Skip to main content

If you are using our backend SDK that is lesser than the following versions, please visit the older documentation link here.

Backend Integration

Supported frameworks#

Node.js logoPython logoGolang logo

1) Install#

npm i -s supertokens-node

2) Initialise SuperTokens#

How do you want to identify your users?
Only phone numberOnly emailEmail or phone number
Which authentication type will you use?
OTPMagic linksOTP and Magic link

3) Initialise Social login providers#

How do you want to identify your users?
Only phone numberOnly emailEmail or phone number
Which authentication type will you use?
OTPMagic linksOTP and Magic link
important

You can find the list of built in providers here. To add a provider that is not listed, you can follow our guide on setting up custom providers.

4) Add the SuperTokens APIs & CORS setup#

important
  • Add the middleware BEFORE all your routes.
  • Add the cors middleware BEFORE the SuperTokens middleware as shown below.
import express from "express";
import cors from "cors";
import supertokens from "supertokens-node";
import {middleware} from "supertokens-node/framework/express";

let app = express();

app.use(cors({
origin: "<YOUR_WEBSITE_DOMAIN>",
allowedHeaders: ["content-type", ...supertokens.getAllCORSHeaders()],
credentials: true,
}));

// IMPORTANT: CORS should be before the below line.
app.use(middleware());

// ...your API routes

This middleware adds a few APIs (see all the APIs here):

  • POST /auth/signinup/code: For starting the passwordless login/sign up process
  • POST /auth/signinup/code/resend: To generate and resend a code during an already started login/sign up process
  • POST /auth/signinup/code/consume: For finishing the passwordless login/sign up process
  • GET /auth/passwordless/email/exists: To check if an email is already signed up
  • GET /auth/passwordless/phonenumber/exists: To check if a phonenumber is already signed up
  • POST /auth/signinup: For signing up/signing in a user using a thirdparty provider.

5) Add the SuperTokens error handler#

Add the errorHandler AFTER all your routes, but BEFORE your error handler

import express from "express";
import {errorHandler} from "supertokens-node/framework/express";

const app = express();
// ...your API routes

// Add this AFTER all your routes
app.use(errorHandler())

// your own error handler
app.use((err: any, req: express.Request, res: express.Response, next: express.NextFunction) => {
// TODO
});

6) Setup the SuperTokens core#

You need to now setup an instance of the SuperTokens core for your app (that your backend should connect to). You have two options: