Unable to sign in using Chrome on desktop

I successfully sign in using Edge on my PC, and Chrome on iPhone. However, when I try to sign in using Chrome on my PC (my preferred browser)…

-I go to https://citystrides.com/users/sign_in
-I click ‘Connect with Strava’
-Boxes are ticked, and I click ‘Authorize’

…and I am simply returned to CityStrides , without the ability to go to any personal menus. I would appreciate help if anyone has had a similar experience.

I love CityStrides, and appreciate all the work that must go into it!

I have absolutely no idea what could be causing this.
There are no errors reported in my error reporting service, and the login flow is a bunch of full page loads (most of the site doesn’t actually fully reload the page via some javascript trickery) so it doesn’t seem like it could be a javascript issue (plus, you’d know if javascript wasn’t working because none of the maps would load).

You could try clearing CityStrides data from the browser:

  • go into Chrome preferences
  • search for “data”
  • click the “manage data” button
  • search for “citystrides”
  • click the row for CityStrides
  • click the “remove selected” button
  • try logging in again

It’s the sso.garmin.com cookie(s).

If I open citystrides in a normal session, I have to delete this cookie in order for the session to pass authentication - otherwise, the session hangs.

Opening CityStrides in an incognito session (in Chrome) works as well.

Next time it hangs, I’ll check the console for error messages.

As a workaround on the “hanging” screen, clear the cookies in Chrome:

… Click on the little “lock” next to the URL
… Click Cookies
… Find sso.garmin.com - select it
… Click “Remove”

Reload the page and the login page should display.

Thank you very much for this. Chrome incognito mode works well!
However, in regular mode I have followed the instructions and cannot find an sso.garmin.com cookie anywhere there, including in the subfolder, so the issue persists in regular mode.


1 Like

Try finding it a different way:

In Chrome, click on the “three dots” in the top right and select “Settings”
Click “Privacy and Security” (on the left)
Click “Cookies and other site data”
Scroll down and click “See all cookies and site data”
Near the top of the page, there should be an option to “Search Cookies”. Click on that and enter “sso.garmin.com”.
Click on “sso.garmin.com” (assuming it appears in the results) and click “Remove All”.
Close settings and reload the CityStrides page.

I have a feeling that one of the cookies is expiring (there are two that are set to expire in 24 hours) and the site is not handling the redirect back to ask for Garmin credentials. It’s essentially getting stuck in limbo. Clearing out the cookie should force the login page once the page reloads.

Followed the instructions, found and deleted the Garmin cookie, reloaded CityStrides, and it still loops back to the sign-in page. Funnily enough, when I opened incognito mode to sign in to the forum to tell you this, incognito seemed to have remembered my credentials (i.e. I was already signed into the forum). So incognito is working wonderfully for my purposes, but I’m happy to continue trying stuff if it will help you figure this out. If it matters, I don’t have a Garmin device.

Thanks again for your help.

ah, ok - so perhaps it’s a different cookie depending on how you’re syncing up your runs to citystrides.

I use Garmin so maybe check to see if there is an sso..com or something similar…

That’s very suspect. It sounds like there was a lingering incognito window that wasn’t previously closed. I’m not aware of any scenario where sign-in status is recalled between incognito sessions.

Yeah, I notice in the first post you mention Strava. So, instead of searching for Garmin cookies you’ll be looking for Strava cookies.

In Chrome you should be able to clear the data by:

  • open up the preferences
  • search for “see all cookies”
  • follow the highlighted text prompts to “See all cookies an site data”
  • use the search cookies for “strava”
  • click the trash can next to any strava-related entries
  • search again for “citystrides” and do the same (skip anything referencing “community.citystrides.com” to remain logged in here)

Then you should be able to log into Strava, and after doing that you should be able to log into CityStrides.

I found an incognito window open on another screen that was turned off, so that explains that…

And removing cookies for Strava and CityStrides has fixed all the problems. Thank you very much.

1 Like


Happened again to me today - seems to happen after a week or two.

I sync with Garmin and it definitely was under the sso.garmin.com site. I deleted individual cookies and it seems the CASMRC or CASTGC cookie, once deleted, allowed me to re-authenticate.

I did manage to capture some of the errors from the console - hope it helps…

I’ve got another idea I can send out in the next release (hopefully tonight). Thanks for the screenshots!


Awesome! I’ll dig around a bit more if it happens again…

Happened again today - Here’s the console output:

