Morning, I'm not sure if this has been reported, or if anyone else has run into this issue, but in order for my backend to respond to our client, I had to include the following headers in the cors list:

supertokens-sdk-version
supertokens-sdk-name

This was after integrating with superTokens in the front end and modifying the axios instance