Fetch User for Token Based Authentication does not work for server side APIs

There is a flag for REST API requests called “Make this request through a server” and it works great. I am working with an API where this needs to be selected for all requests.

Now a problem I have is that the Fetch User action for Token Based Auth doesn’t have a flag to check this flag which is causing a blocker for me using the token-based auth plugin.

What does anyone suggest? Is WeWeb right in restricting this flag?

I have created a workflow to show Fetch User doesn’t work but manually getting a user and refreshing a token does work if I configure the actions manually.

What is the error? Is it something related to CORS?

If yes, are you in control of the endpoint you are calling?

If yes you can add proper handling of CORS in your backend.

If no as a workaround you can add another endpoint on your backend that will proxy the request to the real endpoint and will return the response with the correct handling of CORS.

See also this related topic.

I am not in control of the endpoint but I can inform them of what change to make. Is it a case of adding WeWeb’s IP address as an allowed host from the code level then this should sort things?

It depends on the error you get.
Open the developer tools in the browser and check te console. If it is related to CORS then you can have a look to the links of the previous post.

I think you are right with this comment from the above link

Looks like the preflight request is failing because the backend is responding with 2 values for ‘Access-Control-Allow-Origin’. It should be just * instead of *,*

I will let them know :slight_smile: thanks!

it looks more like the ‘Access-Control-Allow-Origin’ header is missing.

Yea it was. All fixed now :slight_smile: Thank you

1 Like