Thanks for a platform. It’s very greatfull to have okta on my app.
I am developing rest services and consuming those by ajax.
Now I have secured my web service with okta and it is working well when I invoke from chrome or any browser. But If I tried to consume from Jquery/ajax, I am getting below error. Could anyone from your team can help on this.
I have used python, flask to develop web services and used OpenIdConnect (flask_oidc) for authentication.
Piece of code
@app.before_request
def before_request():
print("Before request",oidc.user_loggedin)
if oidc.user_loggedin:
#print("access token",oidc.get_access_token())
print("sub",oidc.user_getinfo(["name"]))
g.user = oidc.user_getfield("name")
else:
g.user = None
@app.route('/ai/docsearchStatus', methods = ['GET'])
@cross_origin(origin='*')
@oidc.require_login
def getHealthstatus():
response = {}
response['user'] = g.user
response=json.dumps(response);
return response
Jquery/Ajax is using to invoke the web service.
$.ajax({
type:"GET",
url: https://mywebsite.com/ai/docsearchStatus,
beforeSend: function(xhr) {
xhr.setRequestHeader("Access-Control-Allow-Origin", "*");
xhr.setRequestHeader("Accept", "application/json");
xhr.setRequestHeader("Content-Type", "application/json");
},
success:function(data, textStatus, XMLHttpRequest){
},
error:function(XMLHttpRequest, textStatus, errorThrown){
//fnHideLoader();
}
});
Error is :
Failed to load https://mycompany.okta.com/oauth2/ausl2cu6foKJx4WXS0x7/v1/authorize? Response to preflight request doesn’t pass access control check: No ‘Access-Control-Allow-Origin’ header is present on the requested resource. Origin 'https://mywebsite.com’is therefore not allowed access.
Can any one help o this.