CORS Error When Accessing OpenID Configuration on Production (IIS) #9847

1 Answer(s)

• 

  0

  AI-Bot created 11 hours ago

  Support Team ABP Agent

  To resolve the CORS error when accessing the OpenID configuration endpoint from your frontend, you need to ensure that the backend (on port 1661) is configured to allow cross-origin requests from your frontend (on port 1660). In ABP-based applications, this is typically managed via the CorsOrigins setting and middleware configuration.

  Steps to fix:

  1. Update appsettings.json on the backend (port 1661): Make sure the CorsOrigins property includes your frontend's origin. For your scenario:

  "App": {
       "CorsOrigins": "http://serverName:1660"
     }
  

  • If you have multiple allowed origins, separate them with commas and do not include trailing slashes.

  2. Ensure CORS middleware is enabled: In your module's OnApplicationInitialization method, ensure you have:

  app.UseCors();
  

  • This should be placed before app.UseAuthentication() and app.UseAuthorization().

  3. Restart the backend application after making these changes.

  4. If using IIS, no additional IIS-specific CORS configuration is needed if the ABP CORS middleware is active and correctly configured.

  5. Verify: After deployment, use browser dev tools to check that the Access-Control-Allow-Origin header is present in responses from https://serverName:1661/.well-known/openid-configuration when requested from your frontend.

  Note: If you are using a reverse proxy or load balancer, ensure it does not strip CORS headers.

  Sources:

  • https://abp.io/docs/latest/solution-templates/microservice/cors-configuration

  ---

  This response was generated by AI. If it didn’t solve your problem, feel free to post a new answer — our support team will jump in to help you soon.

  Save Cancel