Hey there. I'm brand new to SuperTokens and tryin...
# support-questions-legacy
d
Hey there. I'm brand new to SuperTokens and trying to setup the ThirdPartyEmailPassword recipe. I followed the docs, but when visiting the URL returned by
/{apiBasePath}/authorisationurl?thirdPartyId=google
I get en error (from Google) saying "Missing required parameter: redirect_uri". How can I get my backend to include that parameter in the request?
r
Hey @dbottisti
Are you querying the api manually from the frontend?
If yes, don’t do that. Instead, use our frontend SDK
d
But you don't have an SDK for my frontend framework - Elm
r
Hmm I see.
I think elm has a way to use js as well in it?
d
yes, you can interop, but I'd like to avoid it if at all possible
r
I would really recommend you to use our frontend SDK into your elm app. It would make lots of things easier. Especially session management
If you don’t want to do that, then you will need to add the redirect uri on your own to the returned url
d
Ok. My JS isn't very good, so it's kinda hard for me to follow the sample app
r
(Our frontend SDK does that, but you’re not using it)
d
I see. I'll try working with it as best I can
r
It will be a struggle for you to manage sessions on your own without our frontend SDK. It has a lot of edge cases around session refreshing which we solve for
d
I see. Do all of my HTTP requests (for my own endpoints) then need to go through the front-end?
i.e., to "sign" the request?
or is that handled by the browser via the HttpOnly cookies?
r
The brower should add cookies to the request
Are you talking about SSR?
d
No
r
Right. So requests made from the frontend will contain the access token
Added by the browser
d
(Assuming I'm using cookies rather than the Auth header)
r
As long as you have set credentials include setting in your requests
And if the access token has expired, you get a 401 back
And then you should call the refresh api
d
Ah, ok - I think I can manage that
r
👍
d
Thanks for your help!
r
Happy to help 🙂