Skip to main content

User Creation

Passwordless Migration#

To migrate a Passwordless user you from your previous authentication provider to SuperTokens, you will first need to generate a code for the user and then call the consume code API.

Generate passwordless code#

With Email

curl --location --request POST '/recipe/signinup/code' \
--header 'api-key: ' \
--header 'Content-Type: application/json' \
--data-raw '{
"email": "johndoe@example.com"
}'

With Phone Number


curl --location --request POST '/recipe/signinup/code' \
--header 'api-key: ' \
--header 'Content-Type: application/json' \
--data-raw '{
"phoneNumber": "+14155552671"
}'

On successfully generating the passwordless code you should see the following response

{
"status": "OK",
"preAuthSessionId": "d3Zpa9eoyV2Wr7uN5DLr6H1clzbwwGTc_0wIIXJT55M=",
"codeId": "4fe93f8e-a5da-4588-82e2-314c6993b345",
"deviceId": "+cWm1Y2EFxEPyHM7CAwYyAdkakBeoEDm6IOGT3xfa1U=",
"userInputCode": "463152",
"linkCode": "UlEb3-gbIYow61ce6RNzghkGN8qcHkpRwbhHbvMEjxY=",
"timeCreated": 1664283193059,
"codeLifetime": 900000
}

Consume the passwordless code to create the passwordless user#

Retrieve the preAuthSessionId and linkCode from the previous response and set them as request body parameters for the consume code request.

curl --location --request POST '/recipe/signinup/code/consume' \
--header 'api-key: ' \
--header 'Content-Type: application/json' \
--data-raw '{
"preAuthSessionId": "d3Zpa9eoyV2Wr7uN5DLr6H1clzbwwGTc_0wIIXJT55M=",
"linkCode": "UlEb3-gbIYow61ce6RNzghkGN8qcHkpRwbhHbvMEjxY="
}'

If the user has both email and password associated with them, then you can call the update user API to associate the missing information

curl --location --request PUT '/recipe/user' \
--header 'api-key: ' \
--header 'rid: passwordless' \
--header 'Content-Type: application/json' \
--data-raw '{
"userId": "fa7a0841-b533-4478-95533-0fde890c3483",
"email": "johndoe@gmail.com",
"phoneNumber": "+14155552671"
}'

ThirdParty Migration#

To migrate users with social accounts we can simply call the SuperTokens Core's signInUp API with the provider Id and the user's third party userId.

For example:

If we were importing a user with Google as their provider with their third party userId being 106347997792363870000, we can run the following curl command to import the user.

curl --location --request POST '/recipe/signinup' \
--header 'api-key: ' \
--header 'Content-Type: application/json' \
--data-raw '{
"thirdPartyId": "google",
"thirdPartyUserId": "106347997792363870000",
"email": {
"id": "johndoe@gmail.com"
}
}'