[keycloak-user] Fwd: CORS's problem with JavaScript's library

Karol Buler K.Buler at adbglobal.com
Thu Jun 29 04:29:50 EDT 2017


We are using keycloak-auth-utils because our application isn't strict 
frontend. It is something like "middle-end" app. We can't use e.g. code 
flow authentication.

Secondly... yes, We applied "*" to "Web Origins".


On 28.06.2017 16:47, Sebastien Blanc wrote:
> (forgot including user list)
>
> Are you using keycloak-auth-utils on your frontend application ? Why not
> the JavaScript library ?
> Also have you configured the "Web Origins" field of your client in the
> Keycloak Web Console ?
>
> On Wed, Jun 28, 2017 at 3:09 PM, Karol Buler <K.Buler at adbglobal.com> wrote:
>
>> Hi Everyone,
>>
>> We have problem with CORS. We are using this lib:
>> https://www.npmjs.com/package/keycloak-auth-utils in our JavaScript
>> application.
>>
>> When we try to get AccessToken we are getting this message:
>>
>> Fetch API cannot load http://<keycloak_address>/auth
>> /realms/master/protocol/openid-connect/token. Request header field
>> x-client is not allowed by Access-Control-Allow-Headers in preflight
>> response.
>>
>> We tried to modify CORS headers in standalone.xml file of Keycloak's
>> server, but we found that CORS headers are hardcoded and added "in air".
>>
>> Best regards,
>> Karol Buler
>>
>> [https://www.adbglobal.com/wp-content/uploads/adb.png]
>> connecting lives
>> connecting worlds
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user



More information about the keycloak-user mailing list