luminateExtend - GetUser works but IsUserInterested fails with code 14 after apparent timeout

Options
Brian Mucha
Brian Mucha
Ancient Membership Facilitator 4 Name Dropper Photogenic
in Blackbaud Luminate Online® & Blackbaud TeamRaiser® Discussions
I have a project that calls GetUser, and then calls IsUserInterested in the getuser_success callback.


After sitting idle for a while, sometimes IsUserInterested will fail with error 14 - Method not allowed.


Even after redirecting to the login page it will continue to fail, until the browser is closed and reopened. I've tried deleting luminateExtend.global.auth before that login, but no go.


Why would GetUser work, but then IsUserInterested not? Seems like a problem with the session, but I can even get and save interactions with no problem, just not IsUserInterested. Weird, right?


BPM
Tagged:

Comments

  • Daniel Hartanto
    Daniel Hartanto
    Ancient Membership Facilitator 2 Name Dropper Photogenic
    on mine, getUser would always work, but when I call getUserGroups I always got that error 14 saying Get failed: getting a record is not allowed for the caller. The login session is active not even timing out, but I am never able to call that API. I am using Luminate Extend 1.8.3


    And now on top of that, the S45 tag alternative to check if one is a member of LO group no longer works if called within iframe (this is in light of the new SameSite policy, and JSESSIONID is being flagged as non compliant as it has no SameSite attribute value defined (and in this particular one I guess in order for that to work cross domain it needs to be set to None and Secure)
  • Noah Cooper
    Noah Cooper
    Ancient Membership Facilitator 4 Name Dropper Photogenic
    Just to confirm, are you setting requiresAuth to true?
  • Daniel Hartanto
    Daniel Hartanto
    Ancient Membership Facilitator 2 Name Dropper Photogenic
    Hi Noah,


    Yes, I have the
    requiresAuth: true

    alongside useHTTPS: true


    I also have another question, whether the 1.8.3. still take this requestType: 'POST' ?


    Thank you in advance for your help and time Noah!


    ADD ON:

    I should probably add additional context
    1. The pagebuilder where I put this LO API call is being embedded in an iframe for external websites.
    2. I am experiencing where some API returning error 14 while the other is fine. And with some browser has that SameSite by default (Chrome 84, Safari 13) this is where I get most of that occuring. In Safari 13 more importantly, I even have the getUser returning error 14.
    This is the external website where I use this iframe and postMessage communication to allow some kind of Single Sign On application (at the time of we came up with this solution, we maxed out on the IP whitelisting, so that site can't write the API directly, hence the iframe/postMessage combination) -- if you see the login, registration, subscribe they are all LO pages.


    At this moment, I can't even use the loginTest API to enable that seamless going between LO and that site when one is logged in and doesn't have to relogin in between. Also some of the S-tag stops working to when rendered within iframe (i.e. S45, S1 value, while conditional based on S1 still works but not rendering say if I need to see the cons_id of the logged in user.


    These all were working fine prior this SameSite.

    https://www.diabetesfoodhub.org/



    regards,

    Daniel
  • Daniel Hartanto
    Daniel Hartanto
    Ancient Membership Facilitator 2 Name Dropper Photogenic
    attaching screengrab from the XHR logs and the actual API call snippet, plus more context on my original reply above.

Categories