcome-tls
welcome-turbosepp
welcome-vikram_shadow
backend only
y
yvstrishul
04/27/2023, 3:47 PMHi, I am using SuperTokens only for backend. After calling signin api, how can I use access token present in its response header as I believe I can't override the function in signin api
r
rp
04/28/2023, 5:17 AMhey @yvstrishul you can use the access token as an authorization bearer token in your request.
You can save the refresh token as well somewhere and then use it to get new session tokens.
y
yvstrishul
04/28/2023, 5:21 AMYes, I was asking how to get token after signin api. I found this in your docs 'You should attach the st-auth-mode header to calls to the login API'. I think this can be used to store the access token in cookie to be used as authorization bearer token for subsequent request. Am I right?
r
rp
04/28/2023, 5:22 AMare you calling the sign in APi of the core? Or of the APis exposed via the backend middleware?
y
yvstrishul
04/28/2023, 5:22 AMvia middleware of your backend sdk (/auth/signin)
r
rp
04/28/2023, 5:24 AMright. So the response headers will have the access and refresh tokens
st-access-tokenst-refresh-tokeny
yvstrishul
04/28/2023, 5:25 AMyes how are they usually fetched and stored?
r
rp
04/28/2023, 5:27 AMthey are stored in the browser usaually
when you say how are they fetched - do you mean how to read them from the headers in the response?
y
yvstrishul
04/28/2023, 5:28 AMyes
r
rp
04/28/2023, 5:28 AMthat i mean you can google 🙂
y
yvstrishul
04/28/2023, 5:30 AMok Thank you