Channels
bot-training
community
contributing
general
github-activity
info
introductions
new-releases
random
security
support-questions
welcome-0xdelusion
welcome-aj-ya
welcome-aleksandrc
welcome-alpinjs
welcome-amberlamps1
welcome-andrew-rodriguez
welcome-ankit-choudhary
welcome-anthony-stod-custodio
welcome-call-in
welcome-chwalbox
welcome-claybiokiller
welcome-co7e
welcome-cosmoecwsa
welcome-devdag
welcome-dinso
welcome-drebotelho
welcome-elio
welcome-ernest
welcome-foxbarrington
welcome-fromscratch
welcome-galto4ir
welcome-goetzum
welcome-hay-kot
welcome-himanshu-kukreja
welcome-hossambarakat
welcome-ichikawakazuto
welcome-jahir9991
welcome-jamesl
welcome-jerry123424
welcome-john-oliver
welcome-jonas-alexanderson
welcome-jxyz
welcome-kelvinwop
welcome-kraz
welcome-lancekey
welcome-leoo
welcome-lukeacollins
welcome-m-j-mon
welcome-malik-khoja
welcome-marco
welcome-mardadi
welcome-meshguy
welcome-metamorph
welcome-mike-tectu
welcome-mirzok
welcome-mozomig
welcome-naberyou66_
welcome-nacer
welcome-namratha
welcome-naveenkumar
welcome-nightlight
welcome-nischith
welcome-notankit
welcome-olawumi
welcome-pavan-kumar-reddy-n
welcome-pineappaul
welcome-poothebear
welcome-rick
welcome-samuel-qosenergy
welcome-samuelstroschein
welcome-shubhamgoel23
welcome-shubhamkaushal
welcome-sidebar
welcome-surajsli
welcome-suyash_
welcome-syntaxerror
welcome-tauno
welcome-tawnoz
welcome-teclali
welcome-tls
welcome-turbosepp
welcome-vikram_shadow
Title
i
Iruizmar
10/27/2022, 7:04 AMHello!
I have an app whose backend is written in Kotlin. If possible, I wouldn't like to have a different language there. Is there any possibility to interact with Supertokens hosted solution? Any plans to release a Java SDK? Thanks!
r
rp
10/27/2022, 7:21 AMhey @Iruizmar
A backend Java SDK is probably going to take a while. Until then, your best bet is to start another process in nodejs / golang / python which integrates with our backend SDKs and acts as the auth service
You can directly call the core APIs from your backend, but it will require you to make those APIs in your java backend - which can take a while
i
Iruizmar
10/27/2022, 7:34 AMHey @rp , thanks for that!
That sounds reasonable. So the auth service will generate the tokens and then I can validate those on the Kotlin service to protect the routes? Is there any doc on how to achieve that (specially the second part)?.
r
rp
10/27/2022, 7:39 AMThere isn't specific docs for it yet, but once you call the core's sign in API, it will tell you if the credentials were correct or not.
If they are correct, you can then call the core's JWT APIs to create a JWT and then send that to the frontend. Verification of the JWT would be standard.
i
Iruizmar
10/27/2022, 7:43 AMOk, I will try that, thanks 🙂
Hey mate @rp , sorry to disturb. How am I supposed to return the JWT to the frontend? Is it necessary to create a custom endpoint to return it? I can't see any function on the frontend SDKs for that.
r
rp
10/27/2022, 11:15 AMOnce you call the sign in core API from your backend, you need to call the JWT creation API to the core as well. That will return a JWT to your backend. Then the backend can send the JWT however it likes on the frontend.
Are you using our frontend SDK? If yes, which one?
i
Iruizmar
10/27/2022, 11:16 AMWell, the frontend is written using Kotlin Multiplatform, so I thin I will just attack the API directly.
r
rp
10/27/2022, 11:18 AMright. In that case, you should can pass the JWT to the frontend hjowever you like
since it's your own API on the Kotlin side anyway
i
Iruizmar
10/27/2022, 11:20 AMYeah. So auth service (using NestJs) attacks core API to get a session, then generates a JWT and send it back to the client. All this done on a custom endpoint because there isn't any exposed automatically to do this, right?
r
rp
10/27/2022, 11:20 AMoh wait, you're using nestjs backend?
We have an SDK for node js
i
Iruizmar
10/27/2022, 11:21 AMI'm using nestjs just for the auth service, everything else is Kotlin.
r
rp
10/27/2022, 11:21 AMi see. In that case, the APIs for sign in etc.. are exposed by the nestjs service via our backend SDK
i
Iruizmar
10/27/2022, 11:21 AMI thought that was your suggestion initially, haha.
Yes, but there isn't any to retrieve the JWT, is it?
r
rp
10/27/2022, 11:22 AMYou can enable JWTs in the session recipe -> https://supertokens.com/docs/session/common-customizations/sessions/with-jwt/about
and that will essentially add a JWT to the access token payload of the session which can be read on the frontend
and then passed to the kotlin backend
i
Iruizmar
10/27/2022, 11:24 AMIs the JWT added as a cookie or how? This is what I'm getting using the OTP endpoint.
r
rp
10/27/2022, 11:25 AMyea so it's in the front-token header value. See this page: https://supertokens.com/docs/passwordless/custom-ui/handling-session-tokens, and scroll to the "If not using our frontend SDK" section
you can essentially decode the front-token and get the access token paylaod from it, which will contain the JWT
i
Iruizmar
10/27/2022, 11:27 AMAwesome!!
Thanks for that 🙂 And for the super fast reply.
r
rp
10/27/2022, 11:28 AMhappy to help!
when you say kotlin frontend, do you mean android frontend? Or something else?
or is it a kotlin server just serving plain html / css?
i
Iruizmar
10/27/2022, 11:29 AMUI is done on native Android and native iOS and web, but the domain and network logic of the three apps is shared using Kotlin Multiplatform:
https://kotlinlang.org/docs/multiplatform.html
That's why I would need a "pure" Kotlin SDK, and I'm not using Android's one.
r
rp
10/27/2022, 11:30 AMohh. interesting. I see.
Cool! If you have any more questions, please feel free to ask
i
Iruizmar
10/27/2022, 11:30 AMSure, mate, thanks a lot.