v.1.0.68
Pricing Blog
Sign up
Open app
Uptime
nu%
See details
Product
Learn
Community
Pricing
Blog
Press Kit Terms & Conditions Privacy Policy Affiliate hello@nordcraft.com
All topics

Auth/me not picking up HTTP-only cookie (Xano + Nordcraft)

  • ibi_0909-1445347244243943505

    Ibi

    22 hours ago

    Hey everyone 👋

    I’m using Nordcraft + Xano to build a simple login flow. On my login page, using the “Auth/login” API, everything works: the token is returned and I set it as an HTTP-only cookie.

    However on my dashboard page, when I call “Auth/me, it fails: Nordcraft doesn’t pick up the HTTP-only cookie. The login was successful, but the token isn’t read. If I paste the token manually it works. But when I rely on Authorization: Bearer {{cookies.access_token}}, nothing happens.

    I’ve tried storing the token as a cookie, as a session-cookie, even saving to localStorage — and spent hours chatting with AI chatbots — but still no luck.

    Does anyone know what I’m missing? What should I check so that Auth/me correctly reads the HTTP-only cookie or token (or header)? Any help / insights from people using Nordcraft + Xano would be highly appreciated 🙏
    1445347244818567260-Screenshot_2025-12-02_at_10.21.47.png
    1445347245414289418-Screenshot_2025-12-02_at_10.31.43.png
    1445347245846298706-Screenshot_2025-12-02_at_10.32.04.png
    1445347246211076117-Screenshot_2025-12-02_at_10.32.52.png
    1445347246513197118-Screenshot_2025-12-02_at_10.33.06.png
  • ibi_0909-1445348042097295494

    Ibi

    22 hours ago

    Just to add for the record: this issue is not coming from the API itself. When I take the same token and test it directly in Xano, it returns the correct user data.

    So the API works fine. The problem seems to be on the Nordcraft side where Auth/me isn’t reading or forwarding the token from the cookie or the header.
  • erikbeus-1445362297659723777

    Erik Beuschau

    21 hours ago

    Hi @Ibi
    Is the API request on your dashboard for "Auth/me" proxied? You can check in the Advanced tab. If the request is not proxied, the cookie won't be replaced properly by our proxy server, and Xano would receive an invalid header.
  • ibi_0909-1445413804048384134

    Ibi

    18 hours ago

    Hi @Erik Beuschau thanks for replying. The proxy is on. And it still gives me an invalid token response.
    1445413803507322881-image.png
    1445413803855708344-image.png
  • ibi_0909-1445418393338511555

    Ibi

    18 hours ago

    I think it works. It I test it live, it works now. It doesnt show me the full token in my Paragraph. It just shows {cookie: access_token}. But it pulls data from Xano. I also tried a on Succes event to return a succes value and it did. But I don't get it why the response in Nordcraft keeps giving an error. Is this something that Nordcraft cannot access or see the token? In Youtube tutorials I followed the auth/id give a response in Nordcraft
    1445418391962914856-image.png
    1445418392252059658-image.png
    1445418392591925393-image.png
    1445418392860495914-image.png
    1445418393133121609-image.png
  • erikbeus-1445680755085672589

    Erik Beuschau

    42 minutes ago

    It's difficult to debug from the screenshots you provided. Is the project public so I can check it in the editor? Or perhaps you could DM me some login credentials so I can check the network traffic + stored cookies when logging in.
    Also, have you installed the Nordcraft browser extension? https://chromewebstore.google.com/detail/nordcraft/hfhgjncckomifajhndceigiaiojhlllp
Leave a comment
Nordcraft Co-Founders Kasper Svenning Hansen and Andreas Møller

Chat with Nordcraft

Chat with us about Nordcraft

 Nordcraft Co-Founder and CEO Andreas Møller

Call our CEO

Plan a video call with Andreas
Hello Nordcraft!

Write Nordcraft

Send us an email

Academy Blog Pricing Documentation hello@nordcraft.com
Roadmap Press Kit Terms & Conditions Privacy Policy Affiliate
© Nordcraft 2025. All rights reserved.