Payload is joining Figma!Read the announcement
Simplify your stack and build anything. Or everything.
Schedule a Demo
USE CASES
Headless CMSEnterprise App BuilderHeadless E-CommerceDigital Asset Management
FEATURES
Multi-TenancyWhite LabelLocalizationAccess ControlAuth
CASE STUDIES

See what others are building with Payload.

Browse Case Studies
Build tomorrow’s web with a modern solution you truly own.
PAYLOAD IS FOR
DevelopersMarketing teamsEnterprise companiesAgencies & Consultancies
COMPARE PAYLOAD
Payload vs WordPressPayload vs ContentfulPayload vs SanityPayload vs StrapiPayload vs Directus
AGENCY TESTIMONIAL

"Payload has transformed the way our clients manage content. It's an indispensable tool for any modern agency."

Become a PartnerFind a Partner
Code-based nature means you can build on top of it to power anything.
Resources
DocumentationExamplesTemplatesGitHubReleasesBlogGuides & Tutorials
Community
RoadmapDiscordCommunity Help
Resources for Developers

Get the resources you need to start building today

Guides & TutorialsExplore Docs
It’s time to take back your content infrastructure.
Schedule a Demo
Enterprise Features
SSOAI Auto-EmbeddingPublishing WorkflowsVisual EditorStatic A/B testingAI features
Customer Stories
MicrosoftASICSBlue OriginHello BelloTekton
Featured Customer Story

Microsoft chose Payload to tell the world about AI.

Read the case studyBrowse all
LoginGet Started
Community Help

cors issue with passport-azure-ad-oauth2

default discord avatar
fpnv_71336last year
4

Hello Payload Community!


I have a weird issue with CORS onto my payload server when trying to authenticate with Azure AD passport strategy.



- I added the azure-ad-oauth2 strategy in my admins collection. (image 1)


- I added the admins/login/callback route in my express routes (which I'm not even sure is necessary, although adding it solved some issues, so I kept it until further notice) (image 2)


- I added CORS config in my payload config (image 3)


- My redirect urls are properly whitelisted in the app registration in my AD (image 4)



With all this setup, I am still unable to authenticate my admins with Azure AD passport strategy, and I am getting this CORS error in my browser console : Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at

https://login.windows.net/xxxxxx.onmicrosoft.com/oauth2/authorize?session=false&response_type=code&redirect_uri=http%3A%2F%2Flocalhost%3A3000%2Fadmins%2Flogin%2Fcallback%2F&client_id=xxxxxx

. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing). Status code: 302 (see image 5)



Am I missing something?



Thanks!



adding missing image 3



@482337150659198988

what's up?

  • default discord avatar
    maverick_crlast year

    sorry i got confused uu

  • default discord avatar
    fpnv_71336last year

    OK I managed to use this plugin to configure authentication :

    https://github.com/thgh/payload-plugin-oauth
  • default discord avatar
    emmanu31last year

    hi, could you please share how you did it?

  • default discord avatar
    augdustlast year
    @1134508034287210506

    i am trying to get Azure AD authentication working, did you end up making it work in your app? would love some pointers :)

Open

Continue the discussion in Discord

Star on GitHub

Star

Chat on Discord

Discord

online

Can't find what you're looking for?

Get dedicated engineering support directly from the Payload team.