Thanks for your answer our API will actually be on a domain

Question

Thanks for your answer our API will actually be on a domain of it s own let s say api xxx io But we have two different domains for our client websites xxx eu and xxx com and when initializing Supertokens on the backend we can only define one website domain

rp · Answer

hey < edistra>

rp · Answer

the websiteDomain on the backend is used for generating reset password or email verification links and setting cookie attributes You can set the websiteDomain to any one of those domains and then override the sendEmail function for email verification reset password if applicable to change the link s domain based on the request s origin set cookieSameSite property in session init on the backend to none

edistra · Answer

Oh that s good news Thanks for the info will try it that way We thought we would have issues when trying to initialize sessions from a different origin than the websiteDomain but now it s more clear

rp · Answer

great