Closed vddgil closed 4 months ago
Do you have any localhost redirectUris registered under any other type, such as Web? If a redirectUri is registered as multiple types the auth server will arbitrarily pick one and you will get CORS errors if it didn't use the SPA type.
Hello @tnorling , Thanks for your answer. No, I don't have my URLs in another type ... Here is a screenshot of the config page.
Hey @vddgil. Thanks for sharing the trace file and logs.
I have discovered that https://login.microsoftonline.com/common/oauth2/v2.0/token
POST request contains the unexpected content-type content-type: text/plain;charset=UTF-8
by looking at the network trace (line 168). MSAL.js always sets the content type to application/x-www-form-urlencoded;charset=utf-8
in BaseClient and expects this header to remain intact. Otherwise, the auth server throws 400 (bad request).
Is there a chance your app contains a network interceptor, or you are injecting a custom network client that drops/changes headers?
Hello @konstantin-msft, Thanks a lot for your investigation, it led me in the right direction. It was a network performance library messing up the headers :( I updated the library and everything is working fine now.
Core Library
MSAL.js (@azure/msal-browser)
Core Library Version
3.14.0
Wrapper Library
Not Applicable
Wrapper Library Version
0.0.0
Public or Confidential Client?
Public
Description
We have 3 Azure app registrations to handle Microsoft login (one for development, one for staging, and one for production) For 3-4 weeks, we have 100% cors issues in development, 100% in staging, and sometimes in production. We will discuss the development issue here, hopefully, it will fix the staging and prod at the same time).
So, we get the CORS error when calling acquireTokenPopup from https://login.microsoftonline.com/common/oauth2/v2.0/token endpoint. We configured a while ago the spa Redirect URIs in Azure portal (like I said it was working before).
I sent the HAR file.
Thanks a lot for your help !
Error Message
Access to fetch at 'https://login.microsoftonline.com/common/oauth2/v2.0/token' from origin 'https://localhost:3001' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
MSAL Logs
Navigated to https://localhost:3001/login microsoft.ts:31 [Fri, 10 May 2024 08:21:19 GMT] : [] : @azure/msal-browser@3.14.0 : Verbose - BrowserCrypto: modern crypto interface available microsoft.ts:39 [Fri, 10 May 2024 08:21:19 GMT] : [] : @azure/msal-browser@3.14.0 : Trace - initialize called microsoft.ts:27 [Fri, 10 May 2024 08:21:19 GMT] : [] : @azure/msal-browser@3.14.0 : Info - Emitting event: msal:initializeStart microsoft.ts:31 [Fri, 10 May 2024 08:21:19 GMT] : [] : @azure/msal-browser@3.14.0 : Verbose - Claims-based caching is disabled. Clearing the previous cache with claims microsoft.ts:39 [Fri, 10 May 2024 08:21:19 GMT] : [] : @azure/msal-browser@3.14.0 : Trace - Executing function clearTokensAndKeysWithClaims microsoft.ts:39 [Fri, 10 May 2024 08:21:19 GMT] : [] : @azure/msal-browser@3.14.0 : Trace - BrowserCacheManager.getTokenKeys called microsoft.ts:31 [Fri, 10 May 2024 08:21:19 GMT] : [] : @azure/msal-browser@3.14.0 : Verbose - BrowserCacheManager.getTokenKeys - No token keys found microsoft.ts:31 [Fri, 10 May 2024 08:21:36 GMT] : [018f6197-e993-704d-8928-2bb66d1881a7] : @azure/msal-browser@3.14.0 : Verbose - acquireTokenPopup called microsoft.ts:39 [Fri, 10 May 2024 08:21:36 GMT] : [] : @azure/msal-browser@3.14.0 : Trace - BrowserCacheManager.getTemporaryCache: No cache item found in local storage microsoft.ts:31 [Fri, 10 May 2024 08:21:36 GMT] : [] : @azure/msal-browser@3.14.0 : Verbose - getAllAccounts called microsoft.ts:39 [Fri, 10 May 2024 08:21:36 GMT] : [] : @azure/msal-browser@3.14.0 : Trace - BrowserCacheManager.getAccountKeys called microsoft.ts:31 [Fri, 10 May 2024 08:21:36 GMT] : [] : @azure/msal-browser@3.14.0 : Verbose - BrowserCacheManager.getAccountKeys - No account keys found microsoft.ts:27 [Fri, 10 May 2024 08:21:36 GMT] : [] : @azure/msal-browser@3.14.0 : Info - Emitting event: msal:loginStart microsoft.ts:39 [Fri, 10 May 2024 08:21:36 GMT] : [] : @azure/msal-browser@3.14.0 : Trace - canUseNative called microsoft.ts:39 [Fri, 10 May 2024 08:21:36 GMT] : [] : @azure/msal-browser@3.14.0 : Trace - isNativeAvailable called microsoft.ts:39 [Fri, 10 May 2024 08:21:36 GMT] : [] : @azure/msal-browser@3.14.0 : Trace - isNativeAvailable: allowNativeBroker is not enabled, returning false microsoft.ts:39 [Fri, 10 May 2024 08:21:36 GMT] : [] : @azure/msal-browser@3.14.0 : Trace - canUseNative: isNativeAvailable returned false, returning false microsoft.ts:31 [Fri, 10 May 2024 08:21:36 GMT] : [018f6197-e993-704d-8928-2bb66d1881a7] : msal.js.browser@3.14.0 : Verbose - asyncPopup set to false, opening popup before acquiring token microsoft.ts:31 [Fri, 10 May 2024 08:21:36 GMT] : [018f6197-e993-704d-8928-2bb66d1881a7] : msal.js.browser@3.14.0 : Verbose - Default popup window width used. Window width not configured or invalid. microsoft.ts:31 [Fri, 10 May 2024 08:21:36 GMT] : [018f6197-e993-704d-8928-2bb66d1881a7] : msal.js.browser@3.14.0 : Verbose - Default popup window height used. Window height not configured or invalid. microsoft.ts:31 [Fri, 10 May 2024 08:21:36 GMT] : [018f6197-e993-704d-8928-2bb66d1881a7] : msal.js.browser@3.14.0 : Verbose - Default popup window top position used. Window top not configured or invalid. microsoft.ts:31 [Fri, 10 May 2024 08:21:36 GMT] : [018f6197-e993-704d-8928-2bb66d1881a7] : msal.js.browser@3.14.0 : Verbose - Default popup window left position used. Window left not configured or invalid. microsoft.ts:31 [Fri, 10 May 2024 08:21:36 GMT] : [018f6197-e993-704d-8928-2bb66d1881a7] : msal.js.browser@3.14.0 : Verbose - acquireTokenPopupAsync called microsoft.ts:31 [Fri, 10 May 2024 08:21:36 GMT] : [018f6197-e993-704d-8928-2bb66d1881a7] : msal.js.browser@3.14.0 : Verbose - initializeServerTelemetryManager called microsoft.ts:39 [Fri, 10 May 2024 08:21:36 GMT] : [018f6197-e993-704d-8928-2bb66d1881a7] : msal.js.browser@3.14.0 : Trace - Executing function standardInteractionClientInitializeAuthorizationRequest microsoft.ts:31 [Fri, 10 May 2024 08:21:36 GMT] : [018f6197-e993-704d-8928-2bb66d1881a7] : msal.js.browser@3.14.0 : Verbose - getRedirectUri called microsoft.ts:39 [Fri, 10 May 2024 08:21:36 GMT] : [018f6197-e993-704d-8928-2bb66d1881a7] : msal.js.browser@3.14.0 : Trace - Executing function initializeBaseRequest microsoft.ts:31 [Fri, 10 May 2024 08:21:36 GMT] : [018f6197-e993-704d-8928-2bb66d1881a7] : msal.js.browser@3.14.0 : Verbose - Authentication Scheme wasn't explicitly set in request, defaulting to "Bearer" request microsoft.ts:39 [Fri, 10 May 2024 08:21:36 GMT] : [018f6197-e993-704d-8928-2bb66d1881a7] : msal.js.browser@3.14.0 : Trace - Returning result from initializeBaseRequest microsoft.ts:39 [Fri, 10 May 2024 08:21:36 GMT] : [] : @azure/msal-browser@3.14.0 : Trace - BrowserCacheManager.getActiveAccount: No active account filters cache schema found, looking for legacy schema microsoft.ts:39 [Fri, 10 May 2024 08:21:36 GMT] : [] : @azure/msal-browser@3.14.0 : Trace - BrowserCacheManager.getActiveAccount: No active account found microsoft.ts:39 [Fri, 10 May 2024 08:21:36 GMT] : [] : @azure/msal-browser@3.14.0 : Trace - BrowserCacheManager.getTemporaryCache: No cache item found in local storage microsoft.ts:39 [Fri, 10 May 2024 08:21:36 GMT] : [] : @azure/msal-browser@3.14.0 : Trace - BrowserCacheManager.getTemporaryCache: No cache item found in local storage microsoft.ts:39 [Fri, 10 May 2024 08:21:36 GMT] : [018f6197-e993-704d-8928-2bb66d1881a7] : msal.js.browser@3.14.0 : Trace - Returning result from standardInteractionClientInitializeAuthorizationRequest microsoft.ts:39 [Fri, 10 May 2024 08:21:36 GMT] : [018f6197-e993-704d-8928-2bb66d1881a7] : msal.js.browser@3.14.0 : Trace - Executing function standardInteractionClientInitializeAuthorizationCodeRequest microsoft.ts:39 [Fri, 10 May 2024 08:21:36 GMT] : [018f6197-e993-704d-8928-2bb66d1881a7] : msal.js.browser@3.14.0 : Trace - Executing function generatePkceCodes microsoft.ts:39 [Fri, 10 May 2024 08:21:36 GMT] : [018f6197-e993-704d-8928-2bb66d1881a7] : msal.js.browser@3.14.0 : Trace - Executing function generateCodeVerifier microsoft.ts:39 [Fri, 10 May 2024 08:21:36 GMT] : [018f6197-e993-704d-8928-2bb66d1881a7] : msal.js.browser@3.14.0 : Trace - Executing function getRandomValues microsoft.ts:39 [Fri, 10 May 2024 08:21:36 GMT] : [018f6197-e993-704d-8928-2bb66d1881a7] : msal.js.browser@3.14.0 : Trace - Returning result from getRandomValues microsoft.ts:39 [Fri, 10 May 2024 08:21:36 GMT] : [018f6197-e993-704d-8928-2bb66d1881a7] : msal.js.browser@3.14.0 : Trace - Returning result from generateCodeVerifier microsoft.ts:39 [Fri, 10 May 2024 08:21:36 GMT] : [018f6197-e993-704d-8928-2bb66d1881a7] : msal.js.browser@3.14.0 : Trace - Executing function generateCodeChallengeFromVerifier microsoft.ts:39 [Fri, 10 May 2024 08:21:36 GMT] : [018f6197-e993-704d-8928-2bb66d1881a7] : msal.js.browser@3.14.0 : Trace - Executing function sha256Digest microsoft.ts:39 [Fri, 10 May 2024 08:21:36 GMT] : [018f6197-e993-704d-8928-2bb66d1881a7] : msal.js.browser@3.14.0 : Trace - Returning result from sha256Digest microsoft.ts:39 [Fri, 10 May 2024 08:21:36 GMT] : [018f6197-e993-704d-8928-2bb66d1881a7] : msal.js.browser@3.14.0 : Trace - Returning result from generateCodeChallengeFromVerifier microsoft.ts:39 [Fri, 10 May 2024 08:21:36 GMT] : [018f6197-e993-704d-8928-2bb66d1881a7] : msal.js.browser@3.14.0 : Trace - Returning result from generatePkceCodes microsoft.ts:39 [Fri, 10 May 2024 08:21:36 GMT] : [018f6197-e993-704d-8928-2bb66d1881a7] : msal.js.browser@3.14.0 : Trace - Returning result from standardInteractionClientInitializeAuthorizationCodeRequest microsoft.ts:39 [Fri, 10 May 2024 08:21:36 GMT] : [018f6197-e993-704d-8928-2bb66d1881a7] : msal.js.browser@3.14.0 : Trace - Executing function standardInteractionClientCreateAuthCodeClient microsoft.ts:39 [Fri, 10 May 2024 08:21:36 GMT] : [018f6197-e993-704d-8928-2bb66d1881a7] : msal.js.browser@3.14.0 : Trace - Executing function standardInteractionClientGetClientConfiguration microsoft.ts:39 [Fri, 10 May 2024 08:21:36 GMT] : [018f6197-e993-704d-8928-2bb66d1881a7] : msal.js.browser@3.14.0 : Trace - Executing function standardInteractionClientGetDiscoveredAuthority microsoft.ts:39 [Fri, 10 May 2024 08:21:36 GMT] : [018f6197-e993-704d-8928-2bb66d1881a7] : msal.js.browser@3.14.0 : Trace - Executing function authorityFactoryCreateDiscoveredInstance microsoft.ts:39 [Fri, 10 May 2024 08:21:36 GMT] : [018f6197-e993-704d-8928-2bb66d1881a7] : msal.js.browser@3.14.0 : Trace - Executing function authorityResolveEndpointsAsync microsoft.ts:39 [Fri, 10 May 2024 08:21:36 GMT] : [018f6197-e993-704d-8928-2bb66d1881a7] : msal.js.browser@3.14.0 : Trace - Executing function authorityUpdateCloudDiscoveryMetadata microsoft.ts:31 [Fri, 10 May 2024 08:21:36 GMT] : [018f6197-e993-704d-8928-2bb66d1881a7] : msal.js.browser@3.14.0 : Verbose - Attempting to get cloud discovery metadata from authority configuration microsoft.ts:31 [Fri, 10 May 2024 08:21:36 GMT] : [018f6197-e993-704d-8928-2bb66d1881a7] : msal.js.browser@3.14.0 : Verbose - Did not find cloud discovery metadata in the config... Attempting to get cloud discovery metadata from the hardcoded values. microsoft.ts:31 [Fri, 10 May 2024 08:21:36 GMT] : [018f6197-e993-704d-8928-2bb66d1881a7] : msal.js.browser@3.14.0 : Verbose - Found cloud discovery metadata from hardcoded values. microsoft.ts:39 [Fri, 10 May 2024 08:21:36 GMT] : [018f6197-e993-704d-8928-2bb66d1881a7] : msal.js.browser@3.14.0 : Trace - Returning result from authorityUpdateCloudDiscoveryMetadata microsoft.ts:39 [Fri, 10 May 2024 08:21:36 GMT] : [018f6197-e993-704d-8928-2bb66d1881a7] : msal.js.browser@3.14.0 : Trace - Executing function authorityUpdateEndpointMetadata microsoft.ts:31 [Fri, 10 May 2024 08:21:36 GMT] : [018f6197-e993-704d-8928-2bb66d1881a7] : msal.js.browser@3.14.0 : Verbose - Attempting to get endpoint metadata from authority configuration microsoft.ts:31 [Fri, 10 May 2024 08:21:36 GMT] : [018f6197-e993-704d-8928-2bb66d1881a7] : msal.js.browser@3.14.0 : Verbose - Did not find endpoint metadata in the config... Attempting to get endpoint metadata from the hardcoded values. microsoft.ts:39 [Fri, 10 May 2024 08:21:36 GMT] : [018f6197-e993-704d-8928-2bb66d1881a7] : msal.js.browser@3.14.0 : Trace - Returning result from authorityUpdateEndpointMetadata microsoft.ts:39 [Fri, 10 May 2024 08:21:36 GMT] : [] : @azure/msal-browser@3.14.0 : Trace - BrowserCacheManager.setAuthorityMetadata