Which frontend SDK do you use?

supertokens-web-js / mobile

supertokens-auth-react

Disabling APIs

NodeJS

To disable the API entirely, all you need to do is override the api implementation as undefined.

For example, if you want to disable the consume code API, all you do is:

import SuperTokens from "supertokens-node";
import ThirdPartyPasswordless from "supertokens-node/recipe/thirdpartypasswordless";

SuperTokens.init({
    appInfo: {
        apiDomain: "...",
        appName: "...",
        websiteDomain: "..."
    },
    recipeList: [
        ThirdPartyPasswordless.init({
            contactMethod: "EMAIL", // This example will work with any contactMethod
            flowType: "USER_INPUT_CODE_AND_MAGIC_LINK", // This example will work with any flow.
            override: {
                apis: (originalImplementation) => {
                    return {
                        ...originalImplementation,
                        consumeCodePOST: undefined, // disable sign in & up with passwordless
                        thirdPartySignInUpPOST: undefined, // disable sign in & up with third party
                    }
                }
            }
        })
    ]
});

GoLang

To disable an API entirely, all you need to do is override the api implementation with nil.

For example, if you want to disable the consume code api from this recipe, all you do is this:

import (
    "github.com/supertokens/supertokens-golang/recipe/thirdpartypasswordless"
    "github.com/supertokens/supertokens-golang/recipe/thirdpartypasswordless/tplmodels"
    "github.com/supertokens/supertokens-golang/supertokens"
)

func main() {
    supertokens.Init(supertokens.TypeInput{
        RecipeList: []supertokens.Recipe{
            thirdpartypasswordless.Init(tplmodels.TypeInput{
                Override: &tplmodels.OverrideStruct{
                    APIs: func(originalImplementation tplmodels.APIInterface) tplmodels.APIInterface {

                        //First we copy the original impl
                        newImplementation := originalImplementation

                        // We disable the sign in and sign up APIs
                        newImplementation.ConsumeCodePOST = nil
                        newImplementation.ThirdPartySignInUpPOST = nil

                        return newImplementation
                    },
                },
            }),
        },
    })
}

Python

To disable an API entirely, all you need to do is override the api disable bool value to True.

For example, if you want to disable the consume code api from this recipe, all you do is this:

from supertokens_python import init, InputAppInfo
from supertokens_python.recipe import thirdpartypasswordless
from supertokens_python.recipe.thirdpartypasswordless.interfaces import APIInterface

def apis_override(original_impl: APIInterface):
    original_impl.disable_consume_code_post = True
    original_impl.disable_thirdparty_sign_in_up_post = True
    return original_impl

init(
    app_info=InputAppInfo(api_domain="...", app_name="...", website_domain="..."),
    framework='...', 
    recipe_list=[
        thirdpartypasswordless.init(
            flow_type="...", 
            contact_config=...,  
            override=thirdpartypasswordless.InputOverrideConfig(
                apis=apis_override
            )
        )
    ]
)

important

You then need to define your own routes that will handle this API call. You can see the Frontend driver interface API spec here