Requirement: We want .NET core API to accept requests from authorized UI application who are having access token. We are current trying to get the access token so that we can include in header and send to .NET core API, but we are facing an issue that while running the angular application locally we are unable to get access token from online.Microsoftonline.com instead the infamous CORS error.
What is wrong we may be doing?
we are aware of interceptors and CORS. But while requesting for token from Angular we were getting cors error from Microsoft website.
There are few of the workarounds,
Make sure that your API is not connected with another domain which can be reason for not able to get access from CORs policy ,so may be for that reason you will not be able to call the API.
For example to enable CORs attribite ;
[EnableCors(origins: "http://webapp.net ", headers: "*", methods: "*")]
public class TestController : ApiController
{
// Controller methods not shown...
}
}
For more information please refer this MS Q&A discussion which is suggested by @DeepDave-MT in comment.
And, this Blog|ANGULAR SPA WITH AN ASP.NET CORE API USING AZURE AD AUTH AND USER ACCESS TOKENS.
