Trying to access endpoint from browser - bad request | identity server 4

Question

I have an endpoint. When I hit this endpoint with the correct credentials, it works and I get a 200 using postman. The endpoint is part of identity server - connect/token. The bad request is failing on the pre flight from the browser.

I'm seeing this error in the console.

Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8100' is therefore not allowed access. The response had HTTP status code 400.

Seems to be a CORS issue. I have a c# asp.net core project.

What is the URL shown of the page in your web browser? What is the URL of the AJAX endpoint being hit? — mjwills, Apr 17 '18 at 22:10
Ah sorry for not specifying. URL - localhost:8100 and the connect/token is the endpoint — userlkjsflkdsvm, Apr 18 '18 at 14:01

score 0 · Answer 1 · answered Apr 17 '18 at 21:37

0

Generally speaking, if you're getting that error then you want to figure out why you're doing a cross-reference request and fix it.

If you have a valid reason for wanting to allow cross-origin resource sharing (for instance if developing on a local react server), you can install a chrome plugin that exposes that setting to be easily toggle-able.

It's not a setting you want enabled in general--I strongly advise you for security reasons to turn it off when you're on any site other than a development environment where you have a specific reason for needing it.

answered Apr 17 '18 at 21:37

levininja

3,118
5
26
41

Getting this error now - Response for preflight has invalid HTTP status code 400. – userlkjsflkdsvm Apr 17 '18 at 21:49
@userlkjsflkdsvm I would check that your local server (probably IIS Express in VS) is running for the second website--the one that localhost://8100 is trying to hit. – levininja Apr 17 '18 at 21:58

Trying to access endpoint from browser - bad request | identity server 4

1 Answers1