Silent redirect with long 'payload' query param when accessing app

I’m trying to submit my app to OER Commons, and when I submit the URL, it’s telling me that the URL redirects to: https://latin-morph.streamlit.app/-/login?payload=MTc3OTk3ODIyNXxrSUcxcUdYcmVCeG51czJrMWtqc3FwSmxZYmJiSncwdC1OT0hmYVE4NkxKZlFrckpSMUFMaU9PSHVnMlg2c0lvNDBpdk4tZ0daclNRNkwwaEowTTFsbXc2S1E0UVdlaVVaQklNYnlVeTg1b2FJX3YwTUdZbFRDdXZrTjJPZFZrdW4xLUwybWFVdWdWMWhGdlJtZEQxbFhsazdLaDFDOU9kc3dtc3BWYzlsV1BDbS1CaUdVNlBQNnhDQ0JkcG00Y2FMMHRtWjZUcGpQN3hJWmVYeHVpa3YwMnhnM2F0SlF1Ukx6MVBQR2hqZ2dvV1BrTFhXdjdranpFUWh2aGVTZjg0UDRrdVBEcFQySVlXZ2dLVVhJUkZxd2dVdWF2UmpXbHVaMU0wN1JqV0hoSGdENDFnWEFUNE5XbFNmSlg4aUEwVHozcldvMnNHcmZRZ01BT2R2MkpMNFFMaVNrMG9TOEFTQ2lyR1kySE94MlE0VEpVVjFqbDgySmJiOXVJR2piT0lhTXRvSmRGYVhZMzIwdFV5WVEyT2xQaUZDZWdDRHlsODRreGtQcFpfM19jd2x1QjNOQ0ZpVWt6UEw4Zk5JZG51cTVXcnJFTkZ2dzdTa3YxMi1tMXA4ZzA4S2hUSXdRODJrMHpMQ1VsTUFLNnNwYmtDcXYwRGdGUDRxWmRLNjFVQ0hWdmkwaTFVSVBQcHhZYTRubEpka1E9PXwC0Ea5k8eJL5gHD3XHEMmD6yfGboTE_p1UCVrrp0GJdA%3D%3D

This is understandably too long for it to process, and I also don’t know why it’s happening, since my site does not require a login. I’ve contacted their support team, but I’m not entirely sure that the problem is on their end, since this seems like something Streamlit is doing under the hood. At any rate, it’s a problem.

Welcome to the Streamlit community, and thanks for your detailed question!

The redirect to a login URL with a long payload typically happens when your Streamlit app is set to “private” or “invite-only” on Streamlit Community Cloud. In this mode, unauthenticated users (including bots or external services like OER Commons) are redirected to a login page, which includes a payload for authentication. This is expected behavior for private apps and is not a bug in Streamlit itself. To allow OER Commons (and others) to access your app directly, you need to set your app’s sharing settings to “public” in the Streamlit Community Cloud dashboard. Only public apps can be accessed without authentication and will not trigger this redirect. For more, see the official docs on sharing and collaboration.

Sources:

• https://github.com/streamlit/streamlit/issues/11168
• https://discuss.streamlit.io/t/streamlit-apps-iframing-dont-work-since-the-migration-on-subdomains-based-url-structure/27144

My app IS set to public, and has always been.