Hi,
having read a lot of the questions here and on the web around SSPI it seems there are a few common misconceptions that are easily solved.
In the end 3 lines of code solved things for me - could you please add this info to your sample code?
Browser code to use SSPI:
you need to add credentials:include to the fetch request:
fetch(https://yourserver/auth, { method: 'GET', credentials:'include'})
your server needs to return the proper CORS headers:
Access-Control-Allow-Origin must be returned and cannot be * but must match the origin header of the incoming request
Access-Control-Allow-Credentials must be 'true'
That's it - couldn't be easier. Took a few hours though...
Thanks!
Hi, having read a lot of the questions here and on the web around SSPI it seems there are a few common misconceptions that are easily solved.
In the end 3 lines of code solved things for me - could you please add this info to your sample code?
Browser code to use SSPI:
https://yourserver/auth, { method: 'GET', credentials:'include'})That's it - couldn't be easier. Took a few hours though... Thanks!