1

I have a Blazor app that is calling an Azure Function that is secured with B2C. If a call the function directly from a browser, I get redirected to the B2C login and once authenticated the Function returns a Json object as expected. Now if I make the call within the Blazor app, WITH 'Allow Anonymous Access' on the Function, it works. Now when I set the Functions access to "Login with Active Directory" I get following: enter image description here

I've add my localhost to the Function Cors:

enter image description here

No sure if I should be added anything when I initialize the connection within Blazor though? PS. The App authenticates to B2C fine.

Thanks, Mike

Mike
  • 1,059
  • 1
  • 8
  • 10
  • If my answer is helpful, please accept it as answer( click on the check mark beside the answer to toggle it from greyed out to filled in). Thank you. – Tony Ju May 30 '20 at 06:39

1 Answers1

0

This CORS error occurs because you are accessing https://{tenant}.b2clogin.com/{tenant}.onmicrosoft.com endpoint

from https://localhost endpoint.

And we can not resolve this error due to the restriction from Azure B2C server side. (Azure AD or Azure AD B2C don't support CORS)

The workaround is

You get the token from the server side, call the function in the server, then your app make a call to your server.

Reference:

No 'Access-Control-Allow-Origin' header with Microsoft Online Auth

Tony Ju
  • 14,891
  • 3
  • 17
  • 31