After SAP Spartacus successfully logs in, does the request base site need access token

I did test in two Spartacus instances,one is setup locally, the other one is http://cx-qa.eastus.cloudapp.azure.com:4200/

    create a new storefront using Schematics with version 3.1.

OCC endpoint: https://20.51.210.49:9002/
Login with url http://localhost:4200/electronics-spa/en/USD/
Wait for 1 minute till the access token is expired.
Refresh the browser.
Login page is displayed. This is working as designed.

    login with http://cx.eastus.cloudapp.azure.com:4200/

Wait for 1 minute till the access token is expired.
Refresh the browser.
No login page is displayed. Instead, blank screen is displayed.
The cause of blank page is, the OCC API to retrieve CMS structure of login page fails with 400 response:


Because the url itself is wrong:
https://20.51.210.49:9002/occ/v2/cms/pages?pageType=ContentPage&pageLabelOrId=%2Flogin&lang=en&curr=USD
The base site is missing in url.
The correct url should be:
https://20.51.210.49:9002/occ/v2/electronics-spa/cms/pages?pageType=ContentPage&pageLabelOrId=%2Flogin&lang=en&curr=USD
Due to this error, pageStructure.page is undefined, and the code below leads to JavaScript error in console. The login page fails to display. Then blank screen.

But why http://localhost:4200/electronics-spa/en/USD/ can work as expected?
In Spartacus 3.1, there is no Authorization field appended to OCC API for base site request:

But in our QA instance, the access token is appended in API request headers, so 401 error occurs.

Due to this error, base site cannot be retrieved, so subsequent request for login page structure is failed as well. Finally no login page displayed.
Here is some specific debugging information.
http://cx.eastus.cloudapp.azure.com:4200/electronics-spa/en/USD/

This method is called by cms-page.connector.ts.

Read the context of the login page.

This request to read the page structure of the login page has succeeded.

Request parameters successfully read.


The context is now only PreHeader and SiteLogin.





On a properly working local Storefront, the basesite request returns success:


Read More: