https://supertokens.com/ logo
Channels
bot-training
community
contributing
general
github-activity
info
introductions
new-releases
random
security
support-questions
welcome-0xdelusion
welcome-aj-ya
welcome-aleksandrc
welcome-alpinjs
welcome-amberlamps1
welcome-andrew-rodriguez
welcome-ankit-choudhary
welcome-anthony-stod-custodio
welcome-call-in
welcome-chwalbox
welcome-claybiokiller
welcome-co7e
welcome-cosmoecwsa
welcome-devdag
welcome-dinso
welcome-drebotelho
welcome-elio
welcome-ernest
welcome-foxbarrington
welcome-fromscratch
welcome-galto4ir
welcome-goetzum
welcome-hay-kot
welcome-himanshu-kukreja
welcome-hossambarakat
welcome-ichikawakazuto
welcome-jahir9991
welcome-jamesl
welcome-jerry123424
welcome-john-oliver
welcome-jonas-alexanderson
welcome-jxyz
welcome-kelvinwop
welcome-kraz
welcome-lancekey
welcome-leoo
welcome-lukeacollins
welcome-m-j-mon
welcome-malik-khoja
welcome-marco
welcome-mardadi
welcome-meshguy
welcome-metamorph
welcome-mike-tectu
welcome-mirzok
welcome-mozomig
welcome-naberyou66_
welcome-nacer
welcome-namratha
welcome-naveenkumar
welcome-nightlight
welcome-nischith
welcome-notankit
welcome-olawumi
welcome-pavan-kumar-reddy-n
welcome-pineappaul
welcome-poothebear
welcome-rick
welcome-samuel-qosenergy
welcome-samuelstroschein
welcome-shubhamgoel23
welcome-shubhamkaushal
welcome-sidebar
welcome-surajsli
welcome-suyash_
welcome-syntaxerror
welcome-tauno
welcome-tawnoz
welcome-teclali
welcome-tls
welcome-turbosepp
welcome-vikram_shadow
Powered by
custom claims issue
m

mukulg22

05/15/2023, 5:50 AM
hey team, I changed some custom claims in the access token payload, since then, I dont seem to get the 
Session.doesSessionExist()
to be true. I've added an array to one of the custom claim. Not sure if thats supported
r

rp

05/15/2023, 7:23 AM
hey @mukulg22 can you elaborate please?
m

mukulg22

05/15/2023, 7:26 AM
Hey @rp i figured out the issue, my claims was over 4096B and so I eventually reduced it.
I have another query here
r

rp

05/15/2023, 7:27 AM
aahhh right
sure
m

mukulg22

05/15/2023, 7:27 AM
We are trying to resign the jwt with custom claim key and value. Is there a way to do that
Without making the user to login back again
r

rp

05/15/2023, 7:28 AM
use the session.mergeIntoAccessToken payload function on the backend
m

mukulg22

05/15/2023, 7:30 AM
Which method should I invoke from the frontend?
r

rp

05/15/2023, 7:31 AM
you can;'t change the payload from the frontend
m

mukulg22

05/15/2023, 7:31 AM
Should I expose it as an api from backend?
r

rp

05/15/2023, 7:31 AM
you will have to make an API of your own which does the payload change
> Should I expose it as an api from backend? Yes
m

mukulg22

05/15/2023, 7:32 AM
Is this a good practice?
r

rp

05/15/2023, 7:32 AM
yup
m

mukulg22

05/15/2023, 7:32 AM
Perfect
r

rp

05/15/2023, 7:32 AM
and the APi should do session verification first
m

mukulg22

05/15/2023, 7:32 AM
Will give it a try and update
@rp Im not able to access the user management dashboard using 
/auth/dashboard
url
n

nkshah2

05/15/2023, 9:33 AM
Hi @mukulg22 Can I see the full config you pass to SuperTokens when initialising it on the backend
m

mukulg22

05/15/2023, 9:35 AM
refer to the issue attached

https://cdn.discordapp.com/attachments/1107545641342742558/1107602176794165329/image.png

n

nkshah2

05/15/2023, 9:36 AM
Im not sure thats the image you meant to send
m

mukulg22

05/15/2023, 9:39 AM
Check this https://cdn.discordapp.com/attachments/1107545641342742558/1107603259222413352/test.js
n

nkshah2

05/15/2023, 9:41 AM
Try opening 
API_DOMAIN/dashboard
(without the 
/auth
)
m

mukulg22

05/15/2023, 9:43 AM
I have /auth in the apiBasePath
n

nkshah2

05/15/2023, 9:43 AM
In the config you just sent its 
apiBasePath: "",
m

mukulg22

05/15/2023, 9:43 AM
It was working fine for a long time, now all I see is a blank white screen with Supertokens favicon.
route isnt an issue here
n

nkshah2

05/15/2023, 9:44 AM
Do you see any errors in the browser console?
m

mukulg22

05/15/2023, 9:44 AM
this is what i see
n

nkshah2

05/15/2023, 9:47 AM
What version of the SDK are you using?
m

mukulg22

05/15/2023, 9:48 AM
12.1.1
n

nkshah2

05/15/2023, 9:53 AM
Do you see errors in the network tab?
Also can you try in a private tab/incognito window
m

mukulg22

05/15/2023, 3:39 PM
hey @rp facing cors issue when i try to access the api. Using express for backend and angular for frontend
r

rp

05/15/2023, 4:02 PM
what's the cors error on the browser?
m

mukulg22

05/15/2023, 4:29 PM
Yes. It throws cors for custom api written in express, supertoken middleware apis work fine
r

rp

05/15/2023, 4:59 PM
whats the error though?
m

mukulg22

05/15/2023, 5:06 PM

https://cdn.discordapp.com/attachments/1107545641342742558/1107715733871411320/image.png

r

rp

05/15/2023, 5:07 PM
on the browser console
m

mukulg22

05/15/2023, 5:08 PM

https://cdn.discordapp.com/attachments/1107545641342742558/1107716243928129576/image.png

r

rp

05/15/2023, 5:09 PM
right. You should add 
"authorization"
in the access-control-allowed-header cors setting
m

mukulg22

05/15/2023, 5:17 PM
@rp fixed it.
Facing 403 for the custom claim api
{
  "message": "invalid claim",
  "claimValidationErrors": [
    {
      "id": "st-ev",
      "reason": {
        "message": "wrong value",
        "expectedValue": true,
        "actualValue": false
      }
    }
  ]
}
r

rp

05/15/2023, 5:18 PM
right. So this means that the user needs to go through the email verification flow first before given access to any of the APIs.
m

mukulg22

05/15/2023, 5:19 PM
cool ev means email verification? Is it alright if i disable the email verification required in the configuration to overcome this?
r

rp

05/15/2023, 5:20 PM
yea.. up to you really. Depends on your business needs
m

mukulg22

05/15/2023, 5:20 PM
cool
thanks a mill for your help
#support-questionsJoin Discord
Powered by