Channels
#support-questions
Title
a
aV
05/22/2022, 8:59 AMDo I have to setup backendConfig.js file if my my backend is already setup with golang?
r
rp
05/22/2022, 8:59 AMYou don’t. You can ignore all things related to supertokens-node in the NextJS guide.
You don’t. You can ignore all things related to supertokens-node in the NextJS guide.
a
aV
05/22/2022, 9:02 AMok I was confused
r
rp
05/22/2022, 9:03 AMI see. So it’s clear now?
a
aV
05/22/2022, 9:04 AMyes
I don't want to specify frontend url in the backend. Backend should be completely unaware who is using its auth apis. Frontend should call the backend apis directly. To make sure only trusted front-end apps can request for login I want to provide some sort of secret access token by registering the app. They can use the token to make call from frontend. The backend will validate if the app is registered or not. If not reject the request. Is it possible?
r
rp
05/22/2022, 9:22 AMWell.. the websiteDomain value on the backend helps with setting the right config for the session cookies and it also is used it generate the correct email verification and password reset links.
As for embedding a secret access token on the frontend, that’s not secure as that access token can be very easily found and used by a malicious frontend
a
aV
05/22/2022, 9:25 AMok thanks