Is the /sessions/login call referrer locked?

Question

I'm making something for a community I'm active on, and I want people to be authenticated to the community when I access the page.

Looking at the documentation, a /sessions/login call without paramters would do just fine, as it would log the user in using the relevant cookies, but it doesn't work.

Does that call only work if called from the actual community domain? I am calling from a completely different domain.

Thanks,

Liam

adamn · Answer

Hi Liam,
&nbsp;
There could be a few things going on here. Are you receiving any errors when you try to make the call? If you have a web debugger in your browser, you might be able to see the status of the request and any error messages associated with it.
&nbsp;
Some possibilities that come to mind:

Certain calls are restricted to being made via HTTP POST instead of HTTP GET. The login call is one of them. So I would suggest double checking that you're making the call via HTTP POST.
Generally speaking, logging in via session cookies must be explicitly enabled for a community. It is disabled by default for better security.
You could also be running into issues with CORS (http://en.wikipedia.org/wiki/Cross-origin_resource_sharing). If that's the case, our Support team can update your community's configuration to allow access from a domain you designate.

If you have any additoinal information regarding the HTTP Status of the requests and any error messages, that might help us narrow down the issue.
&nbsp;

Forum Discussion

Is the /sessions/login call referrer locked?

1 Reply

Recent Discussions

Can someone walk me through authenticating and using Postman with Aurora?

How to modify User Login component's UI?

Creating a blog on behalf of another user - GraphQL

json query syntax matches AND OR

Date Limit in Bulk API v2 and Error with 7-Day Intervals