Support for CORS on RH-SSO Authorization Endpoint

Solution Verified - Updated -

Issue

  • In the Token endpoint there is support for CORS, but we don't see any support for CORS in the Authorization Endpoint. Is this normal/expected ?
  • Our application is sending a request with a redirect to the RH-SSO server in a xhr request; but this request is blocked by Same Origin Policy;

    Cross-Origin Request Blocked: 
    The Same Origin Policy disallows reading the remote resource at 
    https://mykeycloakserver.com/auth/realms/myrealm/protocol/openid-connect/auth?client_id=myclientid&scope=openid+2fa%3Aopt&response_type=code&redirect_uri=https%3A%2F%2Fbackend.mydomain.com%2Foam%2Fserver%2Fauth_cred_submit&request_id=-846804452690168959&CREDENTIAL_CONTEXT_DATA=USER_ACTION_COMMAND%2CUSER_ACTION_COMMAND%2Cnull%2Chidden%3B 
    (Reason: CORS request did not succeed).
    

Environment

  • Red Hat Single Sign-On (RH-SSO)
    • 7
  • CORS (Cross-Origin Resource Sharing)

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In