Skip to main content

Password managers

Styling encapsulation relies on the "shadow DOM" browser feature.

Unfortunately, password managers such as Dashlane, LastPass, OnePassword, etc do not detect authentication forms fields inside shadow DOMs.

Therefore, if you would like to make sure that your end users can use their password managers, you will have to disable shadow DOM.

import SuperTokens from "supertokens-auth-react";
import ThirdPartyEmailPassword from "supertokens-auth-react/recipe/thirdpartyemailpassword";

SuperTokens.init({
appInfo: {
apiDomain: "...",
appName: "...",
websiteDomain: "..."
},
recipeList: [
ThirdPartyEmailPassword.init({
useShadowDom: false
})
]
});
Demo of a password manager working with prebuilt UI when shadow DOM is disabled
caution
  • SuperTokens uses a special attribute to define its styling so disabling shadow DOM should not impact the rest of your application's styles. On the other hand, when disabling Shadow DOM, make sure to verify that your CSS does not impact how SuperTokens UI is rendered.
  • Shadow DOM will always be disabled with Internet Explorer since it does not support it. Similarly, if you intend to support Internet Explorer for your application make sure to verify how SuperTokens UI is rendered.
Which frontend SDK do you use?
supertokens-web-js / mobile
supertokens-auth-react