Hello, We will be fixing this problem for the next studio release where you can follow from this link https://abp.io/docs/latest/studio/release-notes
Until we release a fix, you can follow these steps to make your application work. I will also be sending a sample project having the same fixes.
Environment.ts to separate the authentication flow from the host application as follows// ...
// Separate the API and AuthServer URLs
const apiUrl = `http://${yourIP}:44331`;
const oAuthIssuer = `http://${yourIP}:44327`;
const dev = {
apiUrl,
appUrl: `exp://${yourIP}:19000`,
oAuthConfig: {
issuer: oAuthIssuer,
clientId: 'Ticket9786_Mobile',
scope: 'offline_access Ticket9786',
},
localization: {
defaultResourceName: 'Ticket9786',
},
} as Environment;
const prod = {
apiUrl,
appUrl: `exp://${yourIP}:19000`,
oAuthConfig: {
issuer: oAuthIssuer,
clientId: 'Ticket9786_Mobile',
scope: 'offline_access Ticket9786',
},
localization: {
defaultResourceName: 'Ticket9786',
},
} as Environment;
// ...
UseAuthAndTokenExchange.ts as followsimport * as WebBrowser from 'expo-web-browser';
import { store } from '../store';
import AppActions from '../store/actions/AppActions';
import PersistentStorageActions from '../store/actions/PersistentStorageActions';
import { getEnvVars } from '../../Environment';
import { makeRedirectUri } from 'expo-auth-session';
const {
oAuthConfig: { issuer, clientId, scope },
} = getEnvVars();
const useAuthAndTokenExchange = navigation => {
const handleAuthentication = async () => {
try {
// For tiered architecture: open AuthServer in browser
// AuthServer will handle OAuth and redirect back to React Native
const redirectUri = makeRedirectUri();
const authUrl =
`${issuer}/connect/authorize?` +
`client_id=${clientId}&` +
`redirect_uri=${encodeURIComponent(redirectUri)}&` +
`response_type=code&` +
`scope=${encodeURIComponent(scope)}&` +
`state=${Math.random().toString(36).substring(7)}`;
const result = await WebBrowser.openAuthSessionAsync(authUrl, redirectUri);
if (result.type === 'success') {
// Parse the redirect URL to get authentication data
const url = new URL(result.url);
const code = url.searchParams.get('code');
if (code) {
// For tiered architecture, we need to establish the authenticated session
// This could be by exchanging the code for a token, or by getting user context
// Option 1: Exchange code for token (if the app needs to make API calls)
try {
const tokenEndpoint = `${issuer}/connect/token`;
const tokenResponse = await fetch(tokenEndpoint, {
method: 'POST',
headers: {
'Content-Type': 'application/x-www-form-urlencoded',
},
body: new URLSearchParams({
grant_type: 'authorization_code',
client_id: clientId,
code: code,
redirect_uri: redirectUri,
}).toString(),
});
if (tokenResponse.ok) {
const tokenData = await tokenResponse.json();
// Store the token for future API calls
store.dispatch(
PersistentStorageActions.setToken({
token_type: tokenData.token_type || 'Bearer',
access_token: tokenData.access_token,
refresh_token: tokenData.refresh_token,
expire_time: new Date().valueOf() + tokenData.expires_in * 1000 || 0,
scope: tokenData.scope,
}),
);
// After establishing the session, fetch app config to get current user
store.dispatch(AppActions.fetchAppConfigAsync({ showLoading: false }));
navigation.navigate('Home');
} else {
console.error('💥 Failed to establish authenticated session');
}
} catch (error) {
console.error('💥 Error establishing authenticated session:', error);
}
} else {
console.error('💥 No authorization code in redirect URL');
console.error('💥 Full redirect URL:', result.url);
}
} else if (result.type === 'cancel') {
console.log('🚀 ~ Auth cancelled by user');
} else {
console.log('🚀 ~ Auth result type:', result.type);
}
} catch (error) {
console.error('💥 Error in authentication flow:', error);
}
};
return { handleAuthentication };
};
export default useAuthAndTokenExchange;
// src/YourProject.DbMigrator/appsettings.json
{
"ConnectionStrings": {
"Default": "mongodb://localhost:27017/Ticket9786"
},
"Redis": {
"Configuration": "127.0.0.1"
},
"OpenIddict": {
"Applications": {
// ...
