Microsoft Security | Microsoft Authenticator
A Microsoft app for iOS and Android devices that enables authentication with two-factor verification, phone sign-in, and code generation
Microsoft identity platform and OAuth 2.0 Resource Owner Password Credentials
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(76.8, 93%, 17%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAC%3C/text%3E%3C/svg%3E)
Atul Chaudhary
1
Reputation point
Hi,
I am using One Drive API Name is (Microsoft identity platform and OAuth 2.0 Resource Owner Password Credentials).
API:
https://login.microsoftonline.com/{tenant_ID}/oauth2/token
Everything is working but when I am trying to his this API after putting all data in header like this:
var settings = {
"url": "https://login.microsoftonline.com/{ID}/oauth2/token",
"method": "POST",
"headers": {
"Content-Type": "application/x-www-form-urlencoded",
"Access-Control-Allow-Origin": "*"
},
"data": {
"grant_type": "password",
"client_id": "{client_id}",
"client_secret": "client_secret",
"resource": "https://graph.microsoft.com",
"username": "username",
"password": "password"
}
};
$.ajax(settings).done(function (response) {
debugger;
alert("test1");
console.log(response);
});
I was using this API by AJAX. But it throws error like this:
Access to XMLHttpRequest at 'https://login.microsoftonline.com//oauth2/token?grant_type=&client_id=&client_secret=&resource=https%3A%2F%2Fgraph.microsoft.com&username=&password=' from origin 'http://localhost:39741' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
I also tried by putting access-control-allow-origin in web.config file like this:
please help me to find out this issue
Microsoft Security | Microsoft Authenticator
Microsoft Security | Microsoft Graph
Microsoft Security | Microsoft Graph
An API that connects multiple Microsoft services, enabling data access and automation across platforms
{count} votes
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(35.2, 57.00000000000001%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVK%3C/text%3E%3C/svg%3E)
Vicky Kumar (Mindtree Consulting PVT LTD) 1,161 Reputation points Microsoft Employee2022-10-06T07:54:54.93+00:00 As i can see , you are access XMLHttpRequest at 'https://login.microsoftonline.com//oauth2/token?grant_type=&client_id=&client_secret=&resource=https%3A%2F%2Fgraph.microsoft.com&username=&password , where endpoint is missing , could you please try with https://login.microsoftonline.com/<issuer>/oauth2/v2.0/token , https://learn.microsoft.com/en-us/azure/active-directory/develop/active-directory-v2-protocols#endpoints
Sign in to comment
Sign in to answer