We have a similar scenario. We use OAuth to authenticate with a resource. When using the retool editor / app, the user is able to use our OAuth flow to authenticate to the OpenAPI resource that we have configured and everything works fine. When we use Retool embed with an embed url (that we obtained from making a call on our backend to /api/embed-url/external-user), we get the error Here is the error: JsonWebTokenError: jwt must be provided displayed in the embed frame. We are using the self hosted option. Note that if I open up our retool app and have already authenticated the resource and then refresh the page that has the embed url, it will work fine (because it is already authenticated), but the whole point of embed for us is to make sure that users don't have to login twice. So this at least means the url is valid ... it's just the authentication piece that's not working for embed. Also, I notice that when the retool app is open on its own, when authentication is attempted and viewing the network traffic to retool, a call is made to POST /api/obtainAuthorizationToken that completes with a 200. When the same app is running in embed, the retool call to POST /api/obtainAuthorizationToken fails out with a 401. This seems like maybe a bug within retool?
1 Like