https://www.ory.sh/ logo
Powered by
r

rough-energy-65470

02/25/2022, 8:09 AM
Hi, I have set up kratos with an auth app on x.domain.com and I have a return url for y.domain.com that requires me to get the valid cookie from x.domain.com. I'm looking at this and it says I can definitely do it: https://www.ory.sh/docs/kratos/guides/configuring-cookies Are there any examples in nextjs for this? I'm using the ory sdk like so in the y domain app to check if I'm authenticated: 
ory.toSession(undefined, ctx.req?.headers["cookie"]).
when i console log the ctx.req.headers my cookie is undefined
d

damp-sunset-69236

02/25/2022, 8:24 AM
Hello. For you case you need to setup session.cookie.domain variable in your config
Copy code
session:
        cookie:
          domain: <http://domain.com|domain.com>
Also, it’s good to have these configuration for you
Copy code
<http://kratos.domain.com|kratos.domain.com> -- kratos API
<http://auth.domain.com|auth.domain.com> (auth UI)
<http://x.domain.com|x.domain.com> 
<http://y.domain.com|y.domain.com>
In addition you can check out ‘Advanced Base URL, CSRF &amp; Session Cookie Settings’ guide
r

rough-energy-65470

02/27/2022, 10:41 PM
Thanks for the response Andrew 🙂
w

wet-church-60607

02/28/2022, 12:42 AM
Hey. So if we have this in the config:
Copy code
session:
  cookie:
    domain: <http://platform.our.domain.com|platform.our.domain.com>
This will set a cookie that is usable on:
Copy code
<http://x.platform.our.domain.com|x.platform.our.domain.com>
<http://y.platform.our.domain.com|y.platform.our.domain.com>
given that we have:
Copy code
<http://auth.platform.our.domain.com|auth.platform.our.domain.com>
<http://kratos.platform.our.domain.com|kratos.platform.our.domain.com>
Is that right?
d

damp-sunset-69236

02/28/2022, 11:28 AM
Yep. That’s right
r

rough-energy-65470

02/28/2022, 11:33 PM
Cheers for that Andrew. For anyone also following this, we are using Nextjs with the ory kratos sdk. We needed to force the domain in nextjs:
Copy code
// @ory/integrations offers a package for integrating with NextJS.
import { config, createApiHandler } from "@ory/integrations/next-edge";
import getConfig from "next/config";

// We need to export the config.
export { config };

const { serverRuntimeConfig } = getConfig();

// And create the Ory Cloud API "bridge".
export default createApiHandler({
	apiBaseUrlOverride: serverRuntimeConfig.ORY_KRATOS_URL,
	forceCookieDomain: serverRuntimeConfig.BASE_DOMAIN,
});
7 Views
Powered by