my system is angular client side and .net core backend. i'm trying to migrate the authentication process to azure AD to follow my corporate's SSO. after enabling Azure AD on client side using MSAL and on the backend following openID. from the client side i can login successfully and store the token in the local storage, even calling graph Api for some info retrieving and all of that is smooth. however I cant call my backend API from the angular cient as I always get
i spent a lot of time playing with the startup.cs cors policy and enabling any origin and any header with any method of specifying the certain domain but no luck so far i'm not able to bypass that error. i made sure of the order of app.usecors and app.usemvc. i checked and tried a lot of solutions but still no luck. is it issue from Azure AD? do i need to do something relating to cors on the angular client? please note the preflight part.