API Gateway Redirection

Hello,

I am running into an issue getting Retool to access a Google Cloud Run backend that is hidden behind a Google Cloud API Gateway. The API Gateway seems to return a 302 redirect, which Retool does not follow, instead gives me the redirect message itself. Example below:

{"rawXml":"<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 3.2 Final//EN\">\n<title>Redirecting...</title>\n<h1>Redirecting...</h1>\n<p>You should be redirected automatically to target URL: <a href=\"http://example-api-gateway-uc.a.run.app/app/login/\">http://example-backend-uc.a.run.app/app/login/</a>. If not click the link.","parsedXml":{"title":"Redirecting..."}}

This behavior repeats itself on other paths, but I don't get any issue testing these flows on Postman. From what I searched through the forum and the docs I found no mention of this issue anywhere. Is anyone able to help?

Hi @brunoban, This is strange—we should generally should be following redirects :thinking: Would you be able to share some more detail surrounding this issue? Specifically, can you share the request that is returning this message, does your Gateway enforce HTTPS, and does your Gateway have any logging configured that might help shed some light on this issue?

The example request I run is something similar to this (sensitive information removed and example domain):

curl --location --request POST 'https://api-gateway-example.example.com/login/' \
--header 'Content-Type: application/json' \
--data-raw '{"email":"(111) 444-2341","password":"abcd123456789!"}'

I don't think the logging from the GCP API Gateway helps much, but this is the log (sensitive information removed).

{
  "insertId": "3153ce1f-28f0-4481-b94f-aa0271d9d7ec4850965654466612439@a1",
  "jsonPayload": {
    "producer_project_id": "test-example",
    "api_name": "1.api_gateway_example_apigateway_test_develop_cloud_goog",
    "http_status_code": 308,
    "response_code_detail": "via_upstream",
    "service_config_id": "config-test",
    "log_message": "1.api_gateway_example_apigateway_test_develop_cloud_goog.PostApp is called",
    "location": "us-central1",
    "api_version": "1.0.0",
    "api_method": "1.api_gateway_example_apigateway_test_develop_cloud_goog.PostApp",
    "timestamp": 1654780608.3517172,
    "service_agent": "ESPv2/2.35.0",
    "api_key_state": "NOT CHECKED"
  },
  "httpRequest": {
    "requestMethod": "POST",
    "requestUrl": "/login",
    "requestSize": "1225",
    "status": 308,
    "responseSize": "853",
    "remoteIp": "34.96.60.110",
    "latency": "0.028s",
    "protocol": "http"
  },
  "resource": {
    "type": "api",
    "labels": {
      "project_id": "test-develop",
      "method": "1.api_gateway_example_apigateway_test_develop_cloud_goog.PostApp",
      "location": "us-central1",
      "version": "1.0.0",
      "service": "api-gateway-example.apigateway.test-develop.cloud.goog"
    }
  },
  "timestamp": "2022-06-09T13:16:48.351717270Z",
  "severity": "INFO",
  "logName": "projects/test-develop/logs/api-gateway-example.apigateway.test-develop.cloud.goog%2Fendpoints_log",
  "receiveTimestamp": "2022-06-09T13:16:50.358653267Z"
}

We do enforce HTTPS. I don't have any issues on Postman with this request, but I can't get it to work here. Is there any other information I can provide to help?

Hi @brunoban ! Could you share the resource setup page and an example request that is failing?

Since resource requests are sent from the backend server, in most cases a redirect isn't possible unless explicitly set up in the resource setup page (examples being an OAuth2 or Custom Auth flow). Is the expectation that a request to https://api-gateway-example.example.com/login/* *with a password included, should return some authenticating token? Or does the API gateway expect the user to be redirect to log in?