List of cookies to forward

I cannot understand how forward cookies by webhook to same domain for authorization

Hi @Dmitriy_Fedotov! Thanks for reaching out.

If you haven't already seen it - and if I'm understanding the question - this page in our docs is a good place to start! Note that setting this up does require that you be on a self-hosted instance.

Beyond that, I'm curious to know more about your use case and would appreciate it if you expanded on your original post. In particular, I'm not sure I understand how webhooks play a role in this.

Hi
I cannot understand how to configure my resource for Forwarding cookies
I cannot understand how to read the documantation for Forwarding cookies that are pre-set on your domain - because that the resource not have field 'List of cookies for forward'

Please help!

The webservice is like API hub - someone could send request with cookies and I need foolow the cookies to other service for checking.

Ah got it. :+1: You're right that the docs are not very clear about that. The field you're looking for is hidden within the Session Based Auth option.

1 Like

Thanks for fast answer!
But it is doesnt work

In the field must be inputed name of cookie, I did it and it is doesnt work.
I tried many options and it is still doesnt work.

Hm okay. :thinking: Just to be sure I understand your goal, you want specific cookies that are set on the client to be forwarded with the resource query, right? I mentioned this earlier, but this requires that you run a self-hosted instance and set the FORWARDABLE_SAME_DOMAIN_COOKIES_ALLOWLIST environment variable.

Have you already tried this?

Hello
Yes, I want specific cookiesw
My FORWARDABLE_SAME_DOMAIN_COOKIES_ALLOWLIST environment variable

Its running on same host

My source

Ah okay - thanks for sharing some screenshots. It looks like you've defined a config var instead of an environment variable, which is probably the root of your issue.

Environment variables need to be set in at a lower level, in either your docker-compose.yml or values.yml file. The former is for a Docker deployment and the latter is for a Helm deployment.

You can see below how to set environment variables in docker-compose.yml, for example.

Added
retool_user@retool-58d699fbb6-872pk:/retool_backend$ env | grep FORWARDABLE_SAME_DOMAIN_COOKIES_ALLOWLIST
FORWARDABLE_SAME_DOMAIN_COOKIES_ALLOWLIST=authTokenEd43Nf1

but it still doesnt work

I notice that you're currently querying this resource as a step in a workflow. For the purpose of testing, can you check to see whether you're able to execute a query against this resource from within an app?

I am testing the request exclusively through Postman
The workflow a like api with our system, so it is not relevant to execute the workflow from application

This is starting to make more sense! Thanks for clarifying. My guess is that we'll need to explicitly set the necessary cookie when initiating the request within the workflow, given that it's happening server side.

Let's try the following:

  1. Send the cookie view the Postman request used to trigger the workflow
  2. Inside the workflow, parse the startTrigger to pull out the cookie and explicitly set it on the request to your API.

Hi
I follow the cookies not by header.

Ah interesting. :thinking: How do you pass cookies, then, if not by header?

I created the cookie, but it is not being included in the headers parameter.

The Cookie header will be automatically generated by Postman, but only if the domain associated with the configured cookie matches the domain of the outgoing request.

Ok - Cool!
The cookies have been sent from the domain x, while the Retool workflow is running on a subdomain, retool.x. However, the cookies are not visible in the workflow request.
Let me know if you’d like to add further details or ask for specific guidance!

Nice! Glad to hear it. If you've verified that the cookies are being sent with the Postman request, you should be able to access them within the workflow as startTrigger.headers.cookie.

I wanted to let you know that I’ve successfully found a way to manually fetch the cookie I need, but unfortunately, the automatic cookie handling solution you provided doesn't seem to be working as expected.