I have angular app.
When I set the access type to confidential I get CORS errors in the browser and no ‘Access-Control-Allow-Origin’ header is present.
When switching to public I get no CORS Problem and I can see the ‘Access-Control-Allow-Origin’ headers.
I see that it does not make much sense to set the access to confidation using a angular app where the secret can bee seen in the browser.
Still I am wondering if my observation are correct and that they make sense.
Thanks for any input