How to maintain Memberstack authentication when redirecting users from WordPress to Webflow after email verification?
GM Everyone - need some expert advise this early Friday morning from you pros! 🙂 (High-level summary) - We are trying to connect our memberstack registration and onboarding flow thats working perfectly on our webflow site to our multiple lead-gen wordpress sites so all new user registrations flow into memberstack. We are running into some problems. Here is the (technical breakdown of the issue) Two sites are using the same Memberstack Live App ID Site 1(WordPress), Site 2(Webflow)
Signup happens on https://influencerspanama.com/es/creadores-test/ (WordPress).
Post-verify redirect (internal) → /es/onboarding/step1 on Panama, which immediately forwards to https://app.latamugc.com/es/onboarding/step1 (Webflow).
What works
Step 1: Signup saves correctly in Memberstack.
Plan assignment + verify email are sent as expected.
Problem (after email verification)
When the user clicks the verify link and lands on the influencerspanama.com handoff page, the Memberstack session often isn’t available (memberstack undefined / “ms not loaded”), so when forwarded to app.latamugc.com/es/onboarding/step1 they see Login/Signup instead of the onboarding form.
We’ve also seen app.latamugc.com page previously load without the Memberstack JS (so even with a session it wouldn’t be recognized).
What we already tried
- Ensured same App ID (Live) on both sites; Cross-Domain Login = ON with both domains allowed.
- Handoff page waits for memberstack.getCurrentMember() before redirecting; cleans ? member=...&forceRefetch=true.
- Removed duplicate scripts where found; tested with cache/CDN cleared; tested direct forward vs. intermediate page.
- Considered/attempted SSO and iframe (iframe blocked/unreliable for auth).
Suspected root on Panama
Memberstack JS not initializing reliably on /es/onboarding/step1 (seen duplicate loads and/or optimization plugins deferring the script), so the session isn’t refreshed right after verify.
Expected behavior
After verify → Panama handoff loads Memberstack, session is present, then forward to LATAM where onboarding shows (no extra login).
Comments
5 comments
Hey Chad,
Currently cross-domain logins only work for domains which share the same root domain as per the documentation. For e.g.: it will work if both the sites are app.website.com and website.com but not if its app.website.com and someotherwebsite.com.
Is this requirement fulfilled in your cross-domain login setup?
Thanks A J actually only trying to do registrations and not logins from our country sites. Does this help? The goal is for them to do step.1 registration, they get our memberstack transactional email with the link to verify their email which opens up the original memberstack plan URL to complete onboarding.
The domain the user registers on, they can also login on that domain (I understand you don't offer that feature there), but technically if they register on root domain A and click on verify email which takes them to a handoff page on the root domain A and are then directed to root domain B, then the user will be asked to login again (since currently cross-domain login is possible only if root domain is same).
So, in case, both your sites share the same root domain, the signup --> verify --> handoff page --> the actual onboarding page on different site with the same root domain will work without asking the user to login again via the Cross-Domain login feature.
Ok thank you!! Any recommendations on a solution?
Maybe send sister site registration info to airtable then connect airtable to memberstsack? The sister sites are only lead gen sites really once they register willl never go back to the sister site
Hey Chad,
I am not sure if I understand the solution correctly, if you mean getting the email from the lead gen sites and connecting it to Airtable and creating Memberstack accounts via automation for possibly opting for passwordless logins, the users still would have to login again on the main site via OTP (if you offer passwordless login).
You could probably take an approach where the users are registered on the lead gen site and send them an email with the passwordless login page link in the main site or directly lead them to that page after registering and maybe have the content on it as a verification page (but in the back-end it is a passwordless-login which will also mark your users as verified upon successful otp login). The users might only need to do this for the first time, as later on they can login via passwords later on in the main site, if your project requires that.
Please sign in to leave a comment.