How to use IdentityServerClientCorsOrigins? (ABP.IO)
Currently the cors origins are configured in the appsettings however I am not able to configure in way that it gets the origins from the SQL Server database.
I have commented out that withOrigins sections however I have it already configured in the database but it gets rejected
This is the error I get when I am calling from http://localhost:3000
Access to XMLHttpRequest at 'https://ids.local/connect/userinfo' from origin 'http://localhost:3000' has been blocked by CORS policy:
Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
Apply these on IdentityServer project:
- Add
AllowedCorsOriginsto the client's configuration onConfig.csor in DB (if using EF)
AllowedCorsOrigins =
{
"http://localhost:3000"
},
Be sure to use an origin (not a URL) when configuring CORS. For example: https://foo:123/ is a URL, whereas https://foo:123 is an origin.
Ref: http://docs.identityserver.io/en/dev/topics/cors.html#client-based-cors-configuration
- In case you have custom cors policy, add it on
startup.cs-ConfigureServices.
services.AddCors(options =>
{
options.AddPolicy("default", policy =>
{
.AllowAnyHeader()
.AllowAnyMethod()
.AllowCredentials();
});
});
- On
startup.cs-Configure, add cors after IdentityServer.
app.UseIdentityServer();
app.UseCors("default");
IDS4 already register a custom cors policy, if you have one too make sure to add it after IDS4 middleware
- ASP Identity Core GeneratePasswordResetTokenAsync expired
- IdentityServer4 in IIS being recycled due to app_offline.htm when using discovery endpoint sometimes
- Identityserver from duende behind caddy has http in the openid config
- How to send email id when calling identity server 4 to login
- IdentityServer token issuer claim missing port number in issued JWT token
- Identity Server 4 - Unable to authenticate user
- How to find out to use best flow in IdentityServer?
- Identityserver 4 in docker compose The remote certificate is invalid according to the validation procedure
- Deploying .net Core 3 linux container on azure web app container with IdentityServer4 certification/http error
- Login to multiple Apps with IdentityServer4
- duende identity server 6.2 session managment
- Any luck in using AddMicrosoftIdentityWebApp in combination with IdentityServer4?
- .net core 3.1 Google SSO Callback url not hit
- What are stored in PersistedGrant table for IdentityServer
- .NET 8 upgrade: OIDC correlation failure with IdentityServer4 on HTTP when using machine name instead of localhost
- Login with Microsoft External Account -Issue when the user cancels the consent prompt during authentication
- Error in configuring identity server. The cookie '.AspNetCore.Identity.Application' has set 'SameSite=None' and must also set 'Secure'
- In Identity Server 4, I have a User's identity but 0 Claims
- IdentityServer4 Error: No DbContext named 'ConfigurationDbContext' was found
- Is there a way to connect/disconnect external OpenId providers IdentityServer 4 "on the fly"
- Clarification on Identityserver 4 protecting API scopes with ApiResources
- Exchanging azure AD token with Identity server token
- IdentityServer4 and SSO
- Invalid_client using OpenIdConnect in client application
- "Key vault reference error" in azure web app configuration setting
- why offline_access scope is needed to request refresh token in IdentityServer (OAuth2)?
- Identity Server 4 ASP.NET Quickstart 'refused connection'
- Bearer token not set as expected
- Setting up JWT authentication using the Identity Server and get access token
- ApiResource vs ApiScope vs IdentityResource