/account/credentials/password succesful but returns CORS No Access-Control-Allow-Origin header present

nejcn001 · October 26, 2020, 1:09pm

Keycloak v11.0.0
Access type: confidential
We have custom login with JWT auth.

So we want to implement simple form where user can update his password on “current password” and “new password” form.

/account/credentials/password

Password updates but throws CORS error:
“Access to XMLHttpRequest at ‘https:///auth/realms//account/credentials/password’ from origin ‘http://localhost:4200’ has been blocked by CORS policy: No ‘Access-Control-Allow-Origin’ header is present on the requested resource.”

Web Origins is set to: *
Tried changing to + and settings “Valid Redirect URIs” to http://localhost:4200.

No difference.

We call /protocol/openid-connect/token in a simmilar way to refresh the token, but we dont get the CORS error there.

Topic		Replies	Views
Access-Control-Allow-Origin header missing Securing applications	26	77561	March 8, 2022
CORS issues with Javascript client Securing applications authentication	6	1096	March 7, 2021
CORS settings don't work Securing applications	6	9389	November 9, 2020
Fix CORS problem - No Access Control Allow Origin header is present on the requested resource Configuring the server	7	31281	March 18, 2020
No 'Access-Control-Allow-Origin' header is present on the requested resource in Keycloak 21	3	810	February 12, 2024

/account/credentials/password succesful but returns CORS No Access-Control-Allow-Origin header present

Related Topics