Skip to main content

2. Backend config

1) Install supertokens package#

npm i supertokens-node

2) Create a configuration file (config/supertokensConfig.js)#

  • Create a config folder in the root directory of your project.
  • Create a supertokensConfig.js inside the config folder.
  • An example of this file can be found here.

3) Create a backend config function#

/config/supertokensConfig.ts

import ThirdParty from 'supertokens-node/recipe/thirdparty';import Session from 'supertokens-node/recipe/session'
function getBackendConfig() {  return {    framework: "awsLambda",    supertokens: {      connectionURI: "",      apiKey: "",    },    appInfo: {      // learn more about this on https://supertokens.com/docs/thirdparty/appinfo      appName: "<YOUR_APP_NAME>",      apiDomain: "<YOUR_API_DOMAIN>",      websiteDomain: "<YOUR_WEBSITE_DOMAIN>",      apiBasePath: "/auth",      websiteBasePath: "/auth"    },    recipeList: [      ThirdParty.init({        signInAndUpFeature: {          providers: [            // We have provided you with development keys which you can use for testing.            // IMPORTANT: Please replace them with your own OAuth keys for production use.            ThirdParty.Google({              clientId: "1060725074195-kmeum4crr01uirfl2op9kd5acmi9jutn.apps.googleusercontent.com",              clientSecret: "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"            }),            ThirdParty.Github({              clientId: "467101b197249757c71f",              clientSecret: "e97051221f4b6426e8fe8d51486396703012f5bd"            }),            ThirdParty.Apple({              clientId: "4398792-io.supertokens.example.service",              clientSecret: {                  keyId: "7M48Y4RYDL",                  privateKey:                      "-----BEGIN PRIVATE KEY-----\nMIGTAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBHkwdwIBAQQgu8gXs+XYkqXD6Ala9Sf/iJXzhbwcoG5dMh1OonpdJUmgCgYIKoZIzj0DAQehRANCAASfrvlFbFCYqn3I2zeknYXLwtH30JuOKestDbSfZYxZNMqhF/OzdZFTV0zc5u5s3eN+oCWbnvl0hM+9IW0UlkdA\n-----END PRIVATE KEY-----",                  teamId: "YWQCXGJRJL",              },            }),            // ThirdParty.Facebook({            //  clientSecret: "FACEBOOK_CLIENT_SECRET",            //  clientId: "FACEBOOK_CLIENT_ID"            // })          ],        }      }),      Session.init(),    ],    isInServerlessEnv: true,  }}
module.exports.getBackendConfig = getBackendConfig;

When you want to generate your own keys, please refer to the corresponding documentation to get your client ids and client secrets for each of the below providers:

Google
  • Generate your client ID and secret by following the docs here
  • Set the authorisation callback URL to <YOUR_WEBSITE_DOMAIN>/auth/callback/google
Github
  • Generate your client ID and secret by following the docs here
  • Set the authorisation callback URL to <YOUR_WEBSITE_DOMAIN>/auth/callback/github
Facebook
  • Generate your client ID and secret by following the docs here
  • Set the authorisation callback URL to <YOUR_WEBSITE_DOMAIN>/auth/callback/facebook
Note

Make sure to enable https to be able to use the test users of the Facebook app. On http://localhost, the login flow can be verified only with the app's admin user.

Apple
  • Generate your client ID and secret by following this article
  • Set the authorisation callback URL to <YOUR_API_DOMAIN>/auth/callback/apple. Note that Apple doesn't allow localhost in the URL. So if you are in dev mode, you can use the dev keys we have provided above.