0

I've followed Adding the HTML sign-in button to your page instructions, and made it work in my development environment. At production I need to support subdomains, but I can't make it work. I've changed data-cookiepolicy from single_host_origin to https://mydomain.com as API reference says, so this way it should support login from https://mysubdomain.mydomain.com. I've also added https://mydomain.com to Javascript origins at Google Developer Console. Nevertheless, when I click Login button, after authentication step, a 400 error is displayed, with Error: origin_mismatch message. It works if I add the url with the subdomain to the Javascript origin list, but that's not what I need, since I don't know them in advance (and might be tons).

What might I missing? Thanks! :_(

juanignaciosl
  • 3,435
  • 2
  • 28
  • 28
  • I've never used this. +1 for bringing it to my attention. So, will it work if you just use **http** instead of **https**, like this? `data-cookiepolicy="http://example.com"` –  Jan 07 '15 at 17:24
  • Nop, my problem is not the *schema* but the *subdomain*. The schema must be *https*. It works if I add `https://mysubdomain.mydomain.com` to the Javascript origin list, which is something I think shouldn't have to (I can't add my subdomains there). – juanignaciosl Jan 07 '15 at 17:27
  • I submitted an issue for this at, so please help and vote it up https://code.google.com/p/googleappengine/issues/detail?id=11796 – Derek Perkins Mar 17 '15 at 21:05

1 Answers1

1

Well, it looks like you must add every subdomain (!). See this question, with a workaround hint and this other Google Groups thread.

Community
  • 1
  • 1
juanignaciosl
  • 3,435
  • 2
  • 28
  • 28