Skip to main content
Question

Plugin SDK with Retool / Google Sign In

  • November 12, 2025
  • 8 replies
  • 89 views
authentified-dave
Forum|alt.badge.img

I am attempting to build a sidebar plugin in Retool so I can utilise all of my existing modules, components, and queries so I can surface important contextual information for my CS team.

We all use Google sign in to login to our Retool apps, and we are having a few problems inside Front’s sidebar due to third party cookies.

The native Retool sign in screen does not/cannot pop up the Sign in with Google page so I get the below 403 error when I click “Sign in with Google”

 

 

I have now tried to create a public Retool app, that just has a single “Sign in with Google” button on it (which is just a Retool button), which calls the following script on click:

 

console.log("Front.openUrlInPopup", Front.openUrlInPopup)

Front.openUrlInPopup("https://{mydomain}.retool.com/googlelogin", {
  width: 600,
  height: 800,
})

When I load that into the sidebar, the console.log runs (I toggled on the dev tools in Front) and I can see the Front.openUrlInPopup method showing just fine, but nothing happens/the function doesn’t run and no popup appears.


I have already read everything in this thread:

 

Look for a bit of guidance to help make this happen

8 replies

E
Forum|alt.badge.img+5
  • evano
  • Fronteer
  • November 13, 2025

Hi there!

That linked article’s deep dive is fairly exhaustive in which options are available and includes one that doesn’t use pop-ups.  The key takeaway for that one being the importance of this cookie option:

https://github.com/dugjason/nextauth4-front-plugin/commit/f5d29c5b8429847f1078b838954b3535c47c2af4#diff-cd41b427b38a554f9a1a2d2e848e41ddc39bc7d68dba54c1398d7384d6aaf4f7R6


And also our documentation for Replacing third-party cookies in Front plugins:

 
Your provided example still uses openUrlInPopup, so I’d like to confirm your team has considered all the options discussed here:


If there’s a reason the options beyond Jason’s first suggestion don’t work, would you please let us know what difficulties you’re having with those?

Evan - Lead Technical Support Engineer
E
Forum|alt.badge.img+5
  • evano
  • Fronteer
  • November 13, 2025

Also, quick followup.  A popup won’t open if the domain isn’t valid.  Given the provided code stub

"https://{mydomain}.retool.com/googlelogin"

should be:

`https://${mydomain}.retool.com/googlelogin` if mydomain is a variable.

Evan - Lead Technical Support Engineer
authentified-dave
Forum|alt.badge.img

Also, quick followup.  A popup won’t open if the domain isn’t valid.  Given the provided code stub

"https://{mydomain}.retool.com/googlelogin"

should be:

`https://${mydomain}.retool.com/googlelogin` if mydomain is a variable.


It’s not a variable I was just hiding my Retool domain :) So the fully qualified domain is there, it’s just not working at all.

    authentified-dave
    Forum|alt.badge.img

    Hi there!

    That linked article’s deep dive is fairly exhaustive in which options are available and includes one that doesn’t use pop-ups.  The key takeaway for that one being the importance of this cookie option:

    https://github.com/dugjason/nextauth4-front-plugin/commit/f5d29c5b8429847f1078b838954b3535c47c2af4#diff-cd41b427b38a554f9a1a2d2e848e41ddc39bc7d68dba54c1398d7384d6aaf4f7R6


    And also our documentation for Replacing third-party cookies in Front plugins:

     
    Your provided example still uses openUrlInPopup, so I’d like to confirm your team has considered all the options discussed here:


    If there’s a reason the options beyond Jason’s first suggestion don’t work, would you please let us know what difficulties you’re having with those?

     

    Thanks for replying!

    We aren’t using Next so I’m not sure if that code block is relevant? I’d like to avoid Next if I can (we do use Next for other things), are you suggesting we could have some kind of Next app that sits in the middle as the plugin which then redirects to our Retool app after login is successful?

    E
    Forum|alt.badge.img+5
    • evano
    • Fronteer
    • November 17, 2025

    Ah!  Partitioned cookies are a framework agnostic part of the HTTP standard:

    https://developer.mozilla.org/en-US/docs/Web/Privacy/Guides/Privacy_sandbox/Partitioned_cookies

    I'm not entirely certain how you would incorporate this into Retool. Do you have any frameworks that you are specifically using for this plugin? Or do you have a code stub where you're setting cookies?

    Evan - Lead Technical Support Engineer
    authentified-dave
    Forum|alt.badge.img

    I’ve created a feature request with Retool, the more I dig the more I believe this lies with them to do as the issue (I think) is with the oauth2XsrfState cookie that’s being set by Retool

    https://community.retool.com/t/partitioned-cookies/63196

    E
    Forum|alt.badge.img+5
    • evano
    • Fronteer
    • November 18, 2025

    Looks like a good report!  I’d super appreciate an update here when you hear back. 🙏🏻

    Evan - Lead Technical Support Engineer
    Javier - Developer Relations
    Forum|alt.badge.img+9

    Hi ​@authentified-dave,

     

    Did this end up being an issue on the Retool side?

    Javier - Front Developer Relations
    Terms & ConditionsCookie settingsAccessibility statement