https://supertokens.com/ logo
Join Discord
Powered by
I am trying to call an api on client side, the coo...
# support-questions-legacy
a
I am trying to call an api on client side, the cookies aren't there in the api, thus it responds 440, I tried calling it on the server side the api worked fine and returns a status of 200 the cookies are available in that case
r
hey @abhisheksinghkapoor - whats the question here?
a
So basically I have session api that runs on refreshing of the page and get the user details from the backend
when i call the api on the client-side(on refresh) it fails to fetch the data and the acesstoken, sidrefreshtoken and refreshtoken happens to be missing, but they are present when the api is called on the server side i.e. by click of a button
r
ah i see. Cause the domains won't match then.. what are the web server and API server's domain values?
a
Not sure how to log domain details for a client side api, the domain initially is api.classcardapp.com
r
there should be a config on the backend to set cookie domain for the cookies - set that to 
.classcardapp.com
i don't recall what the name is, since you are using a really old version of the SDK
a
it should be for the clientside api itself right?
r
where the refresh API exists
so where the login API happens
a
Got confirmation from thhe backend team it is already set
r
when the login API is called, and the cookies is sent to the frontend (via set-cookie header), what is the full header value? You can send a screenshot
a
these are the request headers
r
the domain is not set to 
.classcard.app
- as you can clearly see
so please check the backend impl
a
My bad, on it
Had a word with the backend team, they told me that .classcardapp.com isn't a domain
r
thats the value that needs to be set for 
cookieDomain
in the session.init
it is a valid domain for cookies setting
(these docs are for the newer versions of the SDK)
a
ok
do we need to append the recipeList:[ ] and then use the session Init?
r
no.
just in backend init, there will be an optional like cookie domain or something
a
okk
hey the domain is actually correct
on .classcardapp.com there is nothing
and it isn't a real domain
r
no i mean if you set it to that, the cookies will be sent to any sub domain of classcardapp.com -> isn't that what you want?
a
Yes, so basically I am getting them on signup but not on reload
even if there is no such domain can we set it to that and test?
I am not sure that would work
r
i think you should read up about cookie domain setting
a
ok
@rp_st one last question, how come the api works with the same configuration on the server side? I am trying to access the same endpoint using domain as api.classcardapp.com but fails at the client-side
From what I feel the cookies are missing on the client-side call
r
whats the client domain?
a
Not sure on how to log the client-side api call, give me sometime @rp_st
The domain is same @rp_st just got the confirmation from backend as the base url are same
r
same as? Can you send me the value?
a
api.classcardapp.com
this is the domain for the cookies throughout the code
r
right yea, but whats your frontend domain?
a
the baseURL?
r
the website domain
the domain on which your users see the UI
a
Yes we do have that and it is set to app.classcardapp.com
r
and also, what are the request headers for the API in which cookies are not being sent?
a
Well the api is client-side
it can't be seen inthe network log
r
i don't understand what that means
api is client side?
a
the api call sorry* that means it won't appear in the network log
r
why not?
if the browser makes the API call, it will show up in the network logs right?
a
The api is set private so it won't actually
r
not sure what that means
Can we discuss this over a call sometime next week?
a
Yes sure
r
will be easier
thanks
next thursday / fri works well for me
so ping me here those days and we can setup a call
a
Could it be monday?
r
im quite busy on monday
keep in mind, this is free support you are getting 🙂
hope you understand.
in the meantime, if you can somehow show me the request headers for the API call being made, we can try and debug on chat here
or describe exactly whats happening in detail, along with clear domain names, that would help too
a
I understand thank you, I will talk to my senior once, he will join the thread
I will try to catch out on prerequisites in the meanwhile for request headers
r
sounds good
thanks
a
Thanks for support, have a great weekend sir
r
to you too 🙂
3 Views
PreviousNext
Powered by