Hello,
After recent upgrade to 3.148 we've started encountering issue with authentication URL, this is URL created by Retool:
"https://..co/oauth2/authorize&prompt=none?state=48f42127-d55d-46ef-8a74-ecca522436f3&response_type=code&access_type=offline&redirect_uri=https%3A%2F%2Furl.domain.co%2Foauth%2Fuser%2Foauthcallback&prompt=none&client_id=5983333bst7qdimhi7d2gotj71&scope=profile%20openid&audience="
This url is generated based on auth request with auth0, it has incorrect locatuon of "prompt" which starts with "&" which should not come before "?"
authorize&prompt=none?sta
- The base URL and query parameters are not properly separated. The '&' symbol should come after the query parameters, not before.
- The 'prompt=none' parameter is repeated.
That started happening only after upgrade to new version and did not happen before.
Hi @Stanislav_Arzhilovskiy ,
I will look into this. Meanwhile, can you send me your har file from your network tab in your developer tools when this request is made?
Thanks!
@Stanislav_Arzhilovskiy,
Can I also see a screenshot of the authentication configuration for your resource?
Thanks!
@Sunny_Yang,
Can you please tell me what version of Retool you are on?
@Sunny_Yang,
Can I also see a screenshot of your resource config? Thanks!
it is not allow me to send har file
@Sunny_Yang , what version of retool are you on? Also, can you send me a screen shot of the configuration for your resource?
@Sunny_Yang ,
Can you cross out or cover up your secrets information in the screenshot with a photo editor? Like this:
or @Sunny_Yang, you can send it to me directly. You can send directly to me on this forum or to my email at lindakwoo@retool.com. Also, can you tell me what version you were on before you upgraded to 3.148 when this problem started occuring?
@Sunny_Yang and @Stanislav_Arzhilovskiy,
I believe I have found the issue with your url. I need to turn on a feature flag for your instance which will hopefully resolve the issue, but I will need your license key. You can find it in your Docker.env file or if you go to my.retool.com you can find it there. Thanks.
@Stanislav_Arzhilovskiy and @Sunny_Yang:
I have enabled the oauthDisableOldAuthUrlPromptParameterLogic feature flag on your instance. In order to make it active immediately, you will need to go to your Advanced Setting page and click on the Check key button:
Let me know if this fixes things for you.
thank you @lindakwoo I think it is working now. thank you so much again for all the help.
