Getting CorsPolicyService warning after login using IdentityServer4

  • Thread starter Mohammad Taherian
  • Start date
M

Mohammad Taherian

Guest
I implemented an API in ASP .Net Core 2.2 and IdentityServer4. Everything is working fine and users get authenticated and authorized. But every time a user logged in website, I get this warning in my log CorsPolicyService did not allow origin: {origin}. My client is a JS client and my code looks like below

Client

var config = {
authority: "http://myidsrv.com/",
client_id: "myClient",
response_type: "password",
scope: "openid profile api roles idsrv",
token_url: "connect/token",
client_secret: "secret"
};


API

public void ConfigureServices(IServiceCollection services)
{
services.AddAuthentication(IdentityServerAuthenticationDefaults.AuthenticationScheme)
.AddIdentityServerAuthentication(options =>
{
options.Authority = "http://myidsrv.com/";
options.ApiName = "myApi";
options.RequireHttpsMetadata = false;
});
}
services.AddAuthorization();


and this is my setting in IdentityServer

{
"ClientId": "myClient",
"ClientName": "clientName",
"AllowedGrantTypes": [ "password", "client_credentials" ],
"AllowedScopes": [ "openid", "profile", "api", "roles", "idsrv" ],
"AllowAccessTokensViaBrowser": true,
"AlwaysIncludeUserClaimsInIdToken": true,
"AlwaysSendClientClaims": true,
"AllowOfflineAccess": true,
"RequireClientSecret": true,
"RequireConsent": false,
"ClientSecrets": [
{
"Value": "secret"
}
]
}


I don't know if anything else is needed to make the problem more clear. Thanks in advance for your help.

Continue reading...
 
Top