Skip to content
Start building
Back

error when trying to create oauth2 session

  • 0
  • Accounts
  • Web
View on Discord
arpentnoir
17 Mar, 2023, 03:28
  • I have appwrite deployed to digital ocean, with CNAME record on netlify such that my appwrite instance is at admin.<thething>.io
  • I have an SPA hosted on netlify which is served at demo.<thething>.io
  • have oauth provider configured in appwrite (at the moment I'm using slack)

when I attempt to create an oauth2 session, I am redirected to the oauth provider, and then back to the SPA where I see this error:

TypeScript
{
  "message":"User (role: guests) missing scope (account)",
  "code":401,
  "type":"general_unauthorized_scope",
  "version":"1.2.0"}
TL;DR
The user is experiencing an error when trying to create an OAuth2 session. They suspect that their changes to allow requested scopes in the Slack config are not taking effect. They are also seeing an error message indicating that the user is missing the 'account' scope. The solution may involve checking network logs for the flow, ensuring that the response headers include set-cookie, and examining the configuration of the reverse proxy.
Drake
17 Mar, 2023, 03:39

Do you have a reverse proxy in front of Appwrite?

arpentnoir
17 Mar, 2023, 03:44

nope

Drake
17 Mar, 2023, 04:13

Can you turn on your network logger and inspect the network logs for the flow? You should look for the one that goes to Appwrite and ends with /redirect. Do the response headers include set-cookie?

arpentnoir
17 Mar, 2023, 04:30

doesn't look like it

TypeScript
HTTP/1.1 301 Moved Permanently
access-control-allow-credentials: true
access-control-allow-headers: Origin, Cookie, Set-Cookie, X-Requested-With, Content-Type, Access-Control-Allow-Origin, Access-Control-Request-Headers, Accept, X-Appwrite-Project, X-Appwrite-Key, X-Appwrite-Locale, X-Appwrite-Mode, X-Appwrite-JWT, X-Appwrite-Response-Format, X-SDK-Version, X-SDK-Name, X-SDK-Language, X-SDK-Platform, X-SDK-GraphQL, X-Appwrite-ID, Content-Range, Range, Cache-Control, Expires, Pragma
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE
access-control-allow-origin: https://localhost
access-control-expose-headers: X-Fallback-Cookies
content-type: text/html
date: Fri, 17 Mar 2023 04:24:30 GMT
location: https://....io
server: Appwrite
strict-transport-security: max-age=10886400
x-content-type-options: nosniff
x-debug-fallback: true
x-debug-speed: 0.61099410057068
x-ratelimit-limit: 50
x-ratelimit-remaining: 42
x-ratelimit-reset: 1679029200
content-length: 0
X-Firefox-Spdy: h2
Drake
17 Mar, 2023, 04:34

Are you sure the session was created successfully?

arpentnoir
17 Mar, 2023, 05:05

ok, I had something silly going on with routes, and yes, you're right, being returned back to failure endpoint.

I'm not clear on where to go next to see why this is failing. I suspect my changes to allow requested scopes in slack config not taking effect, cause it's complaining at me... going to switch to a different provider and see if that changes anything.

Drake
17 Mar, 2023, 05:29

You can try following this to get the output from the oauth provider. Maybe there's an error message that might be helpful: https://gist.github.com/stnguyen90/77ed3aea84213aea7986bbd360f8c20f

arpentnoir
17 Mar, 2023, 05:29

awesome, thanks @Steven

Reply

Reply to this thread by joining our Discord

Reply on Discord

Recommended threads

Need support?

Join our Discord

Get community support by joining our Discord server.

Join Discord

Get premium support

Join Appwrite Pro and get email support from our team.

Learn more