https://supertokens.com/ logo
#support-questions
Title
# support-questions
w

wdjzr

07/02/2022, 5:58 PM
What could be the culprit?
Everything else works, like signin, protected api routes etc
r

rp

07/02/2022, 5:59 PM
Hmmm
Can you enable debug logging on the backend and show the logs for the refresh API?
w

wdjzr

07/02/2022, 6:00 PM
I delete the access token cookie and try an api route, after I get a 401, my refresh token and other cookies get deleted
Sure, let me do that
This is the relevant part
r

rp

07/02/2022, 6:05 PM
right. So it's possible that nginx is not forwarding the refresh token cookie to the server?
w

wdjzr

07/02/2022, 6:06 PM
The client gets the refresh token for sure, I am not sure if it gets back to server
But after the 401, all of my cookies get deleted
r

rp

07/02/2022, 6:06 PM
can i see the request headers being sent from the browser?
when the refresh API call is made
w

wdjzr

07/02/2022, 6:08 PM
Mm yea
r

rp

07/02/2022, 6:08 PM
hmm the refresh token is missing
w

wdjzr

07/02/2022, 6:08 PM
sIdrefresh is there but the token is not
Weird
r

rp

07/02/2022, 6:08 PM
can you logout, login and try again?
maybe you manually deleted the refresh token as well by mistake
w

wdjzr

07/02/2022, 6:09 PM
Same outcome
r

rp

07/02/2022, 6:09 PM
can i see the response headers in the login API?
w

wdjzr

07/02/2022, 6:09 PM
I just deleted the access token
Sure
r

rp

07/02/2022, 6:12 PM
so the refresh token is being sent
i mean the client is getting it
w

wdjzr

07/02/2022, 6:12 PM
Yes, its there
r

rp

07/02/2022, 6:12 PM
the path that it will be sent to is
/api/auth/session/refresh
does that match the refresh API path? When that API is being called?
w

wdjzr

07/02/2022, 6:13 PM
Yes
Well actually, to /backend/api/auth/session/refresh
But that /backend part is the nginx proxy
r

rp

07/02/2022, 6:14 PM
right.. so that's the issue
w

wdjzr

07/02/2022, 6:14 PM
The login, signout also goes thru that
r

rp

07/02/2022, 6:14 PM
whats the apiBasePath that you have set on the frontend?
w

wdjzr

07/02/2022, 6:15 PM
/backend/api/auth
r

rp

07/02/2022, 6:15 PM
and on the backend?
w

wdjzr

07/02/2022, 6:15 PM
base path is /api/auth and api domain is
APIDomain:     "https://localhost/backend"
Ahhh
Let me try localhost as the domain and backend/api as the path
Now I just get 404s, login stopped working too
I will try frontend domain with localhost/backend
I guess that may work
r

rp

07/02/2022, 6:20 PM
actually, the apiBasePath should be /api/auth, but add another config called apiGatewayPath which should be
/backend
w

wdjzr

07/02/2022, 6:21 PM
For frontend or backend?
r

rp

07/02/2022, 6:21 PM
backend
w

wdjzr

07/02/2022, 6:21 PM
This is also kinda weird, let me show you this
Now I set apiDomain: "https://localhost/backend", on frontend and the basePath is /api/auth
But the sdk is making requests to localhost/api/... instead
It makes sense if it only accepts domains without paths
Trying this now
It worked! ❤️
r

rp

07/02/2022, 6:26 PM
ok great!
w

wdjzr

07/02/2022, 6:26 PM
Sorry for bruteforcing the solution
Did not see the apigateway in the guides but I shouldve just checked the struct in the SDK
Thanks a lot ❤️