Skip to content
Back

[SOLVED] session cookie not saving

  • 0
  • Resolved
  • 4
  • Self Hosted
  • Auth
darklordbazz
21 Oct, 2025, 18:03

it appears with my app hosted on Cloudflare worker pages, when i try to login it does not save the session cookie. however it saves in on localhost and no problems there

Version 1.7.4 self hosted

TL;DR
The issue with the session cookie not saving was due to a development key that was set in early development. Removing the dev key solved the problem.
21 Oct, 2025, 21:40

Do you see a session in your local storage? Naming similar to a_session_<PROJECT_ID>

21 Oct, 2025, 21:41

Does the domain your app use have the same root as your appwrite instance?

22 Oct, 2025, 04:13

Nothing stored

22 Oct, 2025, 04:14

Originally was api.cloud.example.com and app.example.com But tested with api.app.examole.com and still doesn't work

24 Oct, 2025, 03:55

i have since updated to 1.8.0 and issue still persists

24 Oct, 2025, 12:52

I'm not sure, <@462046107556511744> would you have any insight?

24 Oct, 2025, 13:42

Same problem for me. I use Appwrite at aw.domain.com and run the site via test.com. The whole thing works without any problems on the desktop and it also works on the Android phone under Chrome. But as soon as I use incognito mode or another phone, no cookie is saved, even though it is present in the response from the /callback. This means you are always guided through the auth process (through the programming on my side). The whole thing is very strange

24 Oct, 2025, 15:14

Can you inspect the response headers of the create email password session call and share the details?

24 Oct, 2025, 15:15

Test against api.app.example.com

24 Oct, 2025, 18:06

and I just tested against a self-hosted 1.8.0 using curl and I see the response header as expected:

24 Oct, 2025, 18:07

the command:

TypeScript
curl -i -H 'X-Appwrite-Project: <PROJECT_ID>' -H 'Content-Type: application/json' https://<ENDPOINT>/account/sessions/email -d '{"email": "<EMAIL>", "password": "<PASSWORD>"}'
24 Oct, 2025, 18:24
24 Oct, 2025, 18:30

corrected domain to the one you wanted me to run

24 Oct, 2025, 18:42

so it looks like the cookie is being returned in the header as expected. as well as the fallback cookie

24 Oct, 2025, 18:43

so everything looks fine on Appwrite side

24 Oct, 2025, 18:44

everything works fine in localhost and when using the ip of my dev web server, only doesnt work when on prod with cloudflare pages

24 Oct, 2025, 19:03

so did some more testing, only doesnt work when it has an actual domain, ips work fine no matter where i put it

but as soon as i have it use a domain, it breaks

24 Oct, 2025, 19:03

could this be an issue with nginx proxy manager

24 Oct, 2025, 19:04

all domain are under integrations

24 Oct, 2025, 19:04

Do you have the website on the ip and Appwrite via a domain then? I think, I had the problem the same way.

24 Oct, 2025, 19:05

so appwrite is on api.cloud.example.com and app on any domain ive tested doesnt work but on any ip it works

appwrite is being a NPM proxy app with a domain has been behind a NPM or cloudflare proxy

24 Oct, 2025, 19:07

Yep... Same here. What about different browsers and between desktop and mobile?

24 Oct, 2025, 19:07

tried all that

24 Oct, 2025, 19:41

make sure you're forwarding to Appwrite using HTTPS

Reply

Reply to this thread by joining our Discord

Reply on Discord

Need support?

Join our Discord

Get community support by joining our Discord server.

Join Discord

Get premium support

Join Appwrite Pro and get email support from our team.

Learn more