Payload Cloud Custom Domain Not Working

default discord avatar
dengusdanny
4 months ago
50

I'm enjoying using Payload CMS and Cloud so far! A lot to learn, but very powerful and promising platform!



I tried adding a custom domain for my backend with a subdomain 'backend' on a CNAME, as recommended by the platform. I've checked propagation and it looks good there, but for some reason, when I navigate with the custom domain, I get a loader that never goes away. The Payload Cloud-generated URL works just fine.



Maybe there's a admin security that I'm missing?


Thanks in advance



any insight on this?

  • discord user avatar
    denolfe
    Payload Team
    3 months ago

    Hey @dengusdanny , let me take a look



    Can you provide your project ID from Settings -> Billing?

  • default discord avatar
    dengusdanny
    3 months ago

    646ed86475c8b23268db88f0



    Sorry for the late response

  • discord user avatar
    jmikrut
    Payload Team
    3 months ago

    do you have a

    serverURL

    set?



    and / or

    cors

    or

    csrf

    ? if you open the network panel of your payload admin dashboard, i'm guessing you have some type of CORS error



    i will check into your project specifically tomorrow with the team, but in the event you can troubleshoot further in the meantime, i would look at the browser console / network panel to see if you can identify what the issue is. my money is on a CORS issue for sure



    make sure you whitelist your custom domain in both CORS and CSRF (including https)

  • default discord avatar
    dengusdanny
    3 months ago

    I added it in in the Payload config, but that didn't seem to make a difference

    image.png
  • discord user avatar
    jmikrut
    Payload Team
    3 months ago

    Woah, Chicago?



    I lived there for much of my 20s. Anyway, we will look into this now for you





    this is the error in your console



    it's making a fetch to the default domain,

    from

    your custom domain



    what is your

    serverURL

    set to?

    image.png
  • default discord avatar
    dengusdanny
    3 months ago

    haha it's a client


    i'm trying to kill Wordpress in this industry forever with y'alls hardwork



    hard work*



    app is rebuilding now



    it's working, i needed to add it to the CSRF as well





    in the Cloud starter template, there is very clever ways y'all have written things and i didn't catch this



    sorry for that


    but I am genuinely impressed by everything y'all are doing at payload and i hope it flourishes


    thanks again for the help



    On a side note, in the Payload Cloud dashboard, the 'TRIGGER REDEPLOY' part is no longer showing the most recent commit to main branch, despite it having rebuilt. Build/deploy logs aren't showing and console has this:



    the problem was fixed so i know it rebuilt, but just to flag that for you

    image.png
    image.png
  • discord user avatar
    denolfe
    Payload Team
    3 months ago

    @dengusdanny Thank you for the report. Looking into this now

  • default discord avatar
    dengusdanny
    3 months ago

    Sorry to bother you all again, but for some reason, when I try to log in from the custom URL, rather than the Payload Cloud-generated URL, I get this message:



    I've created an additional user account, but that doesn't seem to make a difference either.

    image.png
  • discord user avatar
    jmikrut
    Payload Team
    3 months ago

    If you ever see the "Unauthorized, you must be logged in to make this request" that means that your auth cookie is not being set or accepted correctly upon logging in.



    Check the following settings in your config:



    -

    cors

    - if you are using the

    '*'

    , try to explicitly only allow certain domains instead including the one you have specified.


    -

    csrf

    - do you have this set? if so, make sure your domain is whitelisted within the

    csrf

    domains. if not, probably not the issue, but probably can't hurt to whitelist it anyway


    - cookie settings. if these are completely undefined, then that's fine. but if you have cookie domain set, or anything similar, make sure you don't have the

    domain

    misconfigured



    basically, this error probably means that

    the auth cookie that Payload sets after logging in successfully is being rejected because of misconfiguration.


    from there, here's how you can tell what the issue is:



    1. Go to the login screen. open your inspector and go to the Network tab


    2. Log in, and then find the

    login

    request that should appear in your network panel. Click the

    login

    request


    3. The

    login

    request should have a

    Set-Cookie

    header on the response, and the cookie should be being set successfully. If it is not, most browsers generally have a little yellow ⚠️ symbol that you can hover over to see why the cookie was rejected



    i'm guessing your login response cookie is getting rejected

  • default discord avatar
    dengusdanny
    3 months ago

    go on cors, csrf, and no cookies set, here is the warning for the set-cookie in response header

    image.png
  • discord user avatar
    jmikrut
    Payload Team
    3 months ago

    ok so you are hitting the

    login

    endpoint at a different URL than the URL that is in your browser, and the cookie is treated as a third-party cookie, which is blocked



    what is the URL of the login request and what is the URL of the admin panel in your browser

  • default discord avatar
    dengusdanny
    3 months ago

    the request URL is the payload-generated one, but the response headers 'access-control-allow-origin' is the desired custom domain (backend.rahmforcongress.com)

  • discord user avatar
    jmikrut
    Payload Team
    3 months ago

    how come the request url is the payload-generated one?



    that should be

    backend.rahmforcongress.com

    as well



    check your config's

    serverURL


    that should be

    backend.rahmforcongress.com

    - right?

  • default discord avatar
    dengusdanny
    3 months ago

    so completely removed any mention of the payload generated url from the config whatsoever?

  • discord user avatar
    jmikrut
    Payload Team
    3 months ago

    yes—if you are not using it to access your admin UI or APIs, and have a custom domain set up instead, then you should not have it present in your config

  • default discord avatar
    dengusdanny
    3 months ago

    appears to be working, thanks again for your help and patiently answering my questions!



    Just a heads up as well, when I push a change to the main branch the build logs show up for a bit then disappear, i'm happy to submit a report wherever needed

  • discord user avatar
    jmikrut
    Payload Team
    3 months ago

    i think we've actually already fixed that! (fix is not live yet, but will be soon)



    BUT if it continues to happen, yes, please do open an issue here:



    https://github.com/payloadcms/website


    @denolfe see above

  • default discord avatar
    dengusdanny
    3 months ago

    thanks again

Open the post
Continue the discussion in Discord
Like what we're doing?
Star us on GitHub!

Star

Connect with the Payload Community on Discord

Discord

online

Can't find what you're looking for?

Get help straight from the Payload team with an Enterprise License.