We’re attempting to switch one of our Dynamic Content Macros to Cacheable app iframes.
(FYI - the app uses
firstname.lastname@example.org, which should support cacheable iframes)
As a first step, we successfully removed all context params previous passed in the app’s URL (e.g.
macroId), and replaced them with a client-side
AP.context.getContext() call to fetch these params.
Next, we replaced the URL for
all.js to https://connect-cdn.atl-paas.net/all.js, rather than loading from relative to the tenant base URL.
At this point (before enabling the all-important
cacheable: true in our app’s descriptor), we tested the above changes to confirm that the app continues to function as normal, which it does.
As expected, the iframe URL at this point still includes all of the context params (
xdm_e etc.), including the
jwt token used to authenticate the request.
"cacheable": true into the app descriptor, the iframe URL no longer contains any context params (as expected).
However, our app now fails to load, with the message “Unauthorized: Could not find authentication data on request”.
Looking through the ACE source, this message appears to come from the
extractJwtFromRequest() function, when it fails to find a JWT token in either the query, request body, or
authorization request header.
Obviously we’ve missing something, but we can’t see anything in the Cacheable app iframes guide that we’ve missed.
Any help would be greatly appreciated.