I perform authentication for my GraphQL API using the Retool Custom Auth builder.
The general flow is to create a sign-in with my auth provider, use this sign-in to create a session token, and then use the session token to create a JWT token to include in requests to the actual GraphQL API.
I make use of the Define a variable
step to store values such as the sign-in ID, the session token, and the JWT token. E.g.
Step 1. POST request to auth provider API that returns the sign-in ID
Step 2. Store sign-in ID in magic variable named SIGN_IN_ID
Step 3. POST request to auth provider API to get a session token, using the SIGN_IN_ID variable as a request query param
I use different variable names between production and staging environments (for the resource in Retool). Variables in the staging config are appended with _STAGING
, e.g. SIGN_IN_ID
(prod), SIGN_IN_ID_STAGING
When I go to test the auth flow for staging however, I receive an error like: {"errors":[{"message":"not found","long_message":"No sign in was found with id sia_2KFRlH2rKE0ysSydLL8vK7kBdiC_STAGING","code":"resource_not_found"}]}
This is happening during above step 3, the POST request to the auth provider API to get a session token, with the SIGN_IN_ID_STAGING
variable as a request param.
It looks like the variable substitution is not happening correctly, like the sign-in ID is being stored in a variable called SIGN_IN_ID
instead, and then when it gets substituted, the _STAGING
is just a regular string.
A guess from me is that this is some sort of cache issue or missed update. Originally both prod/staging environments were using the same magic variable names for all the steps except for the one storing the JWT token, which was differentiated by _PROD
and _STAGING
. I added the _STAGING
suffix because I couldn't get the Refresh Auth workflow working for staging, and I thought conflicting magic variable names between prod/staging could've been the culprit. The error from testing the refresh auth workflow for staging was "message": "{\"errors\":[{\"message\":\"Signed out\",\"long_message\":\"You are signed out\",\"code\":\"signed_out\"}]}",
I just did an experiment where I appended _PROD
to all the variables in the prod environment, and I got the same error: No sign in was found with id sia_2KFRlH2rKE0ysSydLL8vK7kBdiC_PROD
Any ideas on what's wrong here?