SuperTokens is an open source authentication solution offering features like: Different types of login: Email / password, Passwordless (OTP or Magic link based).

SuperTokens.com

Hi 🙂
After reading the docs, I'm unsure what to do in my use case. I have a social login set up in nextjs, and I would like to send the provider refresh token to my backend API (different service). I already extracted the refresh token in the backend config `override.functions.signInUp` section. 
I need to make an authenticated call to my backend with the current user. Since I don't have a session in the `override.functions.signInUp` function, I'm unsure how to proceed.
Will appreciate your help 🙏

hey <@992993858210234409> could you further elaborate on your setup? Why does another backend call the social login API and not the fronte client?

hey <@498057949541826571> 
so I have the following setup: a NextJs app and an Apollo server API.
When a new user signs up via a social provider, I would like to call the API server for a few reasons:
1. To save the provider identifier and refresh token
2. To trigger post sign up flows, like creating an initial DB entry, associating them with an existing customer organization (by checking email domain), sending a backend analytics event, sending a welcome email, etc
Similarly, in case of a returning user logging in, I would like to run some post login flows in the API server.
As far as I can tell from the docs, [this is](https://supertokens.com/docs/thirdparty/common-customizations/handling-signinup-success) where I should be calling the API server.
I wanted to make the call in the NextJs backend to avoid a roundtrip to the browser, plus that's where I can extract the provider refresh token.

Why don’t you setup our backend SDK in the Apollo server api itself? That way, the overrides there can do whatever you want without making any api call to another process

But if you want this setup, then you should see our m2m auth for backend to backend and use that, and not user sessions for m2m

<@498057949541826571> I see the NextJs as my client app, making graphql API calls to my API server (Apollo).
This is not classic m2m, and the call should be authenticated with the user session.
There will be other clients (like a browser extension, maybe a mobile app) making calls to the graphql API server directly without going through NextJS. 
I'm not sure I understand your first comment about setting up the overrides on the Apollo server using the backend SDK - Your docs about the [integration with the Apollo server](https://supertokens.com/docs/thirdparty/graphql-integration/backend-setup) only specify how to extract the user session, but nothing about overrides.

Well, normally, you would setup the backend SDK middleware in your API layer, and not your frontend server layer. Here, your API layer is the apollo server. So whatever framework you use for that, you need to set up the middleware in that

That's what I wanted to do initially, but after reading some articles about adding an authentication step in the Apollo server, as well as going over your docs, I came to a conclusion it's not doable / recommended...
If my conclusion is wrong, do you have an example for adding the backend SDK middleware to the Apollo server?