Skip to main content

User Creation

Passwordless Migration#

To migrate a Passwordless user you from your previous authentication provider to SuperTokens, you will first need to generate a code for the user and then call the consume code API.

Generate passwordless code#

With Email

curl --location --request POST '/recipe/signinup/code' \--header 'api-key: <YOUR_API_KEY>' \--header 'Content-Type: application/json' \--data-raw '{    "email": "johndoe@example.com"}'

With Phone Number


curl --location --request POST '/recipe/signinup/code' \--header 'api-key: <YOUR_API_KEY>' \--header 'Content-Type: application/json' \--data-raw '{    "phoneNumber": "+14155552671"}'

On successfully generating the passwordless code you should see the following response

{    "status": "OK",    "preAuthSessionId": "d3Zpa9eoyV2Wr7uN5DLr6H1clzbwwGTc_0wIIXJT55M=",    "codeId": "4fe93f8e-a5da-4588-82e2-314c6993b345",    "deviceId": "+cWm1Y2EFxEPyHM7CAwYyAdkakBeoEDm6IOGT3xfa1U=",    "userInputCode": "463152",    "linkCode": "UlEb3-gbIYow61ce6RNzghkGN8qcHkpRwbhHbvMEjxY=",    "timeCreated": 1664283193059,    "codeLifetime": 900000}

Consume the passwordless code to create the passwordless user#

Retrieve the preAuthSessionId and linkCode from the previous response and set them as request body parameters for the consume code request.

curl --location --request POST '/recipe/signinup/code/consume' \--header 'api-key: <YOUR_API_KEY>' \--header 'Content-Type: application/json' \--data-raw '{    "preAuthSessionId": "d3Zpa9eoyV2Wr7uN5DLr6H1clzbwwGTc_0wIIXJT55M=",    "linkCode": "UlEb3-gbIYow61ce6RNzghkGN8qcHkpRwbhHbvMEjxY="}'

If the user has both email and password associated with them, then you can call the update user API to associate the missing information

curl --location --request PUT '/recipe/user' \--header 'api-key: <YOUR_API_KEY>' \--header 'rid: passwordless' \--header 'Content-Type: application/json' \--data-raw '{  "userId": "fa7a0841-b533-4478-95533-0fde890c3483",  "email": "johndoe@gmail.com",  "phoneNumber": "+14155552671"}'

ThirdParty Migration#

To migrate users with social accounts we can simply call the SuperTokens Core's signInUp API with the provider Id and the user's third party userId.

For example:

If we were importing a user with Google as their provider with their third party userId being 106347997792363870000, we can run the following curl command to import the user. 

curl --location --request POST '/recipe/signinup' \--header 'api-key: <YOUR_API_KEY>' \--header 'Content-Type: application/json' \--data-raw '{  "thirdPartyId": "google",  "thirdPartyUserId": "106347997792363870000",  "email": {    "id": "johndoe@gmail.com"  }}'
Which frontend SDK do you use?
supertokens-web-js / mobile
supertokens-auth-react