called microsoft.ts:39 [Fri, 10 May 2024 08:21:36 GMT] : [018f6197-e993-704d-8928-2bb66d1881a7] : msal.js.browser@3.14.0 : Trace - Returning result from authorityResolveEndpointsAsync microsoft.ts:39 [Fri, 10 May 2024 08:21:36 GMT] : [018f6197-e993-704d-8928-2bb66d1881a7] : msal.js.browser@3.14.0 : Trace - Returning result from authorityFactoryCreateDiscoveredInstance microsoft.ts:39 [Fri, 10 May 2024 08:21:36 GMT] : [018f6197-e993-704d-8928-2bb66d1881a7] : msal.js.browser@3.14.0 : Trace - Returning result from standardInteractionClientGetDiscoveredAuthority microsoft.ts:39 [Fri, 10 May 2024 08:21:36 GMT] : [018f6197-e993-704d-8928-2bb66d1881a7] : msal.js.browser@3.14.0 : Trace - Returning result from standardInteractionClientGetClientConfiguration microsoft.ts:39 [Fri, 10 May 2024 08:21:36 GMT] : [018f6197-e993-704d-8928-2bb66d1881a7] : msal.js.browser@3.14.0 : Trace - Returning result from standardInteractionClientCreateAuthCodeClient microsoft.ts:39 [Fri, 10 May 2024 08:21:36 GMT] : [018f6197-e993-704d-8928-2bb66d1881a7] : msal.js.browser@3.14.0 : Trace - isNativeAvailable called microsoft.ts:39 [Fri, 10 May 2024 08:21:36 GMT] : [018f6197-e993-704d-8928-2bb66d1881a7] : msal.js.browser@3.14.0 : Trace - isNativeAvailable: allowNativeBroker is not enabled, returning false microsoft.ts:39 [Fri, 10 May 2024 08:21:36 GMT] : [018f6197-e993-704d-8928-2bb66d1881a7] : @azure/msal-common@14.10.0 : Trace - Executing function authClientCreateQueryString microsoft.ts:39 [Fri, 10 May 2024 08:21:36 GMT] : [018f6197-e993-704d-8928-2bb66d1881a7] : @azure/msal-common@14.10.0 : Trace - Returning result from authClientCreateQueryString microsoft.ts:27 [Fri, 10 May 2024 08:21:36 GMT] : [] : @azure/msal-browser@3.14.0 : Info - Emitting event: msal:popupOpened microsoft.ts:31 [Fri, 10 May 2024 08:21:36 GMT] : [018f6197-e993-704d-8928-2bb66d1881a7] : msal.js.browser@3.14.0 : Verbose - PopupHandler.monitorPopupForHash - polling started microsoft.ts:31 [Fri, 10 May 2024 08:21:38 GMT] : [018f6197-e993-704d-8928-2bb66d1881a7] : msal.js.browser@3.14.0 : Verbose - PopupHandler.monitorPopupForHash - popup window is on same origin as caller microsoft.ts:39 [Fri, 10 May 2024 08:21:38 GMT] : [] : @azure/msal-browser@3.14.0 : Trace - BrowserCacheManager.getTemporaryCache: Temporary cache item returned microsoft.ts:39 [Fri, 10 May 2024 08:21:38 GMT] : [018f6197-e993-704d-8928-2bb66d1881a7] : msal.js.browser@3.14.0 : Trace - Executing function deserializeResponse microsoft.ts:39 [Fri, 10 May 2024 08:21:38 GMT] : [018f6197-e993-704d-8928-2bb66d1881a7] : msal.js.browser@3.14.0 : Trace - Returning result from deserializeResponse microsoft.ts:39 [Fri, 10 May 2024 08:21:38 GMT] : [018f6197-e993-704d-8928-2bb66d1881a7] : msal.js.browser@3.14.0 : Trace - Executing function handleCodeResponseFromServer microsoft.ts:39 [Fri, 10 May 2024 08:21:38 GMT] : [018f6197-e993-704d-8928-2bb66d1881a7] : msal.js.browser@3.14.0 : Trace - InteractionHandler.handleCodeResponseFromServer called microsoft.ts:39 [Fri, 10 May 2024 08:21:38 GMT] : [018f6197-e993-704d-8928-2bb66d1881a7] : msal.js.browser@3.14.0 : Trace - Executing function