Custom authentication login is not working

I created a custom authentication login resources and have added a auth workflow, refresh auth workflow and auto trigger so that whenever someone open a retool app, our custom login modal will popup and after successful auth the retool app content will load. I tried replicating this flow on one of my retool app ( https://airblack.retool.com/apps/command_center ) but the custom auth login model is not opening everytime when someone lands on this page. Also, the modal closed after wrong auth (Ideally it shouldn’t close till the login is success).

Hi @sanjeet!

Could you share your resource setup page, so we can see what might be going wrong here?

The name of my custom auth resource is MyAdminAuthAPI. I have attached screenshots for the same.

Hi @ben !
I am still facing the same issue. Can you please look into this issue or else Is there some other way?

Few more questions for context (it’s difficult to tell without seeing the entire flow):

  • Is this a public app?
  • What are the auth steps in the flow?
  • What is the auth trigger?
  • What status code is returned to Retool when it is a failed auth request?

Yes, it’s a public app. We have used custom auth with 3 steps for authentication. First one is a login form which ask username and password. Second one is the Api call for validation the credentials and the last one is storing the token in a variable. We have used login with test method for auth trigger with a api call to verify if the token is expired or not.

I was told yesterday that a public app can’t have a custom auth. This is a problem for us because we need the ability to have custom auth in a public app, but this is very cost prohibitive.

@sanjeet @snapcom

Correct, public apps can’t have authenticated resources – there is no current_user for Retool to attach the auth credentials to. Public apps are ideal for dashboards with non-sensitive / read-only data, or potentially lightweight data collecting forms.

1 Like

Will this work properly after making the app private ?

Nothing really sticks out on from the screenshots, so I don’t see why it wouldn’t work. You should be able to use this when accessing the resource through Retool. When you run the test auth workflow, does everything display as expected? What is the status code returned by your api requests for the if the login or test trigger is unsuccessful? (Needs to be a non 200 code, in order for Retool to know it failed).