"Payload has transformed the way our clients manage content. It's an indispensable tool for any modern agency."
Get the resources you need to start building today
Microsoft chose Payload to tell the world about AI.
Using a custom domain to point to cloud run instance hosting payload server not allowing auth
Hey Payload team,
I'm currently hosting my payload server on a google cloud run instance, i am using firebase hosting to point a custom domain to the end point, upon login in with an admin account I get the error "Unauthorized, you must be logged in to make this request. You are not allowed to access this page".
When i use the direct url for the endpoint provided from google cloud run with the same payload admin account it works.
@946299884070375424
My investigation so far... does the
serverURLneed to be the exact domain and not a hosted url? docs found here
https://payloadcms.com/docs/configuration/overview#using-environment-variables-in-your-config@364124941832159242
hey sorry for the tag, just needed some help here since the threads going stale 🙂
yes, the serverURL needs to be the actual URL (with https) that you access the Payload admin with
you should also be able to leave it undefined if you don't know the serverURL - BUT if you do leave it undefined, then you need to whitelist the domains you'll be using in the
csrfproperty of the Payload config
because we only accept auth cookies from either serverURL or explicitly whitelisted domains in csrf array
for security reasons
cc:
@946299884070375424thank you and appreciate you getting to this question
Thanks
@364124941832159242, that helped me out also.
of course! 💸
- @364124941832159242
hey adding in the serverURL didn't work, do we have to add it both to
serverURLand the
csrf
@178109250806087680did it work for you?
All I had to do was add the serverURL in and make sure that matches the URL where you are hosting the application.
do you know if it supports the subdomain
or the actual base domain
@178109250806087680It supports subdomains. So if your url is
https://cms.mywebsite.comthen that is what you need to enter into the serverURL
ah thank you
@178109250806087680it still doesnt work for us - maybe it might be something to do with firebase hosting a cloud run instance
Do you have the url set in the .env files?
yep - set in the .env files on cloud run
I'm not super clued up on Firebase hosting but if you can access the logs when it is building, you should be able to see where the serverUrl is pointing to. Or you can check the browser console to see where the API calls are being made to
sweet, for now i just redirected it to the main url on the firebase hosting
so atleast its friendly to remember
that works for now
@178109250806087680thanks
All good 🙂
Star
Discord
online
Get dedicated engineering support directly from the Payload team.