[keycloak-user] Fwd: CORS's problem with JavaScript's library
Kevin Berendsen
kevin.berendsen at pharmapartners.nl
Thu Jun 29 07:24:20 EDT 2017
Hi,
This is a perfect response from your browser. X-client is a custom header and not allowed out of the box.
I think either you should strip that header from your request to Keycloak or modify Keycloak to allow that header or some sort (not recommend).
You could also modify your standalone configuration to add a response header but that's not really recommended either.
> -----Oorspronkelijk bericht-----
> Van: keycloak-user-bounces at lists.jboss.org [mailto:keycloak-user-
> bounces at lists.jboss.org] Namens Karol Buler
> Verzonden: donderdag 29 juni 2017 10:30
> Aan: keycloak-user at lists.jboss.org
> Onderwerp: Re: [keycloak-user] Fwd: CORS's problem with JavaScript's
> library
>
> We are using keycloak-auth-utils because our application isn't strict frontend.
> It is something like "middle-end" app. We can't use e.g. code flow
> authentication.
>
> Secondly... yes, We applied "*" to "Web Origins".
>
>
> On 28.06.2017 16:47, Sebastien Blanc wrote:
> > (forgot including user list)
> >
> > Are you using keycloak-auth-utils on your frontend application ? Why
> > not the JavaScript library ?
> > Also have you configured the "Web Origins" field of your client in the
> > Keycloak Web Console ?
> >
> > On Wed, Jun 28, 2017 at 3:09 PM, Karol Buler <K.Buler at adbglobal.com>
> wrote:
> >
> >> Hi Everyone,
> >>
> >> We have problem with CORS. We are using this lib:
> >> https://www.npmjs.com/package/keycloak-auth-utils in our JavaScript
> >> application.
> >>
> >> When we try to get AccessToken we are getting this message:
> >>
> >> Fetch API cannot load http://<keycloak_address>/auth
> >> /realms/master/protocol/openid-connect/token. Request header field
> >> x-client is not allowed by Access-Control-Allow-Headers in preflight
> >> response.
> >>
> >> We tried to modify CORS headers in standalone.xml file of Keycloak's
> >> server, but we found that CORS headers are hardcoded and added "in
> air".
> >>
> >> Best regards,
> >> Karol Buler
> >>
> >> [https://www.adbglobal.com/wp-content/uploads/adb.png]
> >> connecting lives
> >> connecting worlds
> >> _______________________________________________
> >> keycloak-user mailing list
> >> keycloak-user at lists.jboss.org
> >> https://lists.jboss.org/mailman/listinfo/keycloak-user
> >>
> > _______________________________________________
> > keycloak-user mailing list
> > keycloak-user at lists.jboss.org
> > https://lists.jboss.org/mailman/listinfo/keycloak-user
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
More information about the keycloak-user
mailing list