Skip to main content

2. Backend config

1) Create Lambda layer with required libraries#

mkdir lambda && cd lambda

npm i -s supertokens-node @middy/core @middy/http-cors
mdkir nodejs && cp -r node_modules nodejs
zip -r supertokens-node.zip nodejs/

2) Upload SuperTokens lambda layer#

  • Open AWS Lambda dashboard and click on layers:

  • Click "Create Layer" button:

  • Give a name for your layer, upload the zip and select the runtime

3) Link lambda layer with lambda function#

  • Scroll to the bottom and look for the Layers tab. Click on Add a layer

  • Select Custom Layer and then select the layer we created in the first step:

4) Create a backend config file#

Using the editor provided by AWS, create a new config file and write the following code:

config.js

import ThirdPartyEmailPassword from 'supertokens-node/recipe/thirdpartyemailpassword';
import Session from 'supertokens-node/recipe/session'

function getBackendConfig() {
  return {
    framework: "awsLambda",
    supertokens: {
      connectionURI: "",
      apiKey: "",
    },
    appInfo: {
      // learn more about this on https://supertokens.com/docs/emailpassword/appinfo
      appName: "<YOUR_APP_NAME>",
      apiDomain: "<YOUR_API_DOMAIN>",
      websiteDomain: "<YOUR_WEBSITE_DOMAIN>",
      apiBasePath: "/auth",
      websiteBasePath: "/auth",
      apiGatewayPath: "/dev"
    },
    recipeList: [
      ThirdPartyEmailPassword.init({
        providers: [
          // We have provided you with development keys which you can use for testing.
          // IMPORTANT: Please replace them with your own OAuth keys for production use.
          ThirdPartyEmailPassword.Google({
            clientId: "1060725074195-kmeum4crr01uirfl2op9kd5acmi9jutn.apps.googleusercontent.com",
            clientSecret: "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",
          }),
          ThirdPartyEmailPassword.Github({
            clientId: "467101b197249757c71f",
            clientSecret: "e97051221f4b6426e8fe8d51486396703012f5bd",
          }),
          ThirdPartyEmailPassword.Apple({
            clientId: "4398792-io.supertokens.example.service",
            clientSecret: {
                keyId: "7M48Y4RYDL",
                privateKey: "-----BEGIN PRIVATE KEY-----\nMIGTAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBHkwdwIBAQQgu8gXs+XYkqXD6Ala9Sf/iJXzhbwcoG5dMh1OonpdJUmgCgYIKoZIzj0DAQehRANCAASfrvlFbFCYqn3I2zeknYXLwtH30JuOKestDbSfZYxZNMqhF/OzdZFTV0zc5u5s3eN+oCWbnvl0hM+9IW0UlkdA\n-----END PRIVATE KEY-----",
                teamId: "YWQCXGJRJL",
            },
          }),
          // ThirdPartyEmailPassword.Facebook({
          //   clientSecret: "FACEBOOK_CLIENT_SECRET",
          //   clientId: "FACEBOOK_CLIENT_ID",
          // })
        ]
      }),
      Session.init(),
    ],
    isInServerlessEnv: true,
  }
}

module.exports.getBackendConfig = getBackendConfig;
important

In the above code, notice the extra config of apiGatewayPath that was added to the appInfo object. The value of this should be whatever you have set as the value of your AWS stage which scopes your API endpoints. For example, you may have a stage name per dev environment:

  • One for development (/dev).
  • One for testing (/test).
  • One for prod (/prod).

So the value of apiGatewayPath should be set according to the above based on the env it's running under.

You also need to change the apiBasePath on the frontend config to append the stage to the path. For example, if the frontend is query the development stage and the value of apiBasePath is /auth, you should change it to /dev/auth.

Which frontend SDK do you use?
supertokens-web-js / mobile
supertokens-auth-react