Skip to main content

2. Backend config

1) Install supertokens package#

npm i supertokens-node

2) Create a configuration file (config.js)#

  • Create a config.js file in the root directory of your project.
  • An example of this file can be found here.

3) Create a backend config function#

config.ts

import ThirdPartyEmailPassword from 'supertokens-node/recipe/thirdpartyemailpassword';import Session from 'supertokens-node/recipe/session'
function getBackendConfig() {  return {    framework: "awsLambda",    supertokens: {      connectionURI: "",      apiKey: "",    },    appInfo: {      // learn more about this on https://supertokens.com/docs/thirdpartyemailpassword/appinfo      appName: "<YOUR_APP_NAME>",      apiDomain: "<YOUR_API_DOMAIN>",      websiteDomain: "<YOUR_WEBSITE_DOMAIN>",      apiBasePath: "/auth",      websiteBasePath: "/auth",      apiGatewayPath: "/dev" // TODO: same as what's set on the frontend config    },    recipeList: [      ThirdPartyEmailPassword.init({        providers: [          // We have provided you with development keys which you can use for testing.          // IMPORTANT: Please replace them with your own OAuth keys for production use.          ThirdPartyEmailPassword.Google({            clientId: "1060725074195-kmeum4crr01uirfl2op9kd5acmi9jutn.apps.googleusercontent.com",            clientSecret: "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"          }),          ThirdPartyEmailPassword.Github({            clientId: "467101b197249757c71f",            clientSecret: "e97051221f4b6426e8fe8d51486396703012f5bd"          }),          ThirdPartyEmailPassword.Apple({            clientId: "4398792-io.supertokens.example.service",            clientSecret: {                keyId: "7M48Y4RYDL",                privateKey:                    "-----BEGIN PRIVATE KEY-----\nMIGTAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBHkwdwIBAQQgu8gXs+XYkqXD6Ala9Sf/iJXzhbwcoG5dMh1OonpdJUmgCgYIKoZIzj0DAQehRANCAASfrvlFbFCYqn3I2zeknYXLwtH30JuOKestDbSfZYxZNMqhF/OzdZFTV0zc5u5s3eN+oCWbnvl0hM+9IW0UlkdA\n-----END PRIVATE KEY-----",                teamId: "YWQCXGJRJL",            },          }),          // ThirdPartyEmailPassword.Facebook({          //  clientSecret: "FACEBOOK_CLIENT_SECRET",          //  clientId: "FACEBOOK_CLIENT_ID"          // })        ],      }),      Session.init(),    ],    isInServerlessEnv: true,  }}
module.exports.getBackendConfig = getBackendConfig;

When you want to generate your own keys, please refer to the corresponding documentation to get your client ids and client secrets for each of the below providers:

Google
  • Generate your client ID and secret by following the docs here
  • Set the authorisation callback URL to <YOUR_WEBSITE_DOMAIN>/auth/callback/google
Github
  • Generate your client ID and secret by following the docs here
  • Set the authorisation callback URL to <YOUR_WEBSITE_DOMAIN>/auth/callback/github
Facebook
  • Generate your client ID and secret by following the docs here
  • Set the authorisation callback URL to <YOUR_WEBSITE_DOMAIN>/auth/callback/facebook
Note

Make sure to enable https to be able to use the test users of the Facebook app. On http://localhost, the login flow can be verified only with the app's admin user.

Apple
  • Generate your client ID and secret by following this article
  • Set the authorisation callback URL to <YOUR_API_DOMAIN>/auth/callback/apple. Note that Apple doesn't allow localhost in the URL. So if you are in dev mode, you can use the dev keys we have provided above.