Does using Retool API `POST /api/embed-url/external-user` require Enterprise plan and a Custom Domain?

Goal:

Use custom auth with Retool API so we can embed private apps in our other internal sites.

Questions:

  1. Step #3 of the how-to doc involves a POST to /api/embed-url/external-user, are we able to use this endpoint on business plan?
  2. Is a Custom Domain required to hit this endpoint?

Things I've Tried:

{"error":true,"message":"You must call this endpoint from a custom domain"}
  • Looked at the API docs to see if I'm using the endpoint correctly, but I can't find the /api/embed-url/external-user endpoint in the OpenAPI spec.

Details:

We're on Retool cloud business plan

Screenshots:

2 Likes

hi @Darren! Thank you for helping me with this in office hours today, here is my post so we can dig in more.

3 Likes

You're very welcome, @sgodoshian! We enjoy the community representation at office hours.

Just to close the loop here, generating a pre-authorized embed URL does not require an Enterprise plan but does require a custom domain. It's not explicitly stated in our docs, but is implied by the following.

In order to avoid cross-domain issues, we strongly recommend that the embedded app and its parent share a common domain!