Data Browser - Viewing Site  Sector 23 Code Bank Logged in as:  Guest  




           


Angular access to xmlhttprequest blocked by cors policy
Overnight, the session expires on the Angular application I created, which is hosted in Azure behind Entra authentication.
If the user leaves their browser open and then clicks on a button to call the backend API, the http call fails with "access to xmlhttprequest blocked by cors policy" (trying to login.windows.net or microsoft login)

Solution:
In the Azure developer portal for the application, search for "CORS". Under "Allowed Origins" add the root path to your site and save your changes.

Now, calls to the API should successfully log in and return response.

That should be all you need. Otherwise you could try:
In the client application angular code, ensure your http call has the following header:
new HttpHeaders().set('Access-Control-Allow-Origin', '*')
but this seems unneeded.

Created By: amos 1/23/2024 9:47:14 AM
Updated: 1/23/2024 9:50:51 AM