I have embedded my Retool app (in an iFrame) and when testing the app I found that invalidateCache-calls don't work. They do however work when I run the same app, with the same user, in non-embedded mode.
And if I check that Network response I see:
{
"success": false,
"message": "Authentication failure. Missing access token",
"triggerOauth2SSOLoginAutomatically": false,
"triggerSamlLoginAutomatically": false
}
Note that everything with the parent and the app itself works great, except invalidateCache-calls. Those are the only ones where we get the issue I described.
Good to hear that everything else in the parent and app are working fine. So you are making other calls to the Retool backend API that are also Auth protected and those are working.
If so, this sounds like a route specific bug for the /invalidateCache endpoint, which I can report to our engineer team.
No worries. The tickets are tracked internally so as soon as the engineers update the status or post any comments on the ticket I will see this and be able to update you in this thread!
It looks like they are discussing how recent consolidations of our auth middleware should now be working for embedded auth. So this may be a bug that snuck through and needs some work to patch
Any news with this issue?
I'm experiencing it too.
Invalidation works in editor but not in an iframe.
AFAIU the user is recognized since I'm able to show his attributes.
Thanks for your +1. I see that you chatted with my teammate internally as well. We've had trouble reproducing this, so we haven't been able to move forward on a fix. Any further details you can share about your set up may help us narrow this down