Hey guys did anyone faced an issue where you call ...
# generalk
khan
03/22/2024, 4:24 AMHey guys did anyone faced an issue where you call the
Copy code
session.signOut()r
rp_st
03/22/2024, 4:34 AMHey @khan
rp_st
03/22/2024, 4:34 AMThis happens if you have a misconfiguration and the session tokens. Aren’t being passed in the request
k
khan
03/22/2024, 4:35 AMconfigs on the frontend side or on the backend side
r
rp_st
03/22/2024, 4:35 AMCould be either
rp_st
03/22/2024, 4:35 AMBut most likely frontend
k
khan
03/22/2024, 4:36 AMalright thanks I will debug that
khan
03/22/2024, 4:43 AM@rp_st could you advise on the configs a bit. I am using the builtin feature from supertokens I just tested locally its fine. But when deploy to vercel (frontend) and supertokens (digital ocean) which runs with nginx as proxy. The login works fine but not the logout
khan
03/22/2024, 4:43 AMAPI_DOMAIN = digital ocean link
WEB_DOMAIN = vercel deployment link
r
rp_st
03/22/2024, 4:44 AMCan I see the sign in api response headers?
rp_st
03/22/2024, 4:44 AMScreenshot will do
k
khan
03/22/2024, 4:44 AMsure one sec
khan
03/22/2024, 4:47 AMr
rp_st
03/22/2024, 4:47 AMright. Can you hover on the orange triangle? what does it say/
k
khan
03/22/2024, 4:48 AMr
rp_st
03/22/2024, 4:48 AMyup.
rp_st
03/22/2024, 4:49 AMSO if you want to contniue to use httpOnly cookies, you need to make the website and api domain on the same base domain, or else, switch to using header based auth instead of cookie (search in our docs for "token transfer method")
k
khan
03/22/2024, 4:51 AMAlright thanks for the info, I will check that. But if we want to use the cookie based flow there is no other way around except using same base domain
r
rp_st
03/22/2024, 4:53 AMyea, unfortunately not. Browsers don't like that
k
khan
03/22/2024, 4:55 AMAlright, thanks for the help