Disable "Secret(optional)" the right way

I made a thread here:

But it is less likely to get answered on the yunohost forum.

I also found this ticket:

and tried to follow the instructions, but I think I’m doing something wrong.

Copy/Paste from my other thread:

Which says the config is here:


and the actual .env file is here:


I went into both files to remove the API_Secret but in both of them it says:

[ XXX is meant to be read-only ]

So I removed it regardless. Rebooted the server, but I am still getting the error:

403: Invalid secret on login

How do I remove the Secret from the login properly?

After changing the .env file you may need to run php artisan optimize

thank you.

For anyone using Yunohost:

  1. Remove the app secret from both places listed above
  2. Run: php8.1 artisan optimize
  3. Restart the server

It works.

1 Like