Skip to content

bug(self-hosting): Chrome extension login fails on self-hosted instances (missing CAP_CHROME_EXTENSION_ID) #1993

Description

@jerryno6

Bug Description

When self-hosting Cap using the default Docker Compose templates (docker-compose.yml or docker-compose.coolify.yml), logging in via the Chrome extension fails with a 400 Bad Request or an HttpApiDecodeError indicating redirectUri validation issues.

Steps to Reproduce

  1. Deploy Cap using the self-hosted Docker templates.
  2. Configure the Chrome Extension's Cap URL to point to your self-hosted instance (e.g., https://cap.yourdomain.com).
  3. Click "Log In" in the extension.
  4. The extension attempts to authenticate against /api/extension/auth/start but receives a 400 Bad Request / failure.
  Could not reach Cap extension auth at https://cap.yourdomain.com. Start the local web server with pnpm dev:extension and make sure the extension Options Cap URL is
  https://cap.hapytek.com. Redirect URI: https://fefjaffcodfiogbbngmjkcjpbpclbdcp.chromiumapp.org/. 400

Technical Context

In packages/env/server.ts, the environment variable CAP_CHROME_EXTENSION_ID is used to validate the authorized Chrome extension ID. However:

  • CAP_CHROME_EXTENSION_ID is not mapped to the container in docker-compose.yml or docker-compose.coolify.yml under the cap-web service.
  • The parameter is undocumented and missing from the env template files (e.g., docker-compose.coolify.env.example), making it impossible for self-hosted instances to authorize Chrome extension logins out-of-the-box.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions