I have created an Azure function that uses CSOM and Graph api to get site owner details. The Azure function is then triggered from a SPFx webpart. I was earlier using admin creds directly in the code for CSOM calls and hardcoded client id and client secret for Graph api. I had also added my tenant url in the 'Allowed Origin' it was working perfectly until now. However due to company policy i had to use 3rd party certificate for csom connection and instead of directly adding Graph api details i used key vault to generate secret and then use it in code. Now the issue started coming. When i run the azure function directly by running the url in browser it now redirects me to Microsoft login page and when enter my creds it shows me the response. Now when i run the url from my spfx webpart it starts giving me cors error as shown in the attached screenshot.
My understanding is that the azure function is redirecting to Microsoft Login page and that page is causing this error.
I also tried adding https://login.windows.net and https://login.microsoftonline.com in "Allow Origin" of CORS setting of the Azure function. Any idea how can i resolve this issue
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(188.79999999999998, 4%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPU%3C/text%3E%3C/svg%3E)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(89.60000000000001, 68%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJM%3C/text%3E%3C/svg%3E)
