angular Cors Response to preflight request

Tarek, Taher 90 Reputation points
2023-05-28T15:41:34.7+00:00

my system is angular client side and .net core backend. i'm trying to migrate the authentication process to azure AD to follow my corporate's SSO. after enabling Azure AD on client side using MSAL and on the backend following openID. from the client side i can login successfully and store the token in the local storage, even calling graph Api for some info retrieving and all of that is smooth. however I cant call my backend API from the angular cient as I always get

User's image

i spent a lot of time playing with the startup.cs cors policy and enabling any origin and any header with any method of specifying the certain domain but no luck so far i'm not able to bypass that error. i made sure of the order of app.usecors and app.usemvc. i checked and tried a lot of solutions but still no luck. is it issue from Azure AD? do i need to do something relating to cors on the angular client? please note the preflight part.

ASP.NET Core
ASP.NET Core
A set of technologies in the .NET Framework for building web applications and XML web services.
4,135 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,380 questions
0 comments
Accepted answer
  1. Bruce (SqlWork.com) 54,866 Reputation points
    2023-05-28T15:53:19.45+00:00

    Your backend api call is redirecting to the azure html login page. Html pages do not support CORS.

    you should change you backend end api to return a 401 on authentication errors.

    as you are using msal, I assume you are passing a bearer token to your backend api. Did you define api permissions and scope for it. Did your login include this scope?

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest