I am trying to replace an in-house React app with a Retool app. Our app backend uses AWS Cognito and AppSync GraphQl.
Desired outcome:
- My existing customers arrive at a Retool landing page.
- They are prompted to authenticate.
- Retool redirects the user to my hosted Cognito login.
- Auth tokens received, everyone high-fives and gets to work.
I cannot for the life of me get this working. I have a GraphQL resource using OAuth 2.0 Authentication:
- I can hit 'Connect with OAuth' and I am directed to
oauth.retool.com/oauth/authorizeand an 'authenticate' prompt is shown.
- Clicking 'authenticate' redirects to Cognito, and I authenticate with username/password.
- I am redirected back to the resource, and my authentication status is shown as 'Connected'
- I can check my authentication status using the test endpoint and get confirmation.
I set 'Branding' to use a simple app to test authentication. It has:
- An authLogin button configured to call my GraphQL/OAuth2 resource.
- A query that tries a simple GraphQL query and detects authentication status on the basis of an HTTP 200 (or not) response code.
So far so good. This simple authenticate/am-i-authenticated flow works fine if I am trying it from Editor mode when logged-in to Retool.
PROBLEM: When I try this with one of my test user accounts direct from my public URL, the authLogin button redirects to oauth.retool.com/oauth/authorize and I get the message:
Here is the error: JsonWebTokenError: jwt malformed
What is causing this issue?
