​

Vercel Environment Variable Fix - Frontend API Base URL (Selective Routing)

​

Problem

• Current (WRONG): Hierarchy endpoints hit payroll-pipeline-cbs-*.uc.a.run.app → returns 404
• Required (CORRECT): Hierarchy endpoints must hit payroll-backend-prod-238826317621.us-central1.run.app → returns 200

​

Root Cause

• /api/v1/admin/hierarchy/* and /api/v1/admin/agents/resolver → use NEXT_PUBLIC_HIERARCHY_API_URL (NEW)
• Other /api/v1/admin/* endpoints → use NEXT_PUBLIC_PIPELINE_API_URL (fallback to NEXT_PUBLIC_API_URL)
• All other endpoints → use NEXT_PUBLIC_API_URL

• Hierarchy endpoints exist ONLY on payroll-backend-prod (System of Record)
• Rate Plans should remain on payroll-pipeline-cbs (Config Plane) per documented architecture
• This preserves the two-service design while fixing hierarchy functionality

​

Fix Required in Vercel (Selective Routing)

​

Step 1: Add NEXT_PUBLIC_HIERARCHY_API_URL (NEW - Required)

1. Go to Vercel Dashboard → Project Settings → Environment Variables
2. Add NEXT_PUBLIC_HIERARCHY_API_URL:
   Copy

   Ask AI

   Value: https://payroll-backend-prod-238826317621.us-central1.run.app
   
3. Ensure it’s set for Production environment (and Preview/Development if needed)
4. This is REQUIRED - hierarchy endpoints will fail if not set

​

Step 2: Verify NEXT_PUBLIC_PIPELINE_API_URL (Keep as-is)

1. Check current value of NEXT_PUBLIC_PIPELINE_API_URL
2. DO NOT CHANGE - should remain pointing to payroll-pipeline-cbs (Config Plane)
3. This is used for Rate Plans and other admin endpoints

​

Step 3: Verify NEXT_PUBLIC_API_URL (Keep as-is)

1. Check if NEXT_PUBLIC_API_URL exists
2. Should point to payroll-backend-prod-238826317621.us-central1.run.app (System of Record)
3. Used for CEO metrics, commissions, leaderboard, and as fallback for admin endpoints

​

Step 4: Trigger Redeploy

1. Go to Vercel Dashboard → Deployments
2. Click “Redeploy” on the latest deployment, OR
3. Push a no-op commit to trigger auto-deploy:
   Copy

   Ask AI

   git commit --allow-empty -m "chore: trigger redeploy after env var fix"
   git push origin main
   

​

Validation

1. Navigate to: /admin/identity-overrides?tab=hierarchy
2. Click: “Export Agent IDs” or trigger any hierarchy endpoint
3. Check Network tab:
   • Request URL should be: https://payroll-backend-prod-238826317621.us-central1.run.app/api/v1/admin/agents/resolver
   • Status should be: 200 OK (not 404)
   • Headers should include: X-Org-Id: creative_benefit_strategies
4. Verify Rate Plans still work:
   • Navigate to Rate Plans tab
   • Check Network tab - Rate Plans calls should hit payroll-pipeline-cbs host
   • Verify Rate Plans functionality works correctly

​

Code Reference

• Function: getBaseUrlForPath(path: string)
• Lines: 25-97
• Routing Logic (selective):
  1. /api/v1/admin/hierarchy/* OR /api/v1/admin/agents/resolver → NEXT_PUBLIC_HIERARCHY_API_URL (required)
  2. Other /api/v1/admin/* → NEXT_PUBLIC_PIPELINE_API_URL (fallback: NEXT_PUBLIC_API_URL)
  3. All other endpoints → NEXT_PUBLIC_API_URL

​

Related Fixes

​

Selective Routing Implementation (Code Change)

• File: dashboard/src/lib/apiClient.ts
• Change: Added hierarchy-specific routing using NEXT_PUBLIC_HIERARCHY_API_URL
• Rationale:
  • Hierarchy endpoints exist ONLY on payroll-backend-prod (System of Record)
  • Rate Plans should remain on payroll-pipeline-cbs (Config Plane)
  • Preserves documented two-service architecture

​

Logout Behavior Fix (Code Change)

• File: dashboard/src/lib/apiClient.ts
• Change: Only 401 triggers logout. 403/404 do NOT trigger logout.
• Rationale:
  • 401 = Authentication failed (session expired) → logout required
  • 403 = Authorization failed (valid auth, insufficient permissions) → do NOT logout
  • 404 = Resource not found (valid auth, endpoint missing) → do NOT logout

​

Environment Variable Summary