Login blocked when custom_data contain base64?

Hello guys,
I have been today developing a feature where the user could save in a document his avatar picture in base64, im aware of the 2mb limit, my images are really small 200x200 (50kb aprox) And it is $set in a document that is the one linked to user data, then it come on custom_data too.

The document look right in db too:

The problem that I realised is that after doing a request (my one is via graphql customResolver) the value is set ok, the UI works ok but if I logOut I cannot login again,
The issue is similar to this other issue but my case is not the same solution since I started working with realm-web 1 week ago and i have latest: customData - bad base64

I can see two request on the browser, first is:

Login (response payload)
access_token: “eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJiYWFzX2Rld”
device_id: “5fdc285ed0e95c18e86df550”
refresh_token: “eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJiYWFzX2RhdGEiOm51bGwsImJhYXNfZGV2aWNlX2lkIjoiNWZkYzI4NWVkMGU5NWMxOGU4NmRmNTUwIiwiYmFhc19kb21haW5faWQiOiI1ZmQ1MTgyYzI4NjQxZjNmNzg3YzUxNDQiLCJiYWFzX2lkIjoiNWZkYzI4YjU4Y2EwYTBlMzE0MmZkYzJiIiwiYmFhc19pZGVudGl0eSI6eyJpZCI6IjVmZGMyODVkZDBlOTVjMThlODZkZjRkNCIsInByb3ZpZGVyX3R5cGUiOiJsb2NhbC11c2VycGFzcyIsInByb3ZpZGVyX2lkIjoiNWZkNTFkNzAyODY0MWYzZjc4ODExM2Y2In0sImV4cCI6MTYxMzQ0Nzg2MSwiaWF0IjoxNjA4MjYzODYxLCJzdGl0Y2hfZGF0YSI6bnVsbCwic3RpdGNoX2RldklkIjoiNWZkYzI4NWVkMGU5NWMxOGU4NmRmNTUwIiwic3RpdGNoX2RvbWFpbklkIjoiNWZkNTE4MmMyODY0MWYzZjc4N2M1MTQ0Iiwic3RpdGNoX2lkIjoiNWZkYzI4YjU4Y2EwYTBlMzE0MmZkYzJiIiwic3RpdGNoX2lkZW50Ijp7ImlkIjoiNWZkYzI4NWRkMGU5NWMxOGU4NmRmNGQ0IiwicHJvdmlkZXJfdHlwZSI6ImxvY2FsLXVzZXJwYXNzIiwicHJvdmlkZXJfaWQiOiI1ZmQ1MWQ3MDI4NjQxZjNmNzg4MTEzZjYifSwic3ViIjoiNWZkYzI4NWVkMGU5NWMxOGU4NmRmNTBkIiwidHlwIjoicmVmcmVzaCJ9.9MpuF2TW9wU6TYMVf-888JnvOH8wiQTFR-96KsYiG4k”
user_id: “5fdc285ed0e95c18e86df50d”

The second show as “profile” and it fail with ERR CONNECTION CLOSED. the payload is huge and i have tried to decrypt the token and it show the base64 inside, i think the SDK is not supporting it or similar?

Pasted here because token is so long due base64 image.

FYI maybe this issue was not fully fixed? https://github.com/realm/realm-js/pull/3055

I have a few follow-up questions: Can you share an example of a base64 encoded image that I can use to reproduce this? Can you share a bit more about the failing GET /profile request, does the server respond with an error code or message?

To me it sounds like you’re hitting a (perhaps undocumented) limit on the custom user data documents. From your dev tools screenshot it looks like the authentication succeeded, but the server is unable to complete the fetch of the profile because the access token (which includes the image) is too large.

If at all possible, I would suggest that you upload the image somewhere else (perhaps S3 or Google’s storage) and reference it by a URL. If that’s not ideal for your use-case, perhaps store it in a different collection than the custom user data and find the document manually after a successful login to avoid it being included in the access token.


MongoDB Realm does offer a 3rd party service to Amazon S3 for this exact problem. It is documented here:


However, images are currently limited to a max of 4MB.

I have tried this service, and I can say that it definitely works.

Richard Krueger

1 Like

Hi guys, im sorry but i could not give more data about it since we leaving realm for our MVP and we not working with that codebase anymore. thanks anyway and hope it works for the future is somebody find same issue.