2

I have two graphql endpoints (authentiaction endpoint [AUTH] and application endpoint [APP]). I created the api gateway using "makeRemoteExecutableSchema" and "introspectSchema".

The thing is that [AUTH] endpoint on login mutation sets a cookie:

res.cookie("token", token, {
 httpOnly: true,
 secure: process.env.NODE_ENV === "production",
 maxAge: 1000 * 60 * 60 * 24 * 7 // 7 days     
});

The thing is, when I make a request directly to the [AUTH] endpoint, the cookie is set (I can see "Set-cookie" response headers). But when I make a login mutation via API gateway, the cookie is not set. How to solve my issue?

matiash
  • 53
  • 4
  • I am dealing with essentially the same issue. My endpoint returns a Set-Cookie header when my client directly accesses it, but the header is not being returned by my API Gateway. Have you made any progress with this issue? For reference, I am using Apollo-Server-Express for my API Gateway and schema-stitching multiple endpoints. The schema-stitching works fine, I am able to successfully merge and introspect the schema, but cookies are not being passed from client to endpoint (or vice-versa). – Mark Nenadov Dec 27 '18 at 20:33

0 Answers0