Im using oathkeeper and backend service in the following arc Ory Community #talk-oathkeeper

Im using oathkeeper and backend-service in the fol...

dry-guitar-60278

06/08/2021, 2:01 PM

Im using oathkeeper and backend-service in the following arch. Ingress Ngnix -> oathkeeper -> backendservice Im also using Ory Kratos for identity management and session token (cookie). I have the following issue, 1. When sending request from postman along with

Cookie:'ory_kratos_session=MTYyMzA4MzA5OHxEdi1CQkFFQ180SUFBUkFCRUFBQVJfLUNBQUVHYzNSeWFXNW5EQThBRFhObGMzTnBiMjVmZEc5clpXNEdjM1J5YVc1bkRDSUFJRWh1TkRGRGJqbFZaRmRoYUdsRU5FNTNSVU0We_krbQTUeAfbRFs4pvxKl88JNVamfQfHv8mqe2Btg=='

in header to our backend service over oathkeeper works 2. But nothing works from browser application. I always get 401. Api request code is given below

Copy code

const requestOptions = {
    method: 'GET',
    headers: { 'Content-Type': 'application/json' ,cookie: 'ory_kratos_session=MTYyMzA4MzA5OHxEdi1CQkFFQ180SUFBUkFCRUFBQVJfLUNBQUVHYzNSeWFXNW5EQThBRFhObGMzTnBiMjVmZEc5clpXNEdjM1J5YVc1bkRDSUFJRWh1TkRGRGJqbFZaRmRoYUdsRU5FNTNSVU0We_krbQTUeAfbRFs4pvxKl88JNVamfQfHv8mqe2Btg=='},
  };

 fetch(url, requestOptions)
    .then(checkStatus)
    .then(parseJSON);

I also found out that the cookie in header is not set when requesting from browser. Does anyone know what i am doing wrong ?

dry-guitar-60278

06/08/2021, 2:55 PM

Copy code

const requestOptions = {
    method: 'GET',credentials: 'include',
    headers: { 'Content-Type': 'application/json'},
  };

3 Views

Open in Slack

Previous Next