Core Driver Interface
Overview
The CDI, Core Driver Interface, is the API exposed by the SuperTokens Core service. It is meant to be consumed only by your backend only.
In most cases, you don't need to directly interact with the API, since the existing backend SDKS are built on top of it.
URL Structure
Most of the endpoints take in two path parameters: appid-{appId} and {tenantId}. Both are optional. If not set, the default app and tenant will be used.
Given the following endpoint: /appid-{appId}/{tenantId}/recipe/totp/device/verify:
- You can call it without the actual path parameters, using /recipe/totp/device/verify in your action.
- You can set both values and end up with a path that looks like this: /appid-myApp/myTenant/recipe/totp/device/verify.
Versioning
At the moment, the documentation pages only show the latest version of the API. If you want to check an older release, please access the Swagger page
To know which version you should see:
- Check the version of the core you are running (for managed service, visit the dashboard, else run supertokens --version command)
- Go to the SuperTokens Core GitHub page
- Switch to the branch that matches the version of the core your running
- Open the file called coreDriverInterfaceSupported.json
- In there, you see an array of X.Y values, pick the latest one, and see the API spec for that.
Authentication
The API uses JWT tokens for authentication. In order for the core service to accept a request you need to set the api-key header with the value of your token.
If you are using the managed service, the token can be accessed from the dashboard. In the context of a self-hosted instance, keys are not created by default. You have to explicitly generate them.