},
"Ticket9786_Mobile": {
"ClientId": "Ticket9786_Mobile",
"RootUrl": "exp://192.168.1.39:19000"
},
"Ticket9786_BlazorServer": {
"ClientId": "Ticket9786_BlazorServer",
"ClientSecret": "1q2w3e*",
"RootUrl": "https://localhost:44385"
},
"Ticket9786_Swagger": {
"ClientId": "Ticket9786_Swagger",
"RootUrl": "https://localhost:44331/"
}
}
}
}
#if DEBUG
PreConfigure<OpenIddictServerBuilder>(options =>
{
options.UseAspNetCore()
.DisableTransportSecurityRequirement();
});
#endif
// src/YourProject.AuthServer/appsettings.Development.json
{
"Kestrel": {
"Endpoints": {
"Http": {
"Url": "http://0.0.0.0:44327"
}
}
}
}
// src/YourProject.HttpApi.Host/appsettings.Development.json
{
"Kestrel": {
"Endpoints": {
"Http": {
"Url": "http://0.0.0.0:44331"
}
}
},
"AuthServer": {
"Authority": "http://192.168.1.39:44327",
"MetaAddress": "http://192.168.1.39:44327",
"RequireHttpsMetadata": false,
"Audience": "Ticket9786"
}
}
You can let us know if you need further assistance. Thank you for your cooperation.
Hello again,
Thank you for providing extra details. I have duplicated the same problem on my end. I am investigating further and will be getting back to you soon.
Thank you again for your cooperation.
Thank you for sharing a sample. Could you also try these instead for the application config
provideAbpCore(withOptions({
environment: environment.abpConf,
registerLocaleFn: registerLocale(),
})),
provideAbpOAuth(),
// CoreModule.forRoot({
// environment: environment.abpConf,
// registerLocaleFn: registerLocale(),
// }).providers!,
// AbpOAuthModule.forRoot().providers!,
We will provide full support for this builder in the next version. Please note that Angular may be incompatible with the latest updates in comparison to our packages.
At the same time, we will review related packages that could potentially cause issues in upcoming patch releases, without waiting for the next major version. You can follow the progress here: https://github.com/abpframework/abp/releases
Thank you for providing extra details. However, I do not replicate the same problem on my side.
Could you try downgrading the angular version to 20.0.x then use the 5.8.x version for the typescript version?
If you need further assistance, you can also send a minimal example to this address: sumeyye.kurtulus@volosoft.com.
Thank you again for your cooperation.
I have checked the versions you provided. First of all, you need to use the angular version 20.0.x for ABP version 9.3.x.
Also, I am assuming that you have been using the latest angular build system application builder. Could you also provide your angular.json?
I also would like to inform that you can follow these documentations while updating https://abp.io/docs/latest/release-info/release-notes#9-3-2025-06-17 https://abp.io/docs/latest/release-info/migration-guides
Hello, I will be checking and getting back to you now. Thank you for your cooperation.
Hello again, I am sorry for sending over the wrong e-mail address. Could you please forward that here this address: sumeyye.kurtulus@volosoft.com
Hello,
We are sorry for getting back this late. Could you try using this key SUPPRESS_UNSAVED_CHANGES_WARNING to override the default behavior for the touched forms
// app.module.ts or app.config.ts
providers: [
{
provide: SUPPRESS_UNSAVED_CHANGES_WARNING,
useValue: false,
}
]
You can let us know if you need further assistance. Thank you for your cooperation.