authClientAcquireToken microsoft.ts:39 [Fri, 10 May 2024 08:21:38 GMT] : [018f6197-e993-704d-8928-2bb66d1881a7] : @azure/msal-common@14.10.0 : Trace - Executing function authClientExecuteTokenRequest microsoft.ts:39 [Fri, 10 May 2024 08:21:38 GMT] : [018f6197-e993-704d-8928-2bb66d1881a7] : @azure/msal-common@14.10.0 : Trace - Executing function authClientCreateTokenRequestBody microsoft.ts:39 [Fri, 10 May 2024 08:21:38 GMT] : [] : @azure/msal-browser@3.14.0 : Trace - BrowserCacheManager.getServerTelemetry: cache hit microsoft.ts:39 [Fri, 10 May 2024 08:21:38 GMT] : [018f6197-e993-704d-8928-2bb66d1881a7] : @azure/msal-common@14.10.0 : Trace - Returning result from authClientCreateTokenRequestBody microsoft.ts:39 [Fri, 10 May 2024 08:21:38 GMT] : [018f6197-e993-704d-8928-2bb66d1881a7] : @azure/msal-common@14.10.0 : Trace - Executing function authorizationCodeClientExecutePostToTokenEndpoint microsoft.ts:39 [Fri, 10 May 2024 08:21:38 GMT] : [] : @azure/msal-browser@3.14.0 : Trace - BrowserCacheManager.getThrottlingCache: called, no cache hit login:1 Access to fetch at 'https://login.microsoftonline.com/common/oauth2/v2.0/token' from origin 'https://localhost:3001' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled. microsoft.ts:56
fetch @ request-tracker-fetch.js:28 (anonymous) @ bugsnag.js:2980 fetch @ bugsnag.js:2978 sendPostRequestAsync @ FetchClient.mjs:57 sendPostRequest @ NetworkManager.mjs:29 executePostToTokenEndpoint @ BaseClient.mjs:78 (anonymous) @ FunctionWrappers.mjs:77 executeTokenRequest @ AuthorizationCodeClient.mjs:138 await in executeTokenRequest (async) (anonymous) @ FunctionWrappers.mjs:77 acquireToken @ AuthorizationCodeClient.mjs:66 (anonymous) @ FunctionWrappers.mjs:77 handleCodeResponseFromServer @ InteractionHandler.mjs:75 (anonymous) @ FunctionWrappers.mjs:77 handleCodeResponse @ InteractionHandler.mjs:40 acquireTokenPopupAsync @ PopupClient.mjs:148 await in acquireTokenPopupAsync (async) acquireToken @ PopupClient.mjs:44 acquireTokenPopup @ StandardController.mjs:360 acquireTokenPopup @ PublicClientApplication.mjs:66 acquireTokenPopup @ microsoft.ts:56 loginWithMicrosoft @ AuthEngine.ts:306 executeAction @ mobx.esm.js:1221 loginWithMicrosoft @ mobx.esm.js:1209 LoginFormViewModel.loginWithMicrosoft @ LoginFormViewModel.ts:84 executeAction @ mobx.esm.js:1221 LoginFormViewModel@147.loginWithMicrosoft @ mobx.esm.js:1209 callCallback @ react-dom.development.js:3724 trace @ bugsnag.js:2616 invokeGuardedCallbackDev @ react-dom.development.js:3768 invokeGuardedCallback @ react-dom.development.js:3825 invokeGuardedCallbackAndCatchFirstError @ react-dom.development.js:3839 executeDispatch @ react-dom.development.js:7982 processDispatchQueueItemsInOrder @ react-dom.development.js:8008 processDispatchQueue @ react-dom.development.js:8019 dispatchEventsForPlugins @ react-dom.development.js:8028 (anonymous) @ react-dom.development.js:8188 batchedUpdates$1 @ react-dom.development.js:22577 batchedUpdates @ react-dom.development.js:3572 dispatchEventForPluginEventSystem @ react-dom.development.js:8187 dispatchEventWithEnableCapturePhaseSelectiveHydrationWithoutDiscreteEventReplay @ react-dom.development.js:5694 dispatchEvent @ react-dom.development.js:5688 dispatchDiscreteEvent @ react-dom.development.js:5665 trace @ bugsnag.js:2616 Show 39 more frames Show less microsoft.ts:39 [Fri, 10 May 2024 08:21:38 GMT] : [018f6197-e993-704d-8928-2bb66d1881a7] : @azure/msal-common@14.10.0 : Trace - Error occurred in authorizationCodeClientExecutePostToTokenEndpoint microsoft.ts:39 [Fri, 10 May 2024 08:21:38 GMT] : [018f6197-e993-704d-8928-2bb66d1881a7] : @azure/msal-common@14.10.0 : Trace - {"errorCode":"post_request_failed","errorMessage":"Network request failed: If the browser threw a CORS error, check that the redirectUri is registered in the Azure App Portal as type 'SPA'","subError":"","name":"BrowserAuthError"} microsoft.ts:39 [Fri, 10 May 2024 08:21:38 GMT] : [018f6197-e993-704d-8928-2bb66d1881a7] : @azure/msal-common@14.10.0 : Trace - Error occurred in authClientExecuteTokenRequest microsoft.ts:39 [Fri, 10 May 2024 08:21:38 GMT] : [018f6197-e993-704d-8928-2bb66d1881a7] : @azure/msal-common@14.10.0 : Trace - {"errorCode":"post_request_failed","errorMessage":"Network request failed: If the browser threw a CORS error, check that the redirectUri is registered in the Azure App Portal as type 'SPA'","subError":"","name":"BrowserAuthError"} microsoft.ts:39 [Fri, 10 May 2024 08:21:38 GMT] : [018f6197-e993-704d-8928-2bb66d1881a7] : msal.js.browser@3.14.0 : Trace - Error occurred in authClientAcquireToken microsoft.ts:39 [Fri, 10 May 2024 08:21:38 GMT] : [018f6197-e993-704d-8928-2bb66d1881a7] : msal.js.browser@3.14.0 : Trace - {"errorCode":"post_request_failed","errorMessage":"Network request failed: If the browser threw a CORS error, check that the redirectUri is registered in the Azure App Portal as type 'SPA'","subError":"","name":"BrowserAuthError"} microsoft.ts:39 [Fri, 10 May 2024 08:21:38 GMT] : [018f6197-e993-704d-8928-2bb66d1881a7] : msal.js.browser@3.14.0 : Trace - Error occurred in handleCodeResponseFromServer microsoft.ts:39 [Fri, 10 May 2024 08:21:38 GMT] : [018f6197-e993-704d-8928-2bb66d1881a7] : msal.js.browser@3.14.0 : Trace - {"errorCode":"post_request_failed","errorMessage":"Network request failed: If the browser threw a CORS error, check that the redirectUri is registered in the Azure App Portal as type 'SPA'","subError":"","name":"BrowserAuthError"} microsoft.ts:39 [Fri, 10 May 2024 08:21:38 GMT] : [] : @azure/msal-browser@3.14.0 : Trace - BrowserCacheManager.getServerTelemetry: cache hit microsoft.ts:39 [Fri, 10 May 2024 08:21:38 GMT] : [] : @azure/msal-browser@3.14.0 : Trace - BrowserCacheManager.setServerTelemetry called microsoft.ts:27 [Fri, 10 May 2024 08:21:38 GMT] : [] : @azure/msal-browser@3.14.0 : Info - Emitting event: msal:loginFailure
Network Trace (Preferrably Fiddler)
MSAL Configuration
Relevant Code Snippets
Reproduction Steps
We have the same issue on our staging env, I'll send you the info by email with the har file
Expected Behavior
It should not have CORS error and accept to get the token.
Identity Provider
Entra ID (formerly Azure AD) / MSA
Browsers Affected (Select all that apply)
Chrome
Regression
No response
Source
External (Customer)