Unable to sign in (sign-in loop)
The most common cause is that the browser fails to persist the sign-in session, so subsequent requests are still treated as unauthenticated.
Typical symptoms:
- The sign-in request returns 200 OK
- But after refresh you end up back on
/signin(or you keep going through/auth/redirectand returning to the sign-in page) - Backend logs look normal, but you still can’t stay signed in
Why this happens
Section titled “Why this happens”Maia uses a cookie-based session to store your authentication state. If the session cookie is marked Secure, the browser will only store and send that cookie over HTTPS.
If you access Maia over plain HTTP (for example, http://<IP>:3690), the browser may refuse to store the cookie. This results in a sign-in loop where the request “succeeds”, but you are immediately redirected back to the sign-in page.
Maia provides an environment variable to control this behavior:
SESSION_COOKIE_SECURE=true|false|auto
Recommended settings:
- Public HTTPS (reverse proxy / load balancer): set
SESSION_COOKIE_SECURE=auto - Strictly internal-only and intentionally HTTP: set
SESSION_COOKIE_SECURE=false(not recommended for Internet-facing deployments)
Setup the environment variable
Section titled “Setup the environment variable”Add SESSION_COOKIE_SECURE=auto to your .env.production file:
SESSION_COOKIE_SECURE=autoRecreate the container
Section titled “Recreate the container”Setting SESSION_COOKIE_SECURE=... in .env.production does not necessarily mean it will be injected into the container automatically. Make sure your docker-compose*.yml passes it into the maia service via environment: or env_file:.
If you build the image from source:
docker compose --env-file .env.production up -d --build --force-recreateIf you are using the release compose file:
docker compose -f docker-compose.release.yml --env-file .env.production up -d --force-recreateIf everything is configured correctly, you should be able to sign in successfully and the sign-in loop will stop.