Hello,
I cannot produce the same problem on my end after running such command using the latest ABP version
abp generate-proxy -t ng -url https://localhost:[yourPort] -m saas
Could you send me a minimal, reproducible example so that I could assist you further. Here is my e-mail address: sumeyye.kurtulus@gmail.com.
Thank you for your cooperation.
Hello again,
Thank you for providing logs. As far as I see, there is no problem on backend side. I suspect the gateway configurations declared in gateways/mobile/MyProjectName.MobileGateway/appsettings.json
Can you try updating the ClusterId for AbpApi route to AuthServer that may solve your problem?
{
"App": {
"CorsOrigins": "",
"HealthCheckUrl": "/health-status"
},
"AuthServer": {
"SwaggerClientId": "SwaggerTestUI"
},
"ElasticSearch": {
"IsLoggingEnabled": true,
"Url": "http://localhost:9200"
},
"Swagger": {
"IsEnabled": true
},
"ReverseProxy": {
"Routes": {
"AbpApi": {
"ClusterId": "AuthServer", // You may need to check here
"Match": {
"Path": "/api/abp/{**catch-all}"
}
},
"SettingManagement": {
"ClusterId": "Administration",
"Match": {
"Path": "/api/setting-management/{**catch-all}"
}
},
"FeatureManagement": {
"ClusterId": "Administration",
"Match": {
"Path": "/api/feature-management/{**catch-all}"
}
},
"PermissionManagement": {
"ClusterId": "Administration",
"Match": {
"Path": "/api/permission-management/{**catch-all}"
}
},
"Saas": {
"ClusterId": "Saas",
"Match": {
"Path": "/api/saas/{**catch-all}"
}
},
"SaasSwagger": {
"ClusterId": "Saas",
"Match": {
"Path": "/swagger-json/Saas/swagger/v1/swagger.json"
},
"Transforms": [
{ "PathRemovePrefix": "/swagger-json/Saas" }
]
},
"OpenIddict": {
"ClusterId": "Identity",
"Match": {
"Path": "/api/openiddict/{**catch-all}"
},
"AuthorizationPolicy": "Anonymous"
},
"AdministrationSwagger": {
"ClusterId": "Administration",
"Match": {
"Path": "/swagger-json/Administration/swagger/v1/swagger.json"
},
"Transforms": [
{ "PathRemovePrefix": "/swagger-json/Administration" }
]
},
"Account": {
"ClusterId": "AuthServer",
"Match": {
"Path": "/api/account/{**catch-all}"
}
},
"AccountAdmin": {
"ClusterId": "AuthServer",
"Match": {
"Path": "/api/account-admin/{**catch-all}"
}
},
"AuthServerSwagger": {
"ClusterId": "AuthServer",
"Match": {
"Path": "/swagger-json/AuthServer/swagger/v1/swagger.json"
},
"Transforms": [
{ "PathRemovePrefix": "/swagger-json/AuthServer" }
]
},
"Identity": {
"ClusterId": "Identity",
"Match": {
"Path": "/api/identity/{**catch-all}"
},
"AuthorizationPolicy": "Anonymous"
},
"IdentitySwagger": {
"ClusterId": "Identity",
"Match": {
"Path": "/swagger-json/Identity/swagger/v1/swagger.json"
},
"Transforms": [
{ "PathRemovePrefix": "/swagger-json/Identity" }
]
}
},
"Clusters": {
"AuthServer": {
"Destinations": {
"AuthServer": {
"Address": "http://yourIP:44392/"
}
}
},
"Administration": {
"Destinations": {
"Administration": {
"Address": "http://yourIP:44300/"
}
}
},
"Saas": {
"Destinations": {
"Saas": {
"Address": "http://yourIP:44301/"
}
}
},
"Identity": {
"Destinations": {
"Identity": {
"Address": "http://yourIP:44381/"
}
}
}
}
}
}
If this does not solve your problem, you can send me a minimal reproducible example to investigate further. Here is my email address: sumeyye.kurtulus@volosoft.com.
