You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I'm using the oidc-client library to authenticate users in a web browser (Chrome 77, in this case), and after successfully authenticating a user with ORCID it makes a cross-domain request to fetch the user's profile information.
Unfortunately an OPTIONS request to https://sandbox.orcid.org/oauth/userinfo fails: the request contains a Access-Control-Request-Headers: authorization header but the response has only access-control-allow-headers: X-Requested-With,Origin,Content-Type,Accept,x-csrf-token - authorization is missing from the allowed headers.
Would it be possible to add authorization to the list of allowed headers?
The text was updated successfully, but these errors were encountered:
hubgit
added a commit
to hubgit/ORCID-Source
that referenced
this issue
Dec 11, 2019
Requests to `/oauth/userinfo` are authenticated using a Bearer token in the `Authorization` header, so this needs to be added to the list of allowed headers in `Access-Control-Allow-Headers`.
fixesORCID#5675
I'm using the
oidc-client
library to authenticate users in a web browser (Chrome 77, in this case), and after successfully authenticating a user with ORCID it makes a cross-domain request to fetch the user's profile information.Unfortunately an OPTIONS request to https://sandbox.orcid.org/oauth/userinfo fails: the request contains a
Access-Control-Request-Headers: authorization
header but the response has onlyaccess-control-allow-headers: X-Requested-With,Origin,Content-Type,Accept,x-csrf-token
-authorization
is missing from the allowed headers.Would it be possible to add
authorization
to the list of allowed headers?The text was updated successfully, but these errors were encountered: