https://supertokens.com/ logo
Join Discord
Powered by
Hey everyone, So I'm not off to a good start, I a...
# support-questions-legacy
o
Hey everyone, So I'm not off to a good start, I am not even able to sign up. None of the options work, including email. Any help with this?
r
Hey. Have you setup the backend SDK?
o
No I am just trying to sign up on the website
r
On our website? On supertokens.com?
Which login method are you using?
o
Yes on Supertokens.com I have tried Github, Google and entering my email and pass.
r
Huh.. is there something blocking the browser from contacting our servers? Can I see the network tab please?
o
I keep seeing that resource in the console
r
what happens if you click on login with google? Can i see the network tab whilst you click that button please?
o
r
it seems like our servers are blocked for you
not sure why that would be happening. Are you on a VPN?
o
I am not.
r
maybe you should try one and see if it works? Which country are you in?
o
Im in the US
r
try a different browser also maybe?
o
I am not sure why your servers would be blocked for me specifically
r
yeaa.. neither am i. Very strange
o
I already tried Edge and Chrome. Same result
r
try using a VPN?
whats even more weird is that supertokens.com is working for you, but api.supertokens.com is not.. even though they resolve to the same IP
o
So I just had my coworker try an sign up an it's the same thing
r
huh.. really.
let me try to VPN from the US
is it possible that your office firewall is preventing these calls?
o
Nah we don't have a firewall that strict
Hold on though
I have never run into this
r
cause our site is working fine.. i tried differnet countries too right now
o
The site works
the sign up doesn't
I can't even use my phone to try as it redirects to desktop
r
yea cause the site does require api.supertokens.com to work, but the sign up form does require that
im quite sure it's some sort of office firewall in play here.
maybe use a different internet connection?
o
Ok weird.
I was able to access through my hotspot
r
Yeaaa. I thought so
o
I'm not sure why they would be blocking you or even on what layer that's happening
I haven't been blocked on Ping or Auth0
r
Yea. Not sure either. There has been one such incident happen a year ago as well. The issue was that the firewall had a HUGE list of blocked sites that dynamically kept updating. And ours was on it cause at one point, we had supertokens.io which redirected to supertokens.com, and that kind of redirection got us on that blacklist (still no idea why)
o
Where is your site hosted?
r
Aws
o
Where is the API hostd?
r
Same as the site
Both on ec2 instances on aws
o
Is it regionally located here in the US?
r
Nope
o
That might be the thing
r
Hmm. But then why would supertokens.com load for you
I guess CDN
(We use cloudflare for our website)
Anyway, this doesn’t really affect the service we provide to our customers from the point of view of us being their auth provider
o
Thanks for the help. Could provide a list of domains you recommend white-listing in order to use your service?
r
Supertokens.com, *.supertokens.com, supertokens.io, *.supertokens.io
o
@rp_st hello! I am coming back to you about this API being blocked. I had my network team take a look as to why this was being blocked internally and we arrived at the conclusion that the API endpoints reside in India, which triggers our network to block such endpoint appropriately. What I don't understand is why that is the case when I have my ST instance set to Region: 
us-east-1
Why would the API be sending calls out of the country if I have my instance set to the US?
We had to do this, because after my team whitelisted your service, we still could not access. So we troubleshooted and arrived at the endpoints residing in India. Can you clarify why this is the case? If theres no assurance of how the system works, I cannot continue considering it as a possibility even if it is a cool piece of tech.
r
The instance is in us-east-1, that means all your calls to the SuperTokens core will go to the us-east-1 region, where the core resides. On the other hand, our website uses api.supertokens.com for its API layer, and that is in India. None of the actual authentication requests for your app go to api.supertokens.com (except for our default email and sms delivery service, which you can swap out).
2 Views
PreviousNext
Powered by