https://supertokens.com/ logo
Title
a

abhisheksinghkapoor

11/04/2022, 10:23 AM
I am trying to call an api on client side, the cookies aren't there in the api, thus it responds 440, I tried calling it on the server side the api worked fine and returns a status of 200 the cookies are available in that case
r

rp

11/04/2022, 10:30 AM
hey @abhisheksinghkapoor - whats the question here?
a

abhisheksinghkapoor

11/04/2022, 10:32 AM
So basically I have session api that runs on refreshing of the page and get the user details from the backend
when i call the api on the client-side(on refresh) it fails to fetch the data and the acesstoken, sidrefreshtoken and refreshtoken happens to be missing, but they are present when the api is called on the server side i.e. by click of a button
r

rp

11/04/2022, 10:34 AM
ah i see. Cause the domains won't match then.. what are the web server and API server's domain values?
a

abhisheksinghkapoor

11/04/2022, 10:37 AM
Not sure how to log domain details for a client side api, the domain initially is api.classcardapp.com
r

rp

11/04/2022, 10:37 AM
there should be a config on the backend to set cookie domain for the cookies - set that to
.classcardapp.com
i don't recall what the name is, since you are using a really old version of the SDK
a

abhisheksinghkapoor

11/04/2022, 10:38 AM
it should be for the clientside api itself right?
r

rp

11/04/2022, 10:39 AM
where the refresh API exists
so where the login API happens
a

abhisheksinghkapoor

11/04/2022, 10:41 AM
Got confirmation from thhe backend team it is already set
r

rp

11/04/2022, 10:43 AM
when the login API is called, and the cookies is sent to the frontend (via set-cookie header), what is the full header value? You can send a screenshot
a

abhisheksinghkapoor

11/04/2022, 10:46 AM
these are the request headers
r

rp

11/04/2022, 10:48 AM
the domain is not set to
.classcard.app
- as you can clearly see
so please check the backend impl
a

abhisheksinghkapoor

11/04/2022, 10:49 AM
My bad, on it
Had a word with the backend team, they told me that .classcardapp.com isn't a domain
r

rp

11/04/2022, 11:19 AM
thats the value that needs to be set for
cookieDomain
in the session.init
it is a valid domain for cookies setting
(these docs are for the newer versions of the SDK)
a

abhisheksinghkapoor

11/04/2022, 11:20 AM
ok
do we need to append the recipeList:[ ] and then use the session Init?
r

rp

11/04/2022, 11:21 AM
no.
just in backend init, there will be an optional like cookie domain or something
a

abhisheksinghkapoor

11/04/2022, 11:22 AM
okk
hey the domain is actually correct
on .classcardapp.com there is nothing
and it isn't a real domain
r

rp

11/04/2022, 11:38 AM
no i mean if you set it to that, the cookies will be sent to any sub domain of classcardapp.com -> isn't that what you want?
a

abhisheksinghkapoor

11/04/2022, 11:39 AM
Yes, so basically I am getting them on signup but not on reload
even if there is no such domain can we set it to that and test?
I am not sure that would work
r

rp

11/04/2022, 11:39 AM
i think you should read up about cookie domain setting
a

abhisheksinghkapoor

11/04/2022, 11:40 AM
ok
@rp one last question, how come the api works with the same configuration on the server side? I am trying to access the same endpoint using domain as api.classcardapp.com but fails at the client-side
From what I feel the cookies are missing on the client-side call
r

rp

11/04/2022, 11:48 AM
whats the client domain?
a

abhisheksinghkapoor

11/04/2022, 11:53 AM
Not sure on how to log the client-side api call, give me sometime @rp
The domain is same @rp just got the confirmation from backend as the base url are same
r

rp

11/04/2022, 12:27 PM
same as? Can you send me the value?
a

abhisheksinghkapoor

11/04/2022, 12:29 PM
api.classcardapp.com
this is the domain for the cookies throughout the code
r

rp

11/04/2022, 12:29 PM
right yea, but whats your frontend domain?
a

abhisheksinghkapoor

11/04/2022, 12:29 PM
the baseURL?
r

rp

11/04/2022, 12:30 PM
the website domain
the domain on which your users see the UI
a

abhisheksinghkapoor

11/04/2022, 12:30 PM
Yes we do have that and it is set to app.classcardapp.com
r

rp

11/04/2022, 12:30 PM
and also, what are the request headers for the API in which cookies are not being sent?
a

abhisheksinghkapoor

11/04/2022, 12:31 PM
Well the api is client-side
it can't be seen inthe network log
r

rp

11/04/2022, 12:31 PM
i don't understand what that means
api is client side?
a

abhisheksinghkapoor

11/04/2022, 12:31 PM
the api call sorry* that means it won't appear in the network log
r

rp

11/04/2022, 12:31 PM
why not?
if the browser makes the API call, it will show up in the network logs right?
a

abhisheksinghkapoor

11/04/2022, 12:34 PM
The api is set private so it won't actually
r

rp

11/04/2022, 12:34 PM
not sure what that means
Can we discuss this over a call sometime next week?
a

abhisheksinghkapoor

11/04/2022, 12:34 PM
Yes sure
r

rp

11/04/2022, 12:34 PM
will be easier
thanks
next thursday / fri works well for me
so ping me here those days and we can setup a call
a

abhisheksinghkapoor

11/04/2022, 12:35 PM
Could it be monday?
r

rp

11/04/2022, 12:35 PM
im quite busy on monday
keep in mind, this is free support you are getting 🙂
hope you understand.
in the meantime, if you can somehow show me the request headers for the API call being made, we can try and debug on chat here
or describe exactly whats happening in detail, along with clear domain names, that would help too
a

abhisheksinghkapoor

11/04/2022, 12:38 PM
I understand thank you, I will talk to my senior once, he will join the thread
I will try to catch out on prerequisites in the meanwhile for request headers
r

rp

11/04/2022, 12:38 PM
sounds good
thanks
a

abhisheksinghkapoor

11/04/2022, 12:39 PM
Thanks for support, have a great weekend sir
r

rp

11/04/2022, 12:39 PM
to you too 🙂