Should be the path in your API domain that is controlled by SuperTokens. The default value is /auth. So by default, the SDK will send a POST request to apiDomain + "/auth/session/refresh" for refreshing a session.
sessionExpiredStatusCode (Optional)
Type: number
Default: 401
HTTP status code that indicates session expiry - as sent by your APIs.
sessionScope (Optional)
Type: string
Default: Same as the domain in the currently loaded URL.
Set this to your website domain across which you want to share a session. For example, if your website domain (that is loaded by the user) is example.com, then the value of this should be example.com. If your site has subdomains that need to keep the same session, like a.example.com and b.example.com, then the value of this should be example.com.
refreshAPICustomHeaders (Optional)
Type: object
Default: {}
If your refresh API requires any custom headers (for example a version number), then you can provide that in this object. An example is: {api-version: "0"}
autoAddCredentials (Optional)
Type: boolean
Default true
Setting this to true adds credentials: "include" to all requests. This is needed for cross origin requests (website is on example.com and API is on api.example.com)
Returns
void
Throws
Nothing
addAxiosInterceptors(axios)
Parameters
axios instance
Returns
void
Throws
Nothing
doesSessionExist()
Parameters
None
Returns
boolean
Throws
Nothing
attemptRefreshingSession()
Parameters
None
Returns
Promise<boolean>
Throws
Identical to an error thrown by fetch.
An Error object if the init function is not called.
