resumeToken is ignored

igor-afterlogic · June 1, 2021, 11:08am

We’re integrating RocketChat in our application. We were able to use the Iframe authentication approach, but it’s not exactly perfect for our needs, ideally we need authToken transmitted in the URL when opening RocketChat tab/window.

We’re getting authToken via REST API, and we’ve attempted to use resumeToken approach mentioned at:

But that doesn’t seem to work, we’re only getting a login page. We’re able to log in using the same token by entering this in console:

localStorage.setItem('Meteor.loginToken', '...');

So the token itself looks valid. Are we maybe missing a configuration option to enable the use of resumeToken?

We’d highly appreciate all the help.

john.crisp · June 1, 2021, 4:18pm

Hi.

Isn’t that effectively a GET? I’m not sure that is very secure?

I think most API calls require a POST for security?

Someone may pop along later with some more info.

Julien · October 5, 2021, 10:33am

We have been experiencing the same issue here after upgrading to Rocketchat 4.0. resumeToken does not seems to work anymore! We were using this parameter to authenticate to the iframe after querying the login endpoint.
As a consequence, this breaks the integration we have made around the Rocketchat embedded iframe.

Any help would be highly appreciated.
Thank you

Topic		Replies	Views
Need guide in integrating RocketChat to my website Community Support	3	6196	June 18, 2020
I need help understanding IFRAME Auth Community Support	0	709	October 1, 2020
Autologin iframe in website Development projectideas , rocketchat-apps	11	1964	April 20, 2022
Authenticating via iframe based Single Sign On, in NodeJS? Development	0	887	December 21, 2020
Rocket Chat Iframe Throwing Errors While Loading Community Support rocketchat-apps	0	1411	July 16, 2020

Join our Community Open Call tomorrow where we'll share more details regarding recent changes and answer questions about updating your workspace to the latest Rocket.Chat

resumeToken is ignored

Related Topics