REST API different behavior between Web Preview and iOS preview app

I believe the iOS preview app may be dropping my HTTP Authorization headers, and I don’t know why.

My Setup:
I have connected appgyver with a Cloud Firestore backend.

I’m using the Firebase Auth REST API for Sign in which passes an idToken for authorization purposes.

Using the web app preview portal, my app successfully passes the received idToken back through the Authorization HTTP header which works with the simple Firestore read/write rules I have set up.

However, something fails in the iOS preview app. The data is not retrieved from the database using the iOS preview app.

My best guess is the react native iOS implementation isn’t sending the Authorization header during the HTTP call. This would cause the GET request from the iOS device to fail with a “permission denied.” I suspect this because when I relax the Firestore read/write security rules so they do not require authentication, the data is indeed retrieved by the iOS preview app.

Again, everything in the REST API works fine in the web preview, but the iOS preview app fails.

This issue may be similar to this one but I’m just not sure and I’m hoping for a simpler solution.

I have tried fiddling with leading and trailing slashes ‘/’ as suggested elsewhere.

One other solution may be ensuring the correct appgyver domain is in Firebase’s Authorized Domains. Does the iOS preview app use a different domain than or or

My app is 189362.

Hi! Sorry for the delayed answer – are you still experiencing problems with this? What version of the preview app are you using (you can see this when you open the (logged in) preview app and click on your email address)?

Hi. I am still experiencing this issue with runtime version 2.4.33.

In one of the Firebase REST API tutorials, the GET RECORD relative path in the Appgyver Data Configurator was indicated to be something like

The important bit there is the dot-slash “./” in the middle.

The web preview gracefully handled the relative path and displayed the correct database information.
The iOS preview app stumbled on the dot-slash and wouldn’t connect to the database if the Authorization permissions were set to anything other than wide open.

When I removed the dot-slash, the web app preview and iOS preview both connected to the database even with Authorization permissions set.

Summary: I got rid of erroneous characters in the relative path of the REST API in the data configurator.


I struggled for days trying to make the behaviour between web preview and app preview the same. I wish I had seen your post earlier. Made the change and everything is correct now.

At some point I must have copied the extra dot-slash from a tutorial just to make my query work. Works fine without it.