Gotrue js error - "This endpoint requires a Bearer token"

vdadfar · April 29, 2020, 9:49pm

Anyone experience this issue?

When accessing my site on mobile Firefox, I am unable to log in through GoTrue js. The response error I get is “This endpoint requires a Bearer token”. This does not happen on desktop or any other browser that I’m aware of.

Dennis · April 30, 2020, 7:49pm

Hi @vdadfar, if you are using the netlify-identity-widget or your own widget uses the nf_jwt cookie, it may be your browser has cookies support disabled by default. You could try enabling it as mentioned here: Enable or disable cookies on Firefox for Android | Firefox for Android (ESR) Help. Hope that helps.

vdadfar · May 8, 2020, 5:14am

Hi @Dennis,

I am using my own gotrue-js widget, which does take advantage of the nf_jwt cookie. Turns out this issue is not limited to iOS Firefox, as it occurs on iOS Chrome and both iOS and Mac Safari as well. I’ve made sure all browsers are accepting cookies, and verified with this demo: JavaScript Cookies

Any other ideas on what it could be? Debugging reveals that a call was made to .netlify/identity/token which returned a 400 and the following:

{
  "error": "invalid_grant",
  "error_description": "Invalid Password"
}

and a call to .netlify/identity/user returned a 401 with the following:

{
  "code": 401,
  "msg": "This endpoint requires a Bearer token"
}

Not sure if this means anything, but a valid user token was sent to /user, but the Authorization for /user was basic, not bearer. I can provide more information on the requests if needed.

vdadfar · May 9, 2020, 4:48am

For anyone who might be having this problem, it turns out that the basic auth on my site was interfering with requests, replacing the authorization field with an encoding of the username/password. Removing that auth remedies this issue

vdadfar · May 9, 2020, 2:12pm

Also, for those who want to keep their auth, including the field “credentials: omit” in your request’s options resolves the issue.

awakash · May 25, 2020, 4:29am

I’m still running into this issue even though I don’t have basic auth setup, any ideas what could be the problem?

Dennis · May 25, 2020, 5:43pm

Hi @awakash, if you don’t have basic auth enabled, I presume that your issue is not the same as what is in this thread. Could you start a separate topic with as much details to help us point you in the right direction?

awakash · May 26, 2020, 3:28am

I ended up creating a new personal access token on Github to fix the issue, Sign in to GitHub · GitHub.