I test it in public app, it work correctly.
There are some limitation in public app.
Custom Authentication in Public Apps
Like OAuth 2.0 and other SSO based auth options, custom auth workflows store defined variables using a relation with the authenticating user's Retool account. Because public app viewers do not use a retool account, custom auth is not supported in public apps.
Pls debug your firstload.data is correctly got?