Getting "Gateway timeout" error while logging into forest admin

Hi team,
We are getting the following error in BE logs while logging into the forest admin portal in Production environments
“Gateway response type: DEFAULT_5XX with status code: 504”
PFB the screenshots


Note that it is failing only in Production environment under the project.

Due to which, the authentication and subsequent apis are failing

  • Project name: Yubi Invest - B2B2C (Unlisted)
  • Team name: Ops - Super Admin
  • Environment name: Prodcution
  • Database type: Postgress

And, if you are self-hosting your agent:

  • Agent technology: Ruby on Rails
  • Agent (forest package) name & version (from your .lock file): forest_liana (7.7.0)

Hello @Ajith,

Could you please share the request and response (if any) of the failing /authentication call we can see in your screenshot.

Do you have any logs on your production environment agent when trying to connect ?

Hi @dogan.ay,
We are getting CORS issue while authentication API is called.

We are using AWS API gateway for routing for the backend, where are setting the CORS configuration.
We are getting the same error if we specify the exact value for ‘Access-Control-Allow-Origin’ as “https://app.forestadmin.com”.

Can you help here to debug?

Note that it was working fine before with ‘Access-Control-Allow-Origin’ as *

Hello @Ajith

This may have popped up recently as security policies evolve and get stricter.

Could you try to set your custom domain as value ? https://partner-api.yubbiinvest.com

You might also want to check the environment variable configured in your agent to ensure the value is also present in the CORS_ORIGINS variable.

Hi @dogan.ay
We have set the custom domain name for our AWS API gateway as ‘https://partner-api.yubiinvest.com’. And note that the same is being used for other services. i.e it is working fine.

Also, there is no value set with the environment variable CORS_ORIGINS.
We are using RoR for the forest admin service.


Note that the same configurations are present in other environment “QA” of the same project.
And it is working fine without any error

Sorry I got confused there and thought you had a custom domain setup, indeed you would not need the CORS_ORIGINS var env then.

Are you able to see any logs on your agent when accessing the frontend ?
Is there any difference in the setup between your QA and prod envs ?
If nothing else, do you have a date in mind of when this started happening ?

Hi @dogan.ay,

  1. Yes, Till now, we have not needed to set up anything in CORS_ORIGIN.
  2. We are able to see logs from the Backend while hitting from the frontend as well as from other api tools like POSTMAN. We are getting the below error

    Do you know what causes this?
  3. This issue is happening from around April 10th, 2025

Could you confirm to me the last 4 chars of your FOREST_ENV_SECRET in both QA env and Production env.

From the logs of our server I can see that your QA env is making requests, but I cannot see a single call made with the FOREST_ENV_SECRET of your production environment.

PFB Last 4 characters of FOREST_ENV_SECRET
QA: 3568
PROD: f5bd

I can confirm then that on our side we do not have any log with your PROD env secret, I would suggest you to look into your AWS config that could cause error or impede the network between your agent and Forest Admin Servers.