FAQ & Troubleshooting
According to the spec of
crypto.subtle(from MDN web docs), this feature is available only in secure contexts (HTTPS), in some or all supporting browsers.
In most browsers, secure origins are origins that match at least one of the following (scheme, host, port) patterns:
(https, *, *)
(wss, *, *)
(*, localhost, *)
(*, 127/8, *)
(*, ::1/128, *)
(file, *, —)
If you're running your application from a secure origin, it's possible that your browser doesn't support the Web Crypto API. For a compatibility table, please check https://caniuse.com/#feat=mdn-api_subtlecrypto
Chrome and some other browsers doesn't allow cross-origin cookies by default. Try allowing cookies and it should work. We are currently working on an alternative solution, get updates by joining our Slack channel.
Yes, we are making our error messages better 😉. In the meantime, a possible cause is not enabling cross-origin cookie. Make sure that it's enabled and you don't have an ad-blocker.
Usually this can be caused by one of the problems below:
- You're not using a valid API_KEY_ID. If you're using one of the example CodeSandbox, make sure you paste in your own API key.
- You are accessing a project from a domain that is not listed in Allowed URLs. Go to your dashboard > Settings > Allowed URLs and check if your current domain is listed. (If you're seeing "*", then all domains should be allowed). Read more here.
Yes, you can extend the styling more than what is available on the dashboard. Check out the styling guide here.
Not as of now. We are looking for a way to allow you to add CNAME configurations to point your domain to us, but it is not yet available. If you need this feature, make a feature request at our Slack channel.
For now, you can change the From Name, like this:
Generally you should follow this:
- width: 300px
- height: 300px
If you're adding Social Login, WhatsApp, or Captcha, make the height 500px.
This can happen if you're using a modal and the modal is not loaded or have
display: nonewhen you are calling
showFormfor older SDK versions). The solution: only show Cotter's form when the div container and it's parents are loaded with a fixed width and visible display.
That is expected! We are an identity provider and this means that whenever a user verifies their email with Cotter, they don't need to re-verify their email again when logging-in to a website that uses Cotter. This is the same concept as Sign in with Google, you don't need to re-enter your password when signing in to Medium or Asana if you're already logged-in with Google. Learn more about how our sign-in works.
Logging Out of Cotter
There are 2 things you need to do to log out your users:
- 1.Log Out from your app. When the user logs in, the JS SDK automatically stores the access_token/refresh_token such that it's always available for the logged-in user. To log out the user from your app, call the SDK's Log Out function or remove any stored access_token/refresh_token from your website or app.
- 2.Log Out from Cotter. Because Cotter is an Identity Provider like Google, after you log out the user from your app following step 1 above, your user can log back in to your app without being asked to re-verify their email if they were active in the past 30 days. If you want the user to be asked to re-verify their email, the user must log out from Cotter (equivalent to logging out of their Google Account). To do this, direct your user to https://js.cotter.app/logout where they can log out from their account.