1

I am using OAuth2 code flow to authorize an Angular app, with ADFS as the authorization server, but when I'm trying to get the access_token using a post request to the /token endpoint of the ADFS server, the request gets blocked by CORS. How can I fix hat?

Bogdan B
  • 846
  • 9
  • 23

4 Answers4

4

There is no way to alter the ADFS headers on ADFS 4.0 (Server 2016) and below.

However, ADFS 5.0 (Server 2019) does allow this including support for CORS

rbrayb
  • 46,440
  • 34
  • 114
  • 174
2

I am using win server 2019, i enabled CORS by:

Set-AdfsResponseHeaders -EnableCORS $true
Set-AdfsResponseHeaders -CORSTrustedOrigins https://example1.com,https://example2.com

Reference:

https://learn.microsoft.com/en-us/windows-server/identity/ad-fs/operations/customize-http-security-headers-ad-fs#cross-origin-resource-sharing-cors-headers

Vikas
  • 118
  • 1
  • 8
0

okey I think there´s 2 ways at least; first install cors as an angular dependency; npm install cors --save, then in your server(supposed javascript) 

var express = require('express')
  ,cors = require('cors')
  , app = express();

if not maybe it a problem about comunicating in local/remote between two ports; so maybe creating a prox.config.js . This ussually be by default.

may you have this by default

change whereever you need there like for example for a tomcat deployment:

enter image description here

Qiqke
  • 486
  • 5
  • 19
0

I've managed to solve the problem by adding an http interceptor in my Angular app and adding the CORS header only for the requests to the ADFS's token endpoint, and on the ADFS side I've enabled CORS and updated the list of allowed origins.

Bogdan B
  • 846
  • 9
  • 23
  • How did you enable CORS for ADFS? unless you have ADFS 2019. – natdico Aug 18 '20 at 15:30
  • Im using the latest version of ADFS. A workaround would be to create the challenge on the backend server and just return the token to the client, once the sign in is complete. – Bogdan B Sep 04 '20 at 09:09