APPLICATION_URL variable after change of Admin backend URL

We have changed the backend URL for our production environment. We have changed the “Admin backend URL” value in the Settings area of the site according to reflect the new URL and the site works as expected.

I noticed that the deployed backend still had the old URL in the APPLICATION_URL environment variable so I amended it to the new URL and re-deployed the backend.

Expected behavior

The correct URL stored in the APPLICATION_URL environment variable on the backend server would enable the user to authenticate and use the site.

Actual behavior

All users see a “Cannot authenticate you” message repeatedly despite entering correct credentials. This message is consistent with an incorrectly set APPLICATION_URL.

Reverting the APPLICATION_URL environment variable back to the old URL allows users to authenticate and use the site as expected.

Failure Logs

The logs do not show anything besides a POST /forest/authentication request returning a 200 response.


Please provide any relevant information about your setup.

  • Package Version:
  • Express Version:
  • Sequelize Version:
  • Liana Version: 7.3.1
  • Node version: 10.24.1
  • Database Dialect: Postgres
  • Database Version: 12
  • Project Name: Oak National Academy

Hi @Ian_Kynnersley,

Thanks for pointing out this detail.
It’s perfect if your project is working now, I am asking my teammates what should be the cause of this.

Hi again @Ian_Kynnersley,

You may have a static client ID, right? Please generate again your client ID.
That’s why your old URL is validating authentication requests, and the new URL fails.

js documentation
rails documentation

Please note than your need a static client ID only when you scale your API on multiple instances. If it’s not the case (you have one API instance) but you have a FOREST_CLIENT_ID variable configured, you can just remove it.


Thanks @Sliman_Medini

Let me know if you make a fix that means I need to update my config to keep things working!


@Ian_Kynnersley, the action is already on your side:

  • Do you have a FOREST_CLIENT_ID defined in your environment variables?
  • Yes, and you have multiple server instances (on production):
    • regenerate the FOREST_CLIENT_ID using the documentation link above
  • Yes, and you have one server instance (on production):
    • drop the FOREST_CLIENT_ID which is useless in this case


Ah sorry - for some reason I only saw a notification for your first message and not the one about the CLIENT ID and I replied directly from the email notification :man_facepalming:

I’ll look into this. I added the CLIENT_ID because I couldn’t get the application to load without it and that fixed the issue at the time. I’ll try removing it again and see what happens.

Thanks again for your help. The answer was to re-create the FOREST_CLIENT_ID with the new APPLICATION_URL value. We are hosting the backend as an auto-scaling container in Cloud Run and this does seem to need the FOREST_CLIENT_ID to be there