#Admin Auth broken in production

The /admin/auth route doesn't set a cookie when running on production.
I am using an nginx reverse proxy, and it doesn't work in the admin panel and it doesn't set any cookies even in postman.

Do you have SSL (https://?

Yes

Redis?

Yes

Read my post here and crosscheck everything: https://github.com/medusajs/medusa/issues/2314#issuecomment-1422429232

• Domains should not be on Public Suffix List: it's a custom .com domain
• SSL certificate on all domains (https): Everything is encrypted, both the admin domain, and the API
• admin, storefront and backend under the same main domain i.e. mydomain.com, backend.mydomain.com, admin.mydomain.com: They are on the same main domain
• COOKIE_SECRET is set: It is set to a 32 character string
• Redis needs to be set up (it acts as express session store): The logs confirm that medusa connects to redis successfully

It might be nginx ssl config

https://github.com/medusajs/medusa/issues/1498#issuecomment-1229122157

Unfortunetly my nginx knowledge is limited

Yeah it was an nginx issue

If i have to guess it was because of the Host header.

this fixed it: https://github.com/medusajs/medusa/issues/1498#issuecomment-1229122157