AConvex Auth Not Working Across Subdomains?
Question:
Is there a way to make Convex Auth sessions work across subdomains? I found issue #162 where @thomasballinger mentioned "wouldn't be hard to make work for cookies" but no solution was provided.
This is my setup:
Architecture:
- Main marketing app at datacrunch.site handles unified authentication
- 8 separate Next.js apps on subdomains: app.datacrunch.site, admin.datacrunch.site,
work.datacrunch.site, etc.
- All apps share the same Convex backend instance
- Users authenticate once on main domain, should access all subdomains without re-auth
Current Flow:
1. User visits app.datacrunch.site/dashboard
2. Consumer app middleware redirects to datacrunch.site/login
3. User authenticates with Google OAuth via Convex Auth
4. Marketing app redirects to app.datacrunch.site/dashboard
5. Problem: Consumer app middleware shows isAuthenticated: false and redirects back to
login (infinite loop)
Investigation Results:
- Cookie convex-auth exists with domain .datacrunch.site
- Cookie is accessible on subdomain
- BUT cookie has no value when read on subdomain
- Logs show: allCookies: [ { name: 'convex-auth', hasValue: false } ]
Code Setup:
// Both apps use convexAuthNextjsMiddleware
const isAuthenticated = await convexAuth.isAuthenticated(); // false on subdomain
Environment:
- Next.js 14
- @convex-dev/auth latest
- Production deployment on Vercel
- Verified all apps use same NEXT_PUBLIC_CONVEX_URL
Any guidance on subdomain auth or workarounds would be greatly appreciated!
Is there a way to make Convex Auth sessions work across subdomains? I found issue #162 where @thomasballinger mentioned "wouldn't be hard to make work for cookies" but no solution was provided.
This is my setup:
Architecture:
- Main marketing app at datacrunch.site handles unified authentication
- 8 separate Next.js apps on subdomains: app.datacrunch.site, admin.datacrunch.site,
work.datacrunch.site, etc.
- All apps share the same Convex backend instance
- Users authenticate once on main domain, should access all subdomains without re-auth
Current Flow:
1. User visits app.datacrunch.site/dashboard
2. Consumer app middleware redirects to datacrunch.site/login
3. User authenticates with Google OAuth via Convex Auth
4. Marketing app redirects to app.datacrunch.site/dashboard
5. Problem: Consumer app middleware shows isAuthenticated: false and redirects back to
login (infinite loop)
Investigation Results:
- Cookie convex-auth exists with domain .datacrunch.site
- Cookie is accessible on subdomain
- BUT cookie has no value when read on subdomain
- Logs show: allCookies: [ { name: 'convex-auth', hasValue: false } ]
Code Setup:
// Both apps use convexAuthNextjsMiddleware
const isAuthenticated = await convexAuth.isAuthenticated(); // false on subdomain
Environment:
- Next.js 14
- @convex-dev/auth latest
- Production deployment on Vercel
- Verified all apps use same NEXT_PUBLIC_CONVEX_URL
Any guidance on subdomain auth or workarounds would be greatly appreciated!
Join the Convex Discord! Explore Convex, the backend platform that keeps your app in sync.
15,138Members
Resources
Similar Threads
Was this page helpful?
