Back
Authentication issues with appwrite on custom domain
Hello, I’m self-hosting Appwrite v1.8.0 and have been running into persistent authentication issues when accessing the API through my custom domain. I am unable to sign in/sign up to my frontend application using that domain, although it works fine if i use the IP of my appwrite instance.
Appwrite version 1.8.0 hosted in a VM, reverse proxied with Nginx running through a cloudflare tunnel. Appwrite .env:
TypeScript
_APP_LOCALE=en
_APP_OPTIONS_ABUSE=enabled
_APP_OPTIONS_FORCE_HTTPS=disabled
_APP_OPTIONS_FUNCTIONS_FORCE_HTTPS=disabled
_APP_OPTIONS_ROUTER_FORCE_HTTPS=disabled
_APP_OPTIONS_ROUTER_PROTECTION=disabled
_APP_DOMAIN=domain.com
_APP_CUSTOM_DOMAIN_DENY_LIST=example.com,test.com,app.example.com
_APP_DOMAIN_FUNCTIONS=functions.localhost
_APP_DOMAIN_SITES=sites.localhost
_APP_DOMAIN_TARGET_CNAME=domain.com
_APP_DOMAIN_TARGET_AAAA=::1
_APP_DOMAIN_TARGET_A=127.0.0.1
_APP_DOMAIN_TARGET_CAA=
_APP_DNS=8.8.8.8
_APP_CONSOLE_WHITELIST_ROOT=enabled
_APP_CONSOLE_WHITELIST_EMAILS=
_APP_CONSOLE_WHITELIST_IPS=
_APP_CONSOLE_HOSTNAMES=domain.com```
On my project .env i have ```NEXT_PUBLIC_APPWRITE_ENDPOINT="https://domain.com/v1"```
Running domain.com/v1/health in my browser gives me ```{"message":"User (role: guests) missing scopes ([\"health.read\"])","code":401,"type":"general_unauthorized_scope","version":"1.8.0"}```
Any ideas for fixing this would be much appreciated.
TL;DR
Developers self-hosting Appwrite version 1.8.0 are facing authentication issues accessing the API via a custom domain. The problem is specific to the domain, as using the IP address works fine. The issue seems related to missing scopes when using the custom domain. A solution could involve checking and adjusting the scopes and permissions for the domain in Appwrite settings.