OAuth-openId: Can't call the /openid/userinfo. Cors policy problem

VincentMontreal 1 Reputation point


I have a single page application that is register into the azure portal. I use a react library to make the code flow. I manage to get an access token with my code but after that I try to call (with my accessToken) this endpoint :
https://login.microsoftonline.com/{:TenantID}/openid/userinfo but I have this error:
Access to XMLHttpRequest at 'https://login.microsoftonline.com/{:TenandId}/openid/userinfo' from origin 'http://localhost:3000' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
Do you know how I can access to this endpoint from http://localhost:3000 (for now and later from my production url) ?
Thanks for your help,


Azure Active Directory
Azure Active Directory
An Azure enterprise identity service that provides single sign-on and multi-factor authentication.
14,725 questions
{count} votes

1 answer

Sort by: Most helpful
  1. AmanpreetSingh-MSFT 55,531 Reputation points

    Hello @VincentMontreal-7976

    Add the crossorigin attribute to your < script > tags:

    < script crossorigin src="..." >< /script >

    Also ensure the response is with the Access-Control-Allow-Origin: *

    Please do not forget to "Accept the answer" wherever the information provided helps you. This will help others in the community as well.

    0 comments No comments