JQMIGRATE: Logging is active
gauth-widget.js?20170510_4.49.4.0:1 gauth-widget.js loadGAuth(): source: https://sso.garmin.com/sso/signin?service=https%3A%2F%2Fconnect.garmin.com%2FoauthConfirm&webhost=https%3A%2F%2Fconnect.garmin.com&source=https%3A%2F%2Fconnect.garmin.com%2FoauthConfirm&gauthHost=https%3A%2F%2Fsso.garmin.com%2Fsso&locale=en_US&id=gauth-component&cssUrl=https%3A%2F%2Fconnect.garmin.com%2Fstyle.oauth.sso.css%3F4.49.4.0&clientId=GarminConnect&rememberMeShown=true&rememberMeChecked=undefined&createAccountShown=false&openCreateAccount=false&displayNameShown=false&consumeServiceTicket=false&initialFocus=true&embedWidget=false&generateExtraServiceTicket=true&generateTwoExtraServiceTickets=false&generateNoServiceTicket=false&globalOptInShown=false&globalOptInChecked=false&mobile=false&connectLegalTerms=false&showTermsOfUse=false&showPrivacyPolicy=false&showConnectLegalAge=false&locationPromptShown=false&showPassword=true&useCustomHeader=true&mfaRequired=false&performMFACheck=false&rememberMyBrowserShown=true&rememberMyBrowserChecked=false
gauth-widget.js?20170510_4.49.4.0:1 gauth-widget.js loadGAuth(): createAccountUrl: /createNewAccount?service=https%3A%2F%2Fconnect.garmin.com%2FoauthConfirm&webhost=https%3A%2F%2Fconnect.garmin.com&source=https%3A%2F%2Fconnect.garmin.com%2FoauthConfirm&gauthHost=https%3A%2F%2Fsso.garmin.com%2Fsso&locale=en_US&id=gauth-component&cssUrl=https%3A%2F%2Fconnect.garmin.com%2Fstyle.oauth.sso.css%3F4.49.4.0&clientId=GarminConnect&rememberMeShown=true&rememberMeChecked=undefined&createAccountShown=false&openCreateAccount=false&displayNameShown=false&consumeServiceTicket=false&initialFocus=true&embedWidget=false&generateExtraServiceTicket=true&generateTwoExtraServiceTickets=false&generateNoServiceTicket=false&globalOptInShown=false&globalOptInChecked=false&mobile=false&connectLegalTerms=false&showTermsOfUse=false&showPrivacyPolicy=false&showConnectLegalAge=false&locationPromptShown=false&showPassword=true&useCustomHeader=true&mfaRequired=false&performMFACheck=false&rememberMyBrowserShown=true&rememberMyBrowserChecked=false
gauth-widget.js?20170510_4.49.4.0:1 gauth-widget.js loadGAuth(): source after check: https://sso.garmin.com/sso/signin?service=https%3A%2F%2Fconnect.garmin.com%2FoauthConfirm&webhost=https%3A%2F%2Fconnect.garmin.com&source=https%3A%2F%2Fconnect.garmin.com%2FoauthConfirm&gauthHost=https%3A%2F%2Fsso.garmin.com%2Fsso&locale=en_US&id=gauth-component&cssUrl=https%3A%2F%2Fconnect.garmin.com%2Fstyle.oauth.sso.css%3F4.49.4.0&clientId=GarminConnect&rememberMeShown=true&rememberMeChecked=undefined&createAccountShown=false&openCreateAccount=false&displayNameShown=false&consumeServiceTicket=false&initialFocus=true&embedWidget=false&generateExtraServiceTicket=true&generateTwoExtraServiceTickets=false&generateNoServiceTicket=false&globalOptInShown=false&globalOptInChecked=false&mobile=false&connectLegalTerms=false&showTermsOfUse=false&showPrivacyPolicy=false&showConnectLegalAge=false&locationPromptShown=false&showPassword=true&useCustomHeader=true&mfaRequired=false&performMFACheck=false&rememberMyBrowserShown=true&rememberMyBrowserChecked=false
gauth-widget.js?20170510_4.49.4.0:1 gauth-widget.js loadGAuth(): Calling appendIFrame('https://sso.garmin.com/sso/signin?service=https%3A%2F%2Fconnect.garmin.com%2FoauthConfirm&webhost=https%3A%2F%2Fconnect.garmin.com&source=https%3A%2F%2Fconnect.garmin.com%2FoauthConfirm&gauthHost=https%3A%2F%2Fsso.garmin.com%2Fsso&locale=en_US&id=gauth-component&cssUrl=https%3A%2F%2Fconnect.garmin.com%2Fstyle.oauth.sso.css%3F4.49.4.0&clientId=GarminConnect&rememberMeShown=true&rememberMeChecked=undefined&createAccountShown=false&openCreateAccount=false&displayNameShown=false&consumeServiceTicket=false&initialFocus=true&embedWidget=false&generateExtraServiceTicket=true&generateTwoExtraServiceTickets=false&generateNoServiceTicket=false&globalOptInShown=false&globalOptInChecked=false&mobile=false&connectLegalTerms=false&showTermsOfUse=false&showPrivacyPolicy=false&showConnectLegalAge=false&locationPromptShown=false&showPassword=true&useCustomHeader=true&mfaRequired=false&performMFACheck=false&rememberMyBrowserShown=true&rememberMyBrowserChecked=false'
chromewebdata/:1 Refused to display 'https://connect.garmin.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
(index):6770 crbug/1173575, non-JS module files deprecated.
(anonymous) @ (index):6770
/favicon.ico:1 Failed to load resource: the server responded with a status of 404 ()
gauth-widget.js?20170510_4.49.4.0:1 gauth-widget.js:  [ERROR event triggered] errorDetails: [No response from the server in 10 seconds.]

Deleted sso.garmin.com cookies and was able to log back in…

:thinking: Interesting. All of this is happening within Garmin’s site(s). I’ll have to get in touch with them to see if they’re aware of the issue.