Login is failing after upgrading from v6 to v7

Feature(s) impacted

After the upgrade, the authentication is failing

Failure Logs

No logs in console, requests made successfully

Observed behavior

First auth OPTIONS request is successfully made
Second auth GET request is also successfully made

Expected behavior

Should connect to forest admin dashboard


  • Package Version: 7.0.0
  • Express Version: 4.17.2
  • Sequelize Version: 5.15.1
  • Database Dialect: MySQL
  • Database Version: 5.6.10a
  • Project Name: Elyps

Hello @emirc,

Thanks for reaching out and welcome to our community :raised_hands:

Do you use a regular login (email/password)?
Where exactly is authentication failing? Could you share screenshot/screencast of it?
Did you follow the migration documentation while migrating?


Hi @adriguy,
Thanks for your reply!
Yes I use a regular login (email/password).
Here is a screenshot of the error received
Capture d’écran 2022-02-16 à 2.50.34 PM

Logs that are shown in console (don’t think it’s related to auth though)

Mixed Content: The page at 'https://app.forestadmin.com/ELYPS/dev-cli/Dev/data/Account/index' was loaded over HTTPS, but requested an insecure favicon 'http://drive.google.com/uc?export=download&id=1kxQHn5TmCeh1KeRgIcs7483gfbHFW21b'. This request has been blocked; the content must be served over HTTPS.
data/Account/index:1 Mixed Content: The page at 'https://app.forestadmin.com/ELYPS/dev-cli/Dev/data/Account/index' was loaded over HTTPS, but requested an insecure favicon 'http://drive.google.com/uc?export=download&id=1kxQHn5TmCeh1KeRgIcs7483gfbHFW21b'. This request has been blocked; the content must be served over HTTPS.

Yes I followed the migration documentation.


Hello @emirc,
Can you please screenshot the error that you have in your tabulation Network so that I can look and understand more why you have this problem?

Hi @mian,
I don’t have errors in the Network tab, but I have some logs in the Console tab as I showed in my previous reply.
I added the APPLICATION_HOST, APPLICATION_URL and FOREST_CLIENT_ID to my env variables as mentionned in the docs.
Maybe I’m do it wrongly ?


Can you please send me the .env file without your database credentials so that I can look at the variables and check if they are well set?

Can you also please remove the APPLICATION_HOST key? (Where did you see this variable? is it in our documentation?)

Since we are using Lambda and Serverless, I thought it should be the same as mentionned in the Docker part of the docs, will remove it.

      NODE_ENV: 'prod'
      APPLICATION_URL: 'https://app.forestadmin.com'

I think that the APPLICATION_URL is incorrect. Can you try put the same url you used to set your environment (in your environment configuration)?

Changed APPLICATION_URL to use the correct url as https://xxxxxxxx.execute-api.eu-central-1.amazonaws.com/cli (/cli is the name of the stage)
I also regenerated a new FOREST_CLIENT_ID using the new APPLICATION_URL value
And now I have this error when calling the GET auth request

{"errors":[{"status":400,"detail":"The redirect uri must be one of https://xxxxxxxx.execute-api.eu-central-1.amazonaws.com/cli/forest/authentication/callback. Received \"https://xxxxxxxx.execute-api.eu-central-1.amazonaws.com/forest/authentication/callback\"","meta":{},"name":"InvalidRedirectUriError"}]}

Are you using multiple instances? if no you don’t need to set a FOREST_CLIENT_ID that is static.
Can you also check please that secret key in your environment settings is the same as your ENV_SECRET ?

Can you also try to install the version 7.12.3 instead of 7.0.0 ? npm install forest-express-sequelize@^7.12.3

Yes we do have multiple instances.
After installing forest-express-sequelize@7.12.3, I have this error

(node:46114) UnhandledPromiseRejectionWarning: Error: secret should be set

What should be the key of the secret ? Should it be added in env file like the FOREST_ENV_SECRET ?

Hi @emirc !
The error is not really clear, could you share the entire stack trace ?
Do you get the error while starting the app ? Or when try to login (if so can you tell us on which endpoint it throws ?)

Hi @Nicolas_Sailly,

Sorry if I was not clear, the error happened when trying to run forest locally (npm start) after updating the package to 7.12.3 (before deploying).
I forgot to add FOREST_AUTH_SECRET and FOREST_ENV_SECRET to the local env file.

Finally deploying the project using forest-express-sequelize@^7.12.3 fixed my auth issue and now everything works fine :rocket:

I have a question: should we change the FOREST_CLIENT_ID depending on the environment we are connected to ?

  • if I’m using DEV env I have to generate a FOREST_CLIENT_ID using the DEV APPLICATION_URL
  • If I’m using PROD env I have to generate a FOREST_CLIENT_ID using the PROD APPLICATION_URL

Am I right ?

Thank you for your time @mian and @Nicolas_Sailly

1 Like

Glad to hear your issue is solved !
If you don’t have multiple instances on your local machine, you don’t even need a FOREST_CLIENT_ID (it is needed on multiple instances only).
But between remotes envs, you should have an specific client_id yes :slight_smile:
Each environment has its specific environment variables :wink:

It was our mistake, we’ll update the documentation so that people don’t install the 7.0.0 version :slight_smile:

Yes, I’m using FOREST_CLIENT_ID only for remote envs :ok_hand:

Thank you for your answers, very helpful!