If you are using our backend SDK that is lesser than the following versions, please visit the older documentation link here.

Backend Integration

Supported frameworks#

1) Install#

npm i -s supertokens-node

2) Initialise SuperTokens#

3) Initialise Social login providers#

You can find the list of built in providers here. To add a provider that is not listed, you can follow our guide on setting up custom providers.

4) Add the SuperTokens APIs & CORS setup#

  • Add the middleware BEFORE all your routes.
  • Add the cors middleware BEFORE the SuperTokens middleware as shown below.
import express from "express";
import cors from "cors";
import supertokens from "supertokens-node";
import {middleware} from "supertokens-node/framework/express";

let app = express();

allowedHeaders: ["content-type", ...supertokens.getAllCORSHeaders()],
credentials: true,

// IMPORTANT: CORS should be before the below line.

// ...your API routes

This middleware adds a few APIs (see all the APIs here):

  • POST /auth/signinup/code: For starting the passwordless login/sign up process
  • POST /auth/signinup/code/resend: To generate and resend a code during an already started login/sign up process
  • POST /auth/signinup/code/consume: For finishing the passwordless login/sign up process
  • GET /auth/passwordless/email/exists: To check if an email is already signed up
  • GET /auth/passwordless/phonenumber/exists: To check if a phonenumber is already signed up
  • POST /auth/signinup: For signing up/signing in a user using a thirdparty provider.

5) Add the SuperTokens error handler#

Add the errorHandler AFTER all your routes, but BEFORE your error handler

import express from "express";
import {errorHandler} from "supertokens-node/framework/express";

const app = express();
// ...your API routes

// Add this AFTER all your routes

// your own error handler
app.use((err: any, req: express.Request, res: express.Response, next: express.NextFunction) => {

6) Setup the SuperTokens core#

You need to now setup an instance of the SuperTokens core for your app (that your backend should connect to). You have two options: