Mattermost desktop session expired

On both Linux and MacOS desktops, the desktop app is unable to log in to a valid account - constant “session expired, please log in” messages

Steps to reproduce
Install desktop app v 5.22 on Linux or Mac desktop, start and try to connect

Expected behavior
Connected session

Observed behavior
The result is always a message stating session expired and asking me to log in.

I am self hosting server 7.4 and the failure is with v 5.22 of the desktop app - I tried flathub, .deb and appimage versions - all exhibit same behaviour.

**** I can log in ok from any browser running on the same machines and more importantly - I downloaded v 5.02 appimage and logged in successfully so something has changed in the app between 5.02 and 5.22 ****

Hi b3lt3r,

can you please confirm that the URL you’re using for connecting the desktop app to your server is exactly the same URL that is configured in your system as the SiteUrl? Recent desktop app versions automatically redirect you to the configured SiteUrl so if there’s a mismatch of the configured URL in the desktop app and the one the server sends, you will experience issues.
If you’re unsure, please check the value for Site URL in your system console, section EnvironmentWeb Server.


Yes I just checked as you suggested. The site URL in console and the configured server name in desktop and entered in the browser is which is passed by an haproxy frontend to the http address - ie

This lets me use https from outside to reach direct to the mattermost server.


OK, thanks - is there anything special with regards to your HAproxy configuration? Do you drop request headers or the like?

It is very plain indeed -

use_backend mmpg if { ssl_fc_sni -i }

backend mmpg
mode http
server soc-http check

and in the server config:
Server URL
The URL of your Mattermost server. Must start with http:// or https://.

As I said - this works fine with 5.02 of desktop and also any browser - it’s pretty much how all my containers are accessed so that I can use a meaningful name and the SSL is managed by haproxy.


Alright, thanks - just wanted to rule out the obvious things.
Would you mind sharing the logfiles of your desktop app when you start it and after you’ve reproduced the problem? You can find them in one of the following locations (depending on your installation method):

Of course, happy to do that. When I have the file(s), how would you like them?

I have 3 files:
5.0.2 appimage
5.2.2 appimage
5.2.2 tar


You mean you zipped/packed the logs folder and this is the resulting file? I’m not using OSX here, but there should be one or two files in the logs folder which we’re interested in. If you want to zip them, go for it.
Can you maybe share a screenshot of what you’re seeing in the logs directory if this is unclear?


I’m on Linux not MacOS (although the symptom is the same there as well). in the directory .config/Mattermost/logs there is only one file - main.log

What I did was clear the log, then run the login cycle with each of the 3 app flavours and save, then clear and do the next.

How would you like the 3 files sent?


If possible, upload them as attachment here - if you want to DM them to me, you should also be able to do that here. Not sure what else I could offer you here, if you’re on, you can also DM them to me there or you can use tools such as and DM me the password to the links.

For whatever reason, I cannot upload to here. I’ve put the files in my cloud drive - link is:

please let me know if you want anything else.


  • Resolved *


I noticed a very brief flash on the screen sometimes when starting the app and kept doing it until I was able to get a screenshot. It said that this server had no sign-in method enabled which was clearly not the case but it started me thinking.

I spent the morning trying various things and changed settings in haproxy. When looking I noticed a line of config I have to enable Nextcloud to run inside an iframe in a different site which has been running for 2 yrs now. I commented, restarted haproxy and immediately was able to login with desktop 5.22.

For completeness, the offending line was: http-response replace-header Set-Cookie “(.*)” “\1; SameSite=None”

My guess is that this was causing the credentials not to be maintained in the session and hence the expired message…

So - many thanks for your support in attempting to resolve - it is appreciated!


Hi again,

thanks for letting us know what the reason was and I did expect something like this, which is why I asked for the haproxy config :slight_smile: Anyways, I’m marking this as solved now.

1 Like