This repository has been archived by the owner on Jun 26, 2021. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 374
CORS usage
Navya Canumalla edited this page May 5, 2018
·
2 revisions
To make CORS API calls, you need to specify the list of API endpoints in the endpoints config option.
Example Angular JS snippet:
// endpoint to resource mapping
var endpoints = {
"https://yourhost/api": "b6a68585-5287-45b2-ba82-383ba1f60932",
};
adalAuthenticationServiceProvider.init(
{
tenant: "52d4b072-9470-49fb-8721-bc3a1c9912a1", // Optional by default, it sends common
clientId: "e9a5a8b6-8af7-4719-9821-0deef255f68e", // Required
endpoints: endpoints // If you need to send CORS API requests.
},
$httpProvider // pass http provider to inject request interceptor to attach tokens
);ADAL's interceptor gets the access tokens using a hidden Iframe for the given CORS API endpoints. The Iframe accesses cookies for the same domain that you did the initial sign in.
Note: Since IE does not allow to access cookies in an IFrame for localhost, your URL needs to be a fully qualified domain i.e http://yoursite.azurewebsites.com. Chrome does not have this restriction.
The app code calling the API needs to be as shown below. Note that in your API project, you must enable CORS API support to receive pre-flight requests.
'use strict';
app.factory('contactService', ['$http', function ($http) {
var serviceFactory = {};
var _getItems = function () {
$http.defaults.useXDomain = true;
delete $http.defaults.headers.common['X-Requested-With'];
return $http.get('http://adaljscors.azurewebsites.net/api/contacts');
};
serviceFactory.getItems = _getItems;
return serviceFactory;
}]);You can check out this full sample for a CORS API example.