cors issue with passport-azure-ad-oauth2

fpnv_71336

last month

Hello Payload Community!

I have a weird issue with CORS onto my payload server when trying to authenticate with Azure AD passport strategy.

- I added the azure-ad-oauth2 strategy in my admins collection. (image 1)

- I added the admins/login/callback route in my express routes (which I'm not even sure is necessary, although adding it solved some issues, so I kept it until further notice) (image 2)

- I added CORS config in my payload config (image 3)

- My redirect urls are properly whitelisted in the app registration in my AD (image 4)

With all this setup, I am still unable to authenticate my admins with Azure AD passport strategy, and I am getting this CORS error in my browser console : Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at

https://login.windows.net/xxxxxx.onmicrosoft.com/oauth2/authorize?session=false&response_type=code&redirect_uri=http%3A%2F%2Flocalhost%3A3000%2Fadmins%2Flogin%2Fcallback%2F&client_id=xxxxxx

. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing). Status code: 302 (see image 5)

Am I missing something?

Thanks!

adding missing image 3

@maverick_cr what's up?

maverick_cr
last month
sorry i got confused uu
fpnv_71336
last month
OK I managed to use this plugin to configure authentication :
https://github.com/thgh/payload-plugin-oauth

Open the post

Continue the discussion in Discord

Like what we're doing?
Star us on GitHub!

Star

Connect with the Payload Community on Discord

Discord

online

Can't find what you're looking for?

Get help straight from the Payload team with an Enterprise License.