tl;dr: same project settings, same OIDC credentials. Auth works on self hosted but not in cloud.
I have a project in my self hosted instance with a single web platform (Next.js) and I've configured OIDC as my authentication method which has been working fine for now. I was planning to migrate to Appwrite Cloud, but when I configured auth there with exactly the same credentials, authentication simply doesn't work (I didn't use the "Migrate to cloud" option, but still the auth settings is exactly the same).
Just as a general FYI I'm using the Appwrite SDK with provider: OAuthProvider.Oidc in account.createOAuth2Session as stated in the docs. But this is not related to the code itself, because the implementation is working fine in the self hosted instance.
When I log in using the cloud instance, I see the successful login in my IdP logs, but back in my app this is all I get:
There was an error processing your request. Please check the inputs and try again. (general_bad_request, 400)
Again, no changes in the code, no differences in the OIDC settings, everything exactly the same. I change the endpoint/projectId from self hosted to cloud and it stops working.
I don't see anything in the cloud instance that can let me check for logs or anything like that, and haven't found anything regarding OIDC not being available in my cloud instance in the docs, am I missing something? Thanks! :)
Could be a third party cookie issue. Or maybe duplicate identity issue
Probably the duplicate identity issue
how would you suggest debugging this further?
The email address from the oidc provider. Is there a user with that email?
yes, of course. it’s working just fine in my self hosted instance
What if you log in in an incognito window?
I've tried from incognito and also different browsers, and the behavior is always the same:
- Auth is working great with self hosted instance
- Without making changes anywhere in the code, I only change Appwrite endpoint and project ID to cloud (with exactly the same auth settings configured in both instances)
- I get
There was an error processing your request. Please check the inputs and try again. (general_bad_request, 400)back in my application when trying to authenticate (all this with a successful login in log in my IdP, no session created in appwrite)
Can you share your project id and the email address of the user in the oidc provider?
I just payed for a Pro plan and it started working 😆 could this be related?
No I don't think so
I'll share the project id and the email address of the user in the oidc provider for the project that isn't working over DM in case you can check logs
Recommended threads
- Auth activity page is broken
- Appwrite Education Account - Commercial ...
Hello team, Can anyone please confirm me if we are eligible to use the Appwrite Cloud education plan offered to deploy an app and if it started getting moneti...
- Executor with custom S3 doesn't work in ...
Was testing to upgrade appwrite to 1.9.5 and when testing the S3 part i saw the executor didn't work anymore. When looking closly i saw the `StorageFactory` doe...