I have a mobile app (react native) that is authenticating via credentials. Prior to upgrading SS to 6.4.1 from 5.10 the response contained the bearer token and now it does not. We didn’t make any changes to the mobile client, it basically sends:
var request = new dtos.Authenticate()
request.userName = payload.email.value
request.password = payload.password.value
request.provider = 'credentials'
I know that the service won’t return the token if one is already authenticated but there must be some change from 5.x to 6.x that I’m missing?
I can actually see the difference from prod (6.4.1) to dev (5.10) right now.
Return from dev:
{
"userId": "5e2f0aad-a709-4683-b8ba-2dd4e62a1522",
"sessionId": "abc",
"userName": "redacted",
"displayName": "Super Admin",
"referrerUrl": null,
"bearerToken": null,
"refreshToken": null,
"profileUrl": "data:image/svg+xml,%3Csvg width='100' height='100' viewBox='0 0 100 100' xmlns='http://www.w3.org/2000/svg'%3E %3Cstyle%3E .path%7B%7D %3C/style%3E %3Cg id='male-svg'%3E%3Cpath fill='%23556080' d='M1 92.84V84.14C1 84.14 2.38 78.81 8.81 77.16C8.81 77.16 19.16 73.37 27.26 69.85C31.46 68.02 32.36 66.93 36.59 65.06C36.59 65.06 37.03 62.9 36.87 61.6H40.18C40.18 61.6 40.93 62.05 40.18 56.94C40.18 56.94 35.63 55.78 35.45 47.66C35.45 47.66 32.41 48.68 32.22 43.76C32.1 40.42 29.52 37.52 33.23 35.12L31.35 30.02C31.35 30.02 28.08 9.51 38.95 12.54C34.36 7.06 64.93 1.59 66.91 18.96C66.91 18.96 68.33 28.35 66.91 34.77C66.91 34.77 71.38 34.25 68.39 42.84C68.39 42.84 66.75 49.01 64.23 47.62C64.23 47.62 64.65 55.43 60.68 56.76C60.68 56.76 60.96 60.92 60.96 61.2L64.74 61.76C64.74 61.76 64.17 65.16 64.84 65.54C64.84 65.54 69.32 68.61 74.66 69.98C84.96 72.62 97.96 77.16 97.96 81.13C97.96 81.13 99 86.42 99 92.85L1 92.84Z'/%3E%3C/g%3E%3C/svg%3E",
"roles": [
"Super Admin"
],
"permissions": [
"companyId:3"
],
"responseStatus": null,
"meta": null
}
Prod with no changes except upgrade:
{
"userId": "5e2f0aad-a709-4683-b8ba-2dd4e62a1522",
"sessionId": "abc",
"userName": "redacted",
"displayName": "Super Admin",
"referrerUrl": null,
"bearerToken": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiIsImtpZCI6IkZKWCJ9.eyJzdWIiOiI1ZTJmMGFhZC1hNzA5LTQ2ODMtYjhiYS0yZGQ0ZTYyYTE1MjIiLCJpYXQiOjE2NjYzODQyOTAsImV4cCI6MTY2NzU5Mzg5MCwiZW1haWwiOiJzdXBwb3J0KzMtYWRtaW5AZm[stuff removed]",
"refreshToken": null,
"profileUrl": "data:image/svg+xml,%3Csvg width='100' height='100' viewBox='0 0 100 100' xmlns='http://www.w3.org/2000/svg'%3E %3Cstyle%3E .path%7B%7D %3C/style%3E %3Cg id='male-svg'%3E%3Cpath fill='%23556080' d='M1 92.84V84.14C1 84.14 2.38 78.81 8.81 77.16C8.81 77.16 19.16 73.37 27.26 69.85C31.46 68.02 32.36 66.93 36.59 65.06C36.59 65.06 37.03 62.9 36.87 61.6H40.18C40.18 61.6 40.93 62.05 40.18 56.94C40.18 56.94 35.63 55.78 35.45 47.66C35.45 47.66 32.41 48.68 32.22 43.76C32.1 40.42 29.52 37.52 33.23 35.12L31.35 30.02C31.35 30.02 28.08 9.51 38.95 12.54C34.36 7.06 64.93 1.59 66.91 18.96C66.91 18.96 68.33 28.35 66.91 34.77C66.91 34.77 71.38 34.25 68.39 42.84C68.39 42.84 66.75 49.01 64.23 47.62C64.23 47.62 64.65 55.43 60.68 56.76C60.68 56.76 60.96 60.92 60.96 61.2L64.74 61.76C64.74 61.76 64.17 65.16 64.84 65.54C64.84 65.54 69.32 68.61 74.66 69.98C84.96 72.62 97.96 77.16 97.96 81.13C97.96 81.13 99 86.42 99 92.85L1 92.84Z'/%3E%3C/g%3E%3C/svg%3E",
"roles": [
"Super Admin"
],
"permissions": [
"companyId:3"
],
"responseStatus": {
"errorCode": null,
"message": null,
"stackTrace": null,
"errors": null,
"meta": null
},
"meta": null
}
There is a SetBearerTokenOnAuthenticateResponse = true parameter that I’ve tried setting (wasn’t set prior) and it doesn’t return the bearer token either case. I tested with postman and removed cookies on each try.