🐛 Bug Report: "Invalid success param: URL host must be one of ...
#7255
Comments
|
@erdkse, thanks for creating this issue! 🙏 Have you created a web platform with the same hostname as the success url you're trying? |
|
Yes @stnguyen90, email session work well on my actual domain, but there is another issue with the hostname, If I add only the domain I am not able to create an email session too, I have to add hostname with wildcard as To summarize again;
And the error message says that. The success URL must be one of If I change Web platform hostname to It looks like my Request Headers' origin and the rest are correct when I send request from domain Note: There is no issue when creating OAuth or Email session on localhost. |
|
I also facing exact same issue. My hosting and usage environment is similar to above. I am also getting the following message: |
|
@erdkse, thanks for the details. It should work if you put an exact match for the domain your app is running on and the web platform. For example, if my app is running on app.example.com, I would put app.example.com as the web platform. In addition, my success url for the create OAuth2 session API call would be something like
Can you share request logs for the create email session API call? Maybe something else caused it to fail. Btw, there is a problem in which wildcards are not honored when validating URLs in params like the success URL. That issue is here: #6322 (comment). |
|
@optionedge, are you still seeing the error? FYI, I'll need to close this due to inactivity soon. |
|
Sorry @stnguyen90, I have some unexpected things to do so I am not able to share logs for the next 2-3 days. Yes, I am still having the issue but I was able to solve the problem for both login methods by adding I will share the logs as soon as I find the chance. |
|
@stnguyen90 If I put exact domain, in web platform and put the same in success url for oauth then it works, however then email login stopped working because of cors issue: This is my current scenario:
As soon as I change the host on web platform to '*' email login works properly, then it breaks the oAuth.
I have currently disabled the oauth and using only email auth. Not sure how to get around the above issue. |
|
@erdkse, did you add an additional web platform for your site? Seeing as you have 2 websites accessing your Appwrite project, you should have 2 web platforms with the matching hostname. |
|
hey @stnguyen90, no I have only 1 platform to reach the project, the other hostname is responsible for reaching to appwrite in general or to the other projects inside appwrite. But I solved my problem only by adding "www" in front of my hostname. Now I am able to handle both email and OAuth authentication without any issue. |
|
hey, I am also experiencing a similar issue; it does not work in the development debug mode (localhost). Is it not possible to set localhost as the redirect destination? The error message seems to suggest that localhost is allowed. The web application is running locally, and Appwrite is operating on a separate server under a global domain. As shown in the image, I have already added it to the platform, and there are no CORS issues. |
Ah, I've resolved it myself. It seems that the address specified in the successURL must end with a slash.
|
👟 Reproduction steps
I am a self-hosted user. I installed appwrite with domain 'A' and created an application and added another domain 'B' as custom domain to project to support OAuth login.
When I try to login via Google I receive this error.
I configured SDK platform hostname correctly and I am sending right redirect urls on success and fail cases when logging in.
👍 Expected behavior
It should succesfully login.
👎 Actual Behavior
It throws an error for misconfiguration.
🎲 Appwrite version
Version 1.4.x
💻 Operating system
Linux
🧱 Your Environment
I use Appwrite v1.4.9 on docker-compose. There is no customization.
I am using Web SDK v13.0.1
👀 Have you spent some time to check if this issue has been raised before?
🏢 Have you read the Code of Conduct?
The text was updated successfully, but these errors were encountered: