https://supertokens.com/ logo
custom claims issue
m

mukulg22

05/15/2023, 5:50 AM
hey team, I changed some custom claims in the access token payload, since then, I dont seem to get the
Session.doesSessionExist()
to be true. I've added an array to one of the custom claim. Not sure if thats supported
r

rp

05/15/2023, 7:23 AM
hey @mukulg22 can you elaborate please?
m

mukulg22

05/15/2023, 7:26 AM
Hey @rp i figured out the issue, my claims was over 4096B and so I eventually reduced it.
I have another query here
r

rp

05/15/2023, 7:27 AM
aahhh right
sure
m

mukulg22

05/15/2023, 7:27 AM
We are trying to resign the jwt with custom claim key and value. Is there a way to do that
Without making the user to login back again
r

rp

05/15/2023, 7:28 AM
use the session.mergeIntoAccessToken payload function on the backend
m

mukulg22

05/15/2023, 7:30 AM
Which method should I invoke from the frontend?
r

rp

05/15/2023, 7:31 AM
you can;'t change the payload from the frontend
m

mukulg22

05/15/2023, 7:31 AM
Should I expose it as an api from backend?
r

rp

05/15/2023, 7:31 AM
you will have to make an API of your own which does the payload change
> Should I expose it as an api from backend? Yes
m

mukulg22

05/15/2023, 7:32 AM
Is this a good practice?
r

rp

05/15/2023, 7:32 AM
yup
m

mukulg22

05/15/2023, 7:32 AM
Perfect
r

rp

05/15/2023, 7:32 AM
and the APi should do session verification first
m

mukulg22

05/15/2023, 7:32 AM
Will give it a try and update
@rp Im not able to access the user management dashboard using
/auth/dashboard
url
n

nkshah2

05/15/2023, 9:33 AM
Hi @mukulg22 Can I see the full config you pass to SuperTokens when initialising it on the backend
m

mukulg22

05/15/2023, 9:35 AM
refer to the issue attached

https://cdn.discordapp.com/attachments/1107545641342742558/1107602176794165329/image.png

n

nkshah2

05/15/2023, 9:36 AM
Im not sure thats the image you meant to send
n

nkshah2

05/15/2023, 9:41 AM
Try opening
API_DOMAIN/dashboard
(without the
/auth
)
m

mukulg22

05/15/2023, 9:43 AM
I have /auth in the apiBasePath
n

nkshah2

05/15/2023, 9:43 AM
In the config you just sent its
apiBasePath: "",
m

mukulg22

05/15/2023, 9:43 AM
It was working fine for a long time, now all I see is a blank white screen with Supertokens favicon.
route isnt an issue here
n

nkshah2

05/15/2023, 9:44 AM
Do you see any errors in the browser console?
m

mukulg22

05/15/2023, 9:44 AM
this is what i see
n

nkshah2

05/15/2023, 9:47 AM
What version of the SDK are you using?
m

mukulg22

05/15/2023, 9:48 AM
12.1.1
n

nkshah2

05/15/2023, 9:53 AM
Do you see errors in the network tab?
Also can you try in a private tab/incognito window
m

mukulg22

05/15/2023, 3:39 PM
hey @rp facing cors issue when i try to access the api. Using express for backend and angular for frontend
r

rp

05/15/2023, 4:02 PM
what's the cors error on the browser?
m

mukulg22

05/15/2023, 4:29 PM
Yes. It throws cors for custom api written in express, supertoken middleware apis work fine
r

rp

05/15/2023, 4:59 PM
whats the error though?
m

mukulg22

05/15/2023, 5:06 PM

https://cdn.discordapp.com/attachments/1107545641342742558/1107715733871411320/image.png

r

rp

05/15/2023, 5:07 PM
on the browser console
m

mukulg22

05/15/2023, 5:08 PM

https://cdn.discordapp.com/attachments/1107545641342742558/1107716243928129576/image.png

r

rp

05/15/2023, 5:09 PM
right. You should add
"authorization"
in the access-control-allowed-header cors setting
m

mukulg22

05/15/2023, 5:17 PM
@rp fixed it.
Facing 403 for the custom claim api
{
  "message": "invalid claim",
  "claimValidationErrors": [
    {
      "id": "st-ev",
      "reason": {
        "message": "wrong value",
        "expectedValue": true,
        "actualValue": false
      }
    }
  ]
}
r

rp

05/15/2023, 5:18 PM
right. So this means that the user needs to go through the email verification flow first before given access to any of the APIs.
m

mukulg22

05/15/2023, 5:19 PM
cool ev means email verification? Is it alright if i disable the email verification required in the configuration to overcome this?
r

rp

05/15/2023, 5:20 PM
yea.. up to you really. Depends on your business needs
m

mukulg22

05/15/2023, 5:20 PM
cool
thanks a mill for your help