OAuth-openId: Can't call the /openid/userinfo. Cors policy problem

VincentMontreal 6 Reputation points
2020-06-09T15:01:38.397+00:00

Hello

I have a single page application that is register into the azure portal. I use a react library to make the code flow. I manage to get an access token with my code but after that I try to call (with my accessToken) this endpoint :
https://login.microsoftonline.com/{:TenantID}/openid/userinfo but I have this error:
Access to XMLHttpRequest at 'https://login.microsoftonline.com/{:TenandId}/openid/userinfo' from origin 'http://localhost:3000' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
Do you know how I can access to this endpoint from http://localhost:3000 (for now and later from my production url) ?
Thanks for your help,

Regards,
Vincent

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,443 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. AmanpreetSingh-MSFT 56,306 Reputation points
    2020-06-11T09:05:48.627+00:00

    Hello @VincentMontreal-7976

    Add the crossorigin attribute to your < script > tags:

    < script crossorigin src="..." >< /script >

    Also ensure the response is with the Access-Control-Allow-Origin: *

    Please do not forget to "Accept the answer" wherever the information provided helps you. This will help others in the community as well.

    0 comments