We are currently on the business plan, and have around 200 users. Most of my users have internal access to apps in view only mode. My same users are also using ‘embedded’ apps using an authenticated URL when viewing through our CRM application. It seems though im getting double charged since the embedded app is using a separate authentication mechanism in the background and not actually the user logging in - which i want to keep so it appears seamless to them.
Essentially my question is how can i have a user with a login - access an ‘embed url’ and not then consume 2 licenses? Am i building my auth url incorrectly?
Hey there @msd5079 Good news, you shouldn't actually be consuming two licenses for the same person. When an existing internal user authenticates through an embed flow, Retool recognizes them and doesn't create a duplicate user, as long as the identifier you pass in matches their existing account. Referencing our Retool staff from another topic here:
If it looks like you're being double-counted, the most common cause is a mismatch between the identifiers in your embed URL and the user's internal account. That makes Retool provision a separate user for the embed session.
A couple of quick things to check:
Are you passing the same email (and/or externalIdentifier) in the embed URL as the user's internal Retool email?
On your Users page, do you actually see duplicate entries for the same person, or is this based on the billing summary?
If you can share a sanitized example of how you're constructing the embed URL (specifically the auth payload), we can pinpoint where the mismatch is. Thanks!
