Access-Control-Allow-Origin

Hello to all,
I’m using angular 11 with Keycloak 12.0.4,I have a problem with the CORS policy for my public URLs, I’m stuck on it since two days, despite the fact that I found topics talking about the same problem and tried what was suggested on the answers, I could not solve the problem.

i tried this
https://stackoverflow.com/questions/45051923/keycloak-angular-no-access-control-allow-origin-header-is-present
and it didn’t work for me

here is the error message and the configuration of the client keycloak:

http://localhost:4200’ has been blocked by CORS policy: Response to preflight request doesn’t pass access control check: No ‘Access-Control-Allow-Origin’ header is present on the requested resource

Someone has an idea of what I should do ?

THANK YOU IN ADVENCED

@jominga , @jangaraj , @elenajp, @kerstel @daryaorel @Najm_R @ibrabool @spagop @nejcn001 @Vrokn

i will be grateful if you can help me :pray:

@kevinarthur @Johannes @uugan , @opsnull , @littleboss @karolalexander @khteh @reinhapa @ola.sheryf @apellizzn

i will be grateful if you can help me :pray:

@mlleal @crozarakamilla @aludwig @R4nmaru @Ziefin @roastedcpu @AAverin @zonaut @chefban @kevcal69

i will be grateful if you can help me :pray:

@afvg @igorroman777 @blanchjj @Robinyo @cinhil @VincentSch4rf @abstractj

i will be grateful if you can help me :pray:

Funny, I faced this exact problem yesterday.

My solution was:

  1. Go to your realm
  2. Go to “Roles” and select “Default Roles”
  3. Go to “Client Roles” and select “account”
  4. Add “view-profile” to Client Default Roles

Hope this helps :slight_smile:

Check under Client scopes if you added “web-origins” to the Assigned Default Client Scopes

@jominga thank you for answering me,
it is already selected,
I always have the error.

@R4nmaru thank you for answering me,
it is already selected,
I always have the error.

you can try changing the Fine Grain OpenID Connect Configuration for Access and Id token to RS256 or try to toggle on full Scope allowed under “Scope”

At the beginning i tested my public ROOT with Postman and it’s OK, so i thaught that the problem is on the frontend part or Keycloak,
i tried lot of proposed solutions and nothing worked,

Finally the problem was on the backand,
as I’m using spring boot I added this header to my method response

        HttpHeaders headers = new HttpHeaders();
        headers.set("Access-Control-Allow-Origin", "*");

       return ResponseEntity.ok().headers(headers).body(Data);