Base solution for your next web application
Ends in:
01 DAYS
01 HRS
01 MIN
01 SEC
Open Closed

Auth Cookie vanish on production in cross domain call #4022


User avatar
0
ajayak created

I have the following code to read the Abp.AuthToken cookie from Request:

var context = _httpContextAccessor.HttpContext;
// Getting auth token from cookies as this request is coming from Shopify instead of my app
var authToken = context.Request.Cookies.FirstOrDefault(c => c.Key == "Abp.AuthToken");

This code works perfect on development but on Production, authToken.Value is empty. I verified that the cookie is visible in dev tools but not transfered.


3 Answer(s)
  • User Avatar
    0
    aaron created
    Support Team

    Cookies are not cross-domain. That would be a security disaster.

  • User Avatar
    0
    ajayak created

    Hi aaron,

    What could be the other possible way to achieve this result? I don't have the Bearer token in the header.

  • User Avatar
    0
    ismcagdas created
    Support Team

    Hi @ajayak,

    Instead of cookies, you can use token.