Issue with OpenCart multi-store authorization on subdomains.

I have an online store with subdomains like .site.ru, and when authorizing through Oneall, the redirect goes to the main site site.ru, so logging into the account does not happen on .site.ru. I did not find in the documentation how to fix the reverse redirect.

Answers

  • Seems like the session isn't persisting across subdomains, which is why logging in on .site.ru redirects to site.ru without maintaining authentication. Here are a few things you can check:

    1. Cross-Subdomain Cookies – Ensure cookies are set for the entire domain (.site.ru) instead of a specific subdomain. In PHP, for example:
      php session_set_cookie_params(['domain' => '.site.ru']);
    2. OneAll Callback Settings – Check if OneAll allows specifying subdomains for redirects. If it's defaulting to the main domain, you may need to adjust the return URL dynamically.
    3. CORS and SameSite Attributes – Some authentication systems require proper CORS settings and SameSite=None; Secure attributes in cookies for cross-subdomain logins.
    4. OAuth Flow with Subdomains – If OneAll is using OAuth, verify if the redirect URI can be configured per subdomain rather than a fixed main domain.

    If the documentation doesn’t explicitly mention subdomains, try reaching out to OneAll support or checking their API settings for custom callback URLs.

Welcome!

Please sign in to your OneAll account to ask a new question or to contribute to the discussions.

Please click on the link below to connect to the forum with your OneAll account.