KalibCheil
04/08/2022, 4:22 PM"try refresh token".
and every other endpoint works well.
But if I comment the verifySession()
in production I can create the user.rp
04/08/2022, 4:25 PMKalibCheil
04/08/2022, 4:25 PMrp
04/08/2022, 4:25 PMKalibCheil
04/08/2022, 4:25 PMrp
04/08/2022, 4:26 PMDEBUG=com.supertokens node index.js
KalibCheil
04/08/2022, 4:27 PMrp
04/08/2022, 4:34 PMhttp://localhost:3000
. Is that intentional? Shouldn't prod API server have a domain like https://api.dr.cheil.cloud/
or something?KalibCheil
04/08/2022, 4:37 PMrp
04/08/2022, 4:38 PMrid: "anti-csrf"
as a header in your requestKalibCheil
04/08/2022, 4:40 PMrp
04/08/2022, 4:40 PMrid: "anti-csrf"
. Since this is missing from the postman request, the verifySession rejects the request